Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

is it a virus, spyware, malware, or simply good old windoze?


  • Please log in to reply

#1
irishmic

irishmic

    New Member

  • Member
  • Pip
  • 1 posts
I Feel there isn't a single item of malware impeding the proper functioning of my machine, but a collection of incompatibilities, inter-dependencies not established, and perhaps the odd program conflict. I am not a geek, rather a "wannabe" and therefore not a complete novice.

I will recount my problems and action taken briefly in approx. Reverse chronological order - this is only way I can reliably recall events (I am 73 after all!!).

  • today downloaded live mail and it is installed/working normally (hooray!!!)
  • last error today was Killbox "is not a valid win32 application"
  • installed Outlook and/from Office 2010
  • Windows Essential download failed 4 or 5 times (error msge "corrupted installation file" - 5 times!!!?)
  • Windows Live Mail locked in off-line mode (caused by IE9?)
  • had to repeat a few download attempts of several progs (very unusual event)
  • all software is up-to-date (verified by Secunia psi).
I Googled all the error messages and had a merry old time going round in circles until I decided to ask you for help.
I realize a fresh installation of Win7 would probably do the trick, but is such a pain in the butt that I would prefer to avoid doing so.

Thanks for any help you may give (even if it is only "bu***r off and endure some pain in the a***!)



Otl Logfile Created On: 13/09/2013 17:17:21 - Run 1
Otl By Oldtimer - Version 3.2.69.0 Folder = C:\Users\Mike\Downloads
64Bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = Ntworkstation
Internet Explorer (Version = 9.10.9200.16686)
Locale: 00000809 | Country: United Kingdom | Language: Eng | Date Format: Dd/Mm/Yyyy

7.94 Gb Total Physical Memory | 5.63 Gb Available Physical Memory | 70.93% Memory Free
15.87 Gb Paging File | 13.25 Gb Available In Paging File | 83.48% Paging File Free
Paging File Location(S): ?:\Pagefile.Sys [Binary Data]

%Systemdrive% = C: | %Systemroot% = C:\Windows | %Programfiles% = C:\Program Files (X86)
Drive C: | 149.00 Gb Total Space | 61.54 Gb Free Space | 41.30% Space Free | Partition Type: Ntfs
Drive D: | 84.52 Gb Total Space | 78.89 Gb Free Space | 93.34% Space Free | Partition Type: Ntfs
Drive E: | 64.49 Gb Total Space | 60.38 Gb Free Space | 93.63% Space Free | Partition Type: Ntfs
Drive G: | 1863.01 Gb Total Space | 1858.18 Gb Free Space | 99.74% Space Free | Partition Type: Ntfs

Computer Name: Mike-Pc | User Name: Mike | Logged In As Administrator.
Boot Mode: Normal | Scan Mode: Current User | Quick Scan | Include 64Bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (Safelist) ==========

Prc - [2013/09/13 12:52:18 | 000,602,112 | ---- | M] (Oldtimer Tools) -- C:\Users\Mike\Downloads\Otl.Exe
Prc - [2013/09/12 13:52:48 | 001,862,024 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\Syswow64\Macromed\Flash\Flashplayerplugin_11_8_800_168.Exe
Prc - [2013/08/28 23:45:10 | 003,873,784 | ---- | M] (Acronis) -- C:\Program Files (X86)\Common Files\Acronis\Cdp\Afcdpsrv.Exe
Prc - [2013/08/22 13:26:20 | 007,780,904 | ---- | M] (Acronis) -- C:\Program Files (X86)\Acronis\Trueimagehome\Trueimagemonitor.Exe
Prc - [2013/08/21 16:35:04 | 009,735,136 | ---- | M] (Acronis) -- C:\Program Files (X86)\Common Files\Acronis\Syncagent\Syncagentsrv.Exe
Prc - [2013/08/19 11:01:26 | 001,435,928 | ---- | M] (Trusteer Ltd.) -- C:\Program Files (X86)\Trusteer\Rapport\Bin\Rapportmgmtservice.Exe
Prc - [2013/08/19 11:01:24 | 002,476,312 | ---- | M] (Trusteer Ltd.) -- C:\Program Files (X86)\Trusteer\Rapport\Bin\Rapportservice.Exe
Prc - [2013/08/18 16:57:30 | 006,572,688 | ---- | M] (Power Soft) -- C:\Program Files (X86)\Power Soft\Power Notes\Notes.Exe
Prc - [2013/08/18 09:56:00 | 000,276,376 | ---- | M] (Mozilla Corporation) -- C:\Program Files (X86)\Mozilla Firefox\Firefox.Exe
Prc - [2013/08/01 12:20:22 | 002,095,808 | ---- | M] () -- C:\Program Files (X86)\Comodo\Dragon\Dragon_Updater.Exe
Prc - [2013/05/09 09:58:30 | 004,858,968 | ---- | M] (Avast Software) -- C:\Program Files\Avast Software\Avast\Avastui.Exe
Prc - [2013/05/09 09:58:30 | 000,046,808 | ---- | M] (Avast Software) -- C:\Program Files\Avast Software\Avast\Avastsvc.Exe
Prc - [2013/04/30 08:50:46 | 000,070,152 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\Syswow64\Nlssrv32.Exe
Prc - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (X86)\Malwarebytes' Anti-Malware\Mbamservice.Exe
Prc - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (X86)\Malwarebytes' Anti-Malware\Mbamgui.Exe
Prc - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (X86)\Malwarebytes' Anti-Malware\Mbamscheduler.Exe
Prc - [2013/02/22 12:32:59 | 002,849,120 | ---- | M] (Teamviewer Gmbh) -- C:\Program Files (X86)\Teamviewer\Version7\Teamviewer_Service.Exe
Prc - [2013/01/18 08:14:20 | 000,383,264 | ---- | M] (Nvidia Corporation) -- C:\Program Files (X86)\Nvidia Corporation\3D Vision\Nvscpapisvr.Exe
Prc - [2013/01/10 14:12:22 | 001,103,440 | ---- | M] (Acronis) -- C:\Program Files (X86)\Common Files\Acronis\Tibmounter\Tibmountermonitor.Exe
Prc - [2012/10/05 14:30:36 | 000,070,352 | ---- | M] (Comodo Security Solutions Inc.) -- C:\Program Files (X86)\Common Files\Comodo\Launcher_Service.Exe
Prc - [2012/09/28 14:21:26 | 001,815,040 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files (X86)\Common Files\Comodo\Geekbuddyrsp.Exe
Prc - [2012/06/27 08:25:06 | 001,326,176 | ---- | M] (Secunia) -- C:\Program Files (X86)\Secunia\Psi\Psia.Exe
Prc - [2012/06/27 08:25:04 | 000,681,056 | ---- | M] (Secunia) -- C:\Program Files (X86)\Secunia\Psi\Sua.Exe
Prc - [2012/06/27 08:25:04 | 000,572,000 | ---- | M] (Secunia) -- C:\Program Files (X86)\Secunia\Psi\Psi_Tray.Exe
Prc - [2012/01/18 06:45:28 | 006,849,248 | ---- | M] (3M) -- C:\Program Files (X86)\3M\Pdnotes\Pdnotes.Exe


========== Modules (No Company Name) ==========

Mod - [2013/09/12 14:26:18 | 001,840,640 | ---- | M] () -- C:\Windows\Assembly\Nativeimages_V2.0.50727_32\System.Web.Services\3D075C3B7D099Aca217Beecac1F66B4B\System.Web.Services.Ni.Dll
Mod - [2013/09/12 13:52:47 | 016,177,544 | ---- | M] () -- C:\Windows\Syswow64\Macromed\Flash\Npswf32_11_8_800_168.Dll
Mod - [2013/09/02 09:26:00 | 000,991,984 | ---- | M] () -- C:\Programdata\Trusteer\Rapport\Store\Exts\Rapportms\Baseline\Rapportms.Dll
Mod - [2013/08/22 13:22:56 | 000,028,992 | ---- | M] () -- C:\Program Files (X86)\Common Files\Acronis\Home\Thread_Pool.Dll
Mod - [2013/08/22 13:22:50 | 000,036,672 | ---- | M] () -- C:\Program Files (X86)\Acronis\Trueimagehome\Qt_Icontray_Ex.Dll
Mod - [2013/08/18 09:55:57 | 003,551,640 | ---- | M] () -- C:\Program Files (X86)\Mozilla Firefox\Mozjs.Dll
Mod - [2013/08/18 03:40:17 | 000,628,224 | ---- | M] () -- C:\Windows\Assembly\Nativeimages_V2.0.50727_32\System.Enterprisese#\5970036570C1E44E8Ae0F6F94C1039Aa\System.Enterpriseservices.Ni.Dll
Mod - [2013/08/18 03:40:16 | 000,627,200 | ---- | M] () -- C:\Windows\Assembly\Nativeimages_V2.0.50727_32\System.Transactions\4Ada2213Cefea889A5Ed6E2Fb6839B93\System.Transactions.Ni.Dll
Mod - [2013/08/18 03:40:16 | 000,280,064 | ---- | M] () -- C:\Windows\Assembly\Nativeimages_V2.0.50727_32\System.Enterprisese#\5970036570C1E44E8Ae0F6F94C1039Aa\System.Enterpriseservices.Wrapper.Dll
Mod - [2013/08/18 03:40:14 | 006,611,456 | ---- | M] () -- C:\Windows\Assembly\Nativeimages_V2.0.50727_32\System.Data\764054Efc88F51B54C8D7E44Df26B671\System.Data.Ni.Dll
Mod - [2013/08/18 03:39:38 | 012,436,480 | ---- | M] () -- C:\Windows\Assembly\Nativeimages_V2.0.50727_32\System.Windows.Forms\28Ea347A952D20959Ac6Ae02D7457D39\System.Windows.Forms.Ni.Dll
Mod - [2013/08/18 03:39:29 | 001,593,344 | ---- | M] () -- C:\Windows\Assembly\Nativeimages_V2.0.50727_32\System.Drawing\5Aa44Bce7933E4De09D935848F868A4B\System.Drawing.Ni.Dll
Mod - [2013/08/18 03:39:27 | 001,806,848 | ---- | M] () -- C:\Windows\Assembly\Nativeimages_V2.0.50727_32\System.Deployment\53404435978580E5Cae29Dffd2129F74\System.Deployment.Ni.Dll
Mod - [2013/08/18 03:39:03 | 005,464,064 | ---- | M] () -- C:\Windows\Assembly\Nativeimages_V2.0.50727_32\System.Xml\09Db78D6068543Df01862A023Aca785A\System.Xml.Ni.Dll
Mod - [2013/08/18 03:38:55 | 000,978,432 | ---- | M] () -- C:\Windows\Assembly\Nativeimages_V2.0.50727_32\System.Configuration\8F7D83126A3Cf283E5Ac97F2D6D99F12\System.Configuration.Ni.Dll
Mod - [2013/08/18 03:38:53 | 007,989,760 | ---- | M] () -- C:\Windows\Assembly\Nativeimages_V2.0.50727_32\System\5D22A30E587E2Cac106B81Fb351E7C08\System.Ni.Dll
Mod - [2013/07/10 05:22:55 | 000,025,600 | ---- | M] () -- C:\Windows\Assembly\Nativeimages_V2.0.50727_32\Accessibility\8C20095Bd7D46Cdfa7933Eb258A07Daa\Accessibility.Ni.Dll
Mod - [2013/07/10 05:22:14 | 011,499,520 | ---- | M] () -- C:\Windows\Assembly\Nativeimages_V2.0.50727_32\Mscorlib\9A6C1B7Af18B4D5A91Dc7F8D6617522F\Mscorlib.Ni.Dll
Mod - [2013/04/04 01:09:40 | 004,300,456 | ---- | M] () -- C:\Program Files (X86)\Common Files\Microsoft Shared\Office14\Cultures\Office.Odf
Mod - [2013/01/10 13:43:34 | 000,014,360 | ---- | M] () -- C:\Program Files (X86)\Common Files\Acronis\Tibmounter\Icudt38.Dll
Mod - [2012/06/27 15:09:06 | 000,557,056 | ---- | M] () -- C:\Program Files (X86)\Trusteer\Rapport\Bin\Js32.Dll
Mod - [2012/01/18 06:45:32 | 000,226,016 | ---- | M] () -- C:\Program Files (X86)\3M\Pdnotes\Psnutil.Dll
Mod - [2012/01/18 06:45:30 | 002,212,576 | ---- | M] () -- C:\Program Files (X86)\3M\Pdnotes\Psndbaccessprevious.Dll
Mod - [2012/01/18 06:45:28 | 004,498,144 | ---- | M] () -- C:\Program Files (X86)\3M\Pdnotes\Psndbaccess.Dll
Mod - [2010/11/21 04:24:08 | 002,927,616 | ---- | M] () -- C:\Windows\Assembly\Gac_32\System.Data\2.0.0.0__B77A5C561934E089\System.Data.Dll
Mod - [2010/11/21 04:24:07 | 000,113,664 | ---- | M] () -- C:\Windows\Assembly\Gac_32\System.Enterpriseservices\2.0.0.0__B03F5F7F11D50A3A\System.Enterpriseservices.Wrapper.Dll
Mod - [2010/10/20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files (X86)\Microsoft Office\Office14\1033\Grooveintlresource.Dll
Mod - [2009/07/14 02:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\Syswow64\Msjetoledb40.Dll
Mod - [2009/06/10 22:23:19 | 000,261,632 | ---- | M] () -- C:\Windows\Assembly\Gac_32\System.Transactions\2.0.0.0__B77A5C561934E089\System.Transactions.Dll


========== Services (Safelist) ==========

Srv:64Bit: - [2013/05/27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\Mpsvc.Dll -- (Windefend)
Srv:64Bit: - [2013/05/23 21:12:02 | 000,143,120 | ---- | M] (Superantispyware.Com) [Auto | Running] -- C:\Program Files\Superantispyware\Sascore64.Exe -- (!Sascore)
Srv:64Bit: - [2013/05/09 09:58:30 | 000,046,808 | ---- | M] (Avast Software) [Auto | Running] -- C:\Program Files\Avast Software\Avast\Avastsvc.Exe -- (Avast! Antivirus)
Srv:64Bit: - [2013/04/30 08:50:36 | 000,230,408 | ---- | M] (Nitro Pdf Software) [Auto | Running] -- C:\Program Files\Common Files\Nitro\Pro\8.0\Nitropdfdriverservice8X64.Exe -- (Nitrodriverreadspool8)
Srv:64Bit: - [2013/04/16 10:18:04 | 000,672,272 | ---- | M] (Genie9) [Auto | Running] -- C:\Program Files\Genie9\Genie Timeline\Genietimelineservice.Exe -- (Genietimelineservice)
Srv:64Bit: - [2012/12/16 12:25:38 | 000,123,664 | ---- | M] (Sandboxie L.T.D) [Auto | Running] -- C:\Program Files\Sandboxie\Sbiesvc.Exe -- (Sbiesvc)
Srv:64Bit: - [2012/11/08 00:37:39 | 002,828,408 | ---- | M] (Comodo) [Auto | Running] -- C:\Program Files\Comodo\Comodo Internet Security\Cmdagent.Exe -- (Cmdagent)
Srv:64Bit: - [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Sysnative\Appmgmts.Dll -- (Appmgmt)
Srv - [2013/09/12 13:52:48 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\Syswow64\Macromed\Flash\Flashplayerupdateservice.Exe -- (Adobeflashplayerupdatesvc)
Srv - [2013/08/28 23:45:10 | 003,873,784 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (X86)\Common Files\Acronis\Cdp\Afcdpsrv.Exe -- (Afcdpsrv)
Srv - [2013/08/21 16:35:04 | 009,735,136 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (X86)\Common Files\Acronis\Syncagent\Syncagentsrv.Exe -- (Syncagentsrv)
Srv - [2013/08/19 11:01:26 | 001,435,928 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files (X86)\Trusteer\Rapport\Bin\Rapportmgmtservice.Exe -- (Rapportmgmtservice)
Srv - [2013/08/18 09:55:58 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (X86)\Mozilla Maintenance Service\Maintenanceservice.Exe -- (Mozillamaintenance)
Srv - [2013/08/01 12:20:22 | 002,095,808 | ---- | M] () [Auto | Running] -- C:\Program Files (X86)\Comodo\Dragon\Dragon_Updater.Exe -- (Dragonupdater)
Srv - [2013/07/18 11:52:22 | 001,142,616 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (X86)\Common Files\Acronis\Schedule2\Schedul2.Exe -- (Acrsch2Svc)
Srv - [2013/04/30 08:50:46 | 000,070,152 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\Syswow64\Nlssrv32.Exe -- (Nlsx86Cc)
Srv - [2013/04/23 19:25:15 | 000,016,680 | ---- | M] (Citrix Online, A Division Of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (X86)\Citrix\Gotoassist\570\G2Aservice.Exe -- (Gotoassist)
Srv - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (X86)\Malwarebytes' Anti-Malware\Mbamservice.Exe -- (Mbamservice)
Srv - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (X86)\Malwarebytes' Anti-Malware\Mbamscheduler.Exe -- (Mbamscheduler)
Srv - [2013/02/22 12:32:59 | 002,849,120 | ---- | M] (Teamviewer Gmbh) [Auto | Running] -- C:\Program Files (X86)\Teamviewer\Version7\Teamviewer_Service.Exe -- (Teamviewer7)
Srv - [2013/01/18 08:14:20 | 000,383,264 | ---- | M] (Nvidia Corporation) [Auto | Running] -- C:\Program Files (X86)\Nvidia Corporation\3D Vision\Nvscpapisvr.Exe -- (Stereo Service)
Srv - [2012/12/03 16:47:14 | 001,259,880 | ---- | M] (Nvidia Corporation) [Auto | Stopped] -- C:\Program Files (X86)\Nvidia Corporation\Nvidia Update Core\Daemonu.Exe -- (Nvupdatusservice)
Srv - [2012/10/05 14:30:36 | 000,070,352 | ---- | M] (Comodo Security Solutions Inc.) [Auto | Running] -- C:\Program Files (X86)\Common Files\Comodo\Launcher_Service.Exe -- (Clpslauncher)
Srv - [2012/09/28 14:21:26 | 001,815,040 | ---- | M] (Comodo Security Solutions, Inc.) [Auto | Running] -- C:\Program Files (X86)\Common Files\Comodo\Geekbuddyrsp.Exe -- (Geekbuddyrsp)
Srv - [2012/06/27 08:25:06 | 001,326,176 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (X86)\Secunia\Psi\Psia.Exe -- (Secunia Psi Agent)
Srv - [2012/06/27 08:25:04 | 000,681,056 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (X86)\Secunia\Psi\Sua.Exe -- (Secunia Update Agent)
Srv - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.Net\Framework\V4.0.30319\Mscorsvw.Exe -- (Clr_Optimization_V4.0.30319_32)
Srv - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.Net\Framework\V2.0.50727\Mscorsvw.Exe -- (Clr_Optimization_V2.0.50727_32)
Srv - [2007/01/11 04:02:00 | 000,126,464 | ---- | M] (Seiko Epson Corporation) [Auto | Running] -- C:\Programdata\Epson\Epw!3 Ssrp\E_S40Rpb.Exe -- (Epson_Pm_Rpcv4_01)


========== Driver Services (Safelist) ==========

Drv:64Bit: - [2013/08/28 23:45:16 | 000,367,200 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\Windows\Sysnative\Drivers\Afcdp.Sys -- (Afcdp)
Drv:64Bit: - [2013/08/28 23:45:06 | 001,464,096 | ---- | M] (Acronis International Gmbh) [Kernel | On_Demand | Stopped] -- C:\Windows\Sysnative\Drivers\Tdrpman.Sys -- (Tdrpman)
Drv:64Bit: - [2013/08/28 23:45:03 | 000,183,224 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\Sysnative\Drivers\Tib_Mounter.Sys -- (Tib_Mounter)
Drv:64Bit: - [2013/08/28 23:44:56 | 001,120,032 | ---- | M] (Acronis International Gmbh) [Kernel | Boot | Running] -- C:\Windows\Sysnative\Drivers\Tib.Sys -- (Tib)
Drv:64Bit: - [2013/08/28 23:44:41 | 000,161,568 | ---- | M] (Acronis International Gmbh) [Kernel | Boot | Running] -- C:\Windows\Sysnative\Drivers\Vididr.Sys -- (Vididr)
Drv:64Bit: - [2013/08/28 23:44:36 | 000,117,024 | ---- | M] (Acronis International Gmbh) [Kernel | Boot | Running] -- C:\Windows\Sysnative\Drivers\Vidsflt.Sys -- (Vidsflt)
Drv:64Bit: - [2013/08/28 23:44:29 | 000,269,600 | ---- | M] (Acronis International Gmbh) [Kernel | Boot | Running] -- C:\Windows\Sysnative\Drivers\Snapman.Sys -- (Snapman)
Drv:64Bit: - [2013/08/28 23:44:24 | 000,116,000 | ---- | M] (Acronis International Gmbh) [Kernel | Boot | Running] -- C:\Windows\Sysnative\Drivers\Fltsrv.Sys -- (Fltsrv)
Drv:64Bit: - [2013/06/27 20:53:56 | 001,030,952 | ---- | M] (Avast Software) [File_System | System | Running] -- C:\Windows\Sysnative\Drivers\Aswsnx.Sys -- (Aswsnx)
Drv:64Bit: - [2013/06/27 20:53:56 | 000,378,944 | ---- | M] (Avast Software) [Kernel | System | Running] -- C:\Windows\Sysnative\Drivers\Aswsp.Sys -- (Aswsp)
Drv:64Bit: - [2013/06/27 20:53:56 | 000,189,936 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\Sysnative\Drivers\Aswvmm.Sys -- (Aswvmm)
Drv:64Bit: - [2013/05/31 15:53:12 | 000,222,200 | ---- | M] (Qfx Software Corporation) [Kernel | On_Demand | Running] -- C:\Windows\Sysnative\Drivers\Keyscrambler.Sys -- (Keyscrambler)
Drv:64Bit: - [2013/05/09 09:59:07 | 000,072,016 | ---- | M] (Avast Software) [Kernel | System | Running] -- C:\Windows\Sysnative\Drivers\Aswrdr2.Sys -- (Aswrdr)
Drv:64Bit: - [2013/05/09 09:59:07 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\Sysnative\Drivers\Aswrvrt.Sys -- (Aswrvrt)
Drv:64Bit: - [2013/05/09 09:59:07 | 000,064,288 | ---- | M] (Avast Software) [Kernel | System | Running] -- C:\Windows\Sysnative\Drivers\Aswtdi.Sys -- (Aswtdi)
Drv:64Bit: - [2013/05/09 09:59:06 | 000,080,816 | ---- | M] (Avast Software) [File_System | Auto | Running] -- C:\Windows\Sysnative\Drivers\Aswmonflt.Sys -- (Aswmonflt)
Drv:64Bit: - [2013/05/09 09:59:06 | 000,033,400 | ---- | M] (Avast Software) [File_System | Auto | Running] -- C:\Windows\Sysnative\Drivers\Aswfsblk.Sys -- (Aswfsblk)
Drv:64Bit: - [2013/05/09 09:59:06 | 000,022,600 | ---- | M] (Avast Software) [Kernel | Boot | Running] -- C:\Windows\Sysnative\Drivers\Aswkbd.Sys -- (Aswkbd)
Drv:64Bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\Sysnative\Drivers\Mbam.Sys -- (Mbamprotector)
Drv:64Bit: - [2013/03/07 09:49:18 | 000,017,480 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\Sysnative\Epmntdrv.Sys -- (Epmntdrv)
Drv:64Bit: - [2013/03/07 09:49:18 | 000,009,800 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\Sysnative\Eugdidrv.Sys -- (Eugdidrv)
Drv:64Bit: - [2012/12/16 12:25:34 | 000,202,632 | ---- | M] (Sandboxie L.T.D) [Kernel | On_Demand | Running] -- C:\Program Files\Sandboxie\Sbiedrv.Sys -- (Sbiedrv)
Drv:64Bit: - [2012/08/23 15:12:16 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\Sysnative\Drivers\Terminpt.Sys -- (Terminpt)
Drv:64Bit: - [2012/08/23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\Sysnative\Drivers\Rdpvideominiport.Sys -- (Rdpvideominiport)
Drv:64Bit: - [2012/08/23 15:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\Sysnative\Drivers\Tsusbgd.Sys -- (Tsusbgd)
Drv:64Bit: - [2012/08/23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\Sysnative\Drivers\Tsusbflt.Sys -- (Tsusbflt)
Drv:64Bit: - [2012/07/03 16:25:16 | 000,189,288 | ---- | M] (Nvidia Corporation) [Kernel | On_Demand | Running] -- C:\Windows\Sysnative\Drivers\Nvhda64V.Sys -- (Nvhda)
Drv:64Bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\Sysnative\Drivers\Fs_Rec.Sys -- (Fs_Rec)
Drv:64Bit: - [2011/12/16 15:20:10 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\Sysnative\Drivers\Psi_Mf.Sys -- (Psi)
Drv:64Bit: - [2011/07/22 17:26:56 | 000,014,928 | ---- | M] (Superadblocker.Com And Superantispyware.Com) [Kernel | System | Running] -- C:\Program Files\Superantispyware\Sasdifsv64.Sys -- (Sasdifsv)
Drv:64Bit: - [2011/07/12 22:55:18 | 000,012,368 | ---- | M] (Superadblocker.Com And Superantispyware.Com) [Kernel | System | Running] -- C:\Program Files\Superantispyware\Saskutil64.Sys -- (Saskutil)
Drv:64Bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\Sysnative\Drivers\Amdsata.Sys -- (Amdsata)
Drv:64Bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\Sysnative\Drivers\Amdxata.Sys -- (Amdxata)
Drv:64Bit: - [2010/11/21 04:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\Sysnative\Drivers\Tsusbhub.Sys -- (Tsusbhub)
Drv:64Bit: - [2010/11/21 04:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\Sysnative\Drivers\Synth3Dvsc.Sys -- (Synth3Dvsc)
Drv:64Bit: - [2010/11/21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\Sysnative\Drivers\Dmvsc.Sys -- (Dmvsc)
Drv:64Bit: - [2010/11/21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\Sysnative\Drivers\Hpsamd.Sys -- (Hpsamd)
Drv:64Bit: - [2009/12/30 11:21:26 | 000,031,800 | ---- | M] (Vs Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\Sysnative\Drivers\Revoflt.Sys -- (Revoflt)
Drv:64Bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (Amd Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\Sysnative\Drivers\Amdsbs.Sys -- (Amdsbs)
Drv:64Bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (Lsi Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\Sysnative\Drivers\Lsi_Sas2.Sys -- (Lsi_Sas2)
Drv:64Bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\Sysnative\Drivers\Stexstor.Sys -- (Stexstor)
Drv:64Bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\Sysnative\Drivers\Evbda.Sys -- (Ebdrv)
Drv:64Bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\Sysnative\Drivers\Bxvbda.Sys -- (B06Bdrv)
Drv:64Bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\Sysnative\Drivers\B57Nd60A.Sys -- (B57Nd60A)
Drv:64Bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\Sysnative\Drivers\Hcw85Cir.Sys -- (Hcw85Cir)
Drv - [2013/09/02 09:25:56 | 000,589,872 | ---- | M] () [Kernel | System | Running] -- C:\Programdata\Trusteer\Rapport\Store\Exts\Rapportcerberus\Baseline\Rapportcerberus64_56758.Sys -- (Rapportcerberus_56758)
Drv - [2013/08/19 11:01:38 | 000,265,872 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files (X86)\Trusteer\Rapport\Bin\X64\Rapportei64.Sys -- (Rapportei64)
Drv - [2013/08/19 11:01:36 | 000,384,432 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files (X86)\Trusteer\Rapport\Bin\X64\Rapportpg64.Sys -- (Rapportpg64)
Drv - [2013/03/07 09:49:20 | 000,013,896 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\Syswow64\Epmntdrv.Sys -- (Epmntdrv)
Drv - [2013/03/07 09:49:20 | 000,009,160 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\Syswow64\Eugdidrv.Sys -- (Eugdidrv)
Drv - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\Syswow64\Drivers\Wimmount.Sys -- (Wimmount)


========== Standard Registry (Safelist) ==========


========== Internet Explorer ==========

Ie:64Bit: - Hklm\..\Searchscopes,Defaultscope = {0633Ee93-D776-472F-A0Ff-E1416B8B2E3A}
Ie:64Bit: - Hklm\..\Searchscopes\{0633Ee93-D776-472F-A0Ff-E1416B8B2E3A}: "Url" = Http://Www.Bing.Com/Search?Q={Searchterms}&Form=Ie8Src
Ie - Hklm\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\Syswow64\Blank.Htm
Ie - Hklm\..\Searchscopes,Defaultscope = {0633Ee93-D776-472F-A0Ff-E1416B8B2E3A}
Ie - Hklm\..\Searchscopes\{0633Ee93-D776-472F-A0Ff-E1416B8B2E3A}: "Url" = Http://Www.Bing.Com/Search?Q={Searchterms}&Form=Ie8Src

Ie - Hkcu\Software\Microsoft\Internet Explorer\Main,Start Page =
Ie - Hkcu\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = Http://Uk.Msn.Com/
Ie - Hkcu\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache Acceptlangs = En-Gb
Ie - Hkcu\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_Timestamp = 35 Fd 48 Ce D3 Ac Ce 01 [Binary Data]
Ie - Hkcu\..\Searchscopes,Defaultscope = {0633Ee93-D776-472F-A0Ff-E1416B8B2E3A}
Ie - Hkcu\..\Searchscopes\{0633Ee93-D776-472F-A0Ff-E1416B8B2E3A}: "Url" = Http://Www.Bing.Com/Search?Q={Searchterms}&Src=Ie-Searchbox&Form=Ie10Sr
Ie - Hkcu\Software\Microsoft\Windows\Currentversion\Internet Settings: "Proxyenable" = 0

========== Firefox ==========

Ff - Prefs.Js..Extensions.Enabledaddons: Wrc%40Avast.Com:8.0.1489
Ff - Prefs.Js..Extensions.Enabledaddons: Pdnfirefox%403M.Com:5.3.0.0002
Ff - Prefs.Js..Extensions.Enabledaddons: Artur.Dubovoy%40Gmail.Com:3.9.6
Ff - Prefs.Js..Extensions.Enabledaddons: %7Bada4B710-8346-4B82-8199-5De2B400A6Ae%7D:2.1.2
Ff - Prefs.Js..Extensions.Enabledaddons: Isreaditlater%40Ideashower.Com:3.0.4
Ff - Prefs.Js..Extensions.Enabledaddons: Casechanger%40Plugin:2.0.0.18
Ff - Prefs.Js..Extensions.Enabledaddons: Webbooster%40Iminent.Com:7.36.1.1
Ff - Prefs.Js..Extensions.Enabledaddons: %7B972Ce4C6-7E08-4474-A285-3208198Ce6Fd%7D:23.0.1
Ff - User.Js - File Not Found

Ff:64Bit: - Hklm\Software\Mozillaplugins\@Adobe.Com/Flashplayer: C:\Windows\System32\Macromed\Flash\Npswf64_11_8_800_168.Dll File Not Found
Ff:64Bit: - Hklm\Software\Mozillaplugins\@Microsoft.Com/Genuine: Disabled File Not Found
Ff:64Bit: - Hklm\Software\Mozillaplugins\@Microsoft.Com/Npctrl,Version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\Npctrl.Dll ( Microsoft Corporation)
Ff:64Bit: - Hklm\Software\Mozillaplugins\@Microsoft.Com/Officeauthz,Version=14.0: C:\Progra~1\Micros~2\Office14\Npauthz.Dll (Microsoft Corporation)
Ff - Hklm\Software\Mozillaplugins\@Adobe.Com/Flashplayer: C:\Windows\Syswow64\Macromed\Flash\Npswf32_11_8_800_168.Dll ()
Ff - Hklm\Software\Mozillaplugins\@Foxitsoftware.Com/Foxit Reader Plugin,Version=1.0,Application/Pdf: C:\Program Files (X86)\Foxit Software\Foxit Reader\Plugins\Npfoxitreaderplugin.Dll (Foxit Corporation)
Ff - Hklm\Software\Mozillaplugins\@Foxitsoftware.Com/Foxit Reader Plugin,Version=1.0,Application/Vnd.Fdf: C:\Program Files (X86)\Foxit Software\Foxit Reader\Plugins\Npfoxitreaderplugin.Dll (Foxit Corporation)
Ff - Hklm\Software\Mozillaplugins\@Microsoft.Com/Genuine: Disabled File Not Found
Ff - Hklm\Software\Mozillaplugins\@Microsoft.Com/Npctrl,Version=1.0: C:\Program Files (X86)\Microsoft Silverlight\5.1.20513.0\Npctrl.Dll ( Microsoft Corporation)
Ff - Hklm\Software\Mozillaplugins\@Microsoft.Com/Officeauthz,Version=14.0: C:\Progra~2\Micros~1\Office14\Npauthz.Dll (Microsoft Corporation)
Ff - Hklm\Software\Mozillaplugins\@Microsoft.Com/Sharepoint,Version=14.0: C:\Progra~2\Micros~1\Office14\Npspwrap.Dll (Microsoft Corporation)
Ff - Hklm\Software\Mozillaplugins\@Microsoft.Com/Wlpg,Version=15.4.3502.0922: C:\Program Files (X86)\Windows Live\Photo Gallery\Npwlpg.Dll File Not Found
Ff - Hklm\Software\Mozillaplugins\@Nitropdf.Com/Nitropdf: C:\Program Files (X86)\Nitro\Pro 8\Npnitromozilla.Dll (Nitro Pdf)
Ff - Hklm\Software\Mozillaplugins\@Nvidia.Com/3Dvision: C:\Program Files (X86)\Nvidia Corporation\3D Vision\Npnv3Dv.Dll (Nvidia Corporation)
Ff - Hklm\Software\Mozillaplugins\@Nvidia.Com/3Dvisionstreaming: C:\Program Files (X86)\Nvidia Corporation\3D Vision\Npnv3Dvstreaming.Dll (Nvidia Corporation)
Ff - Hklm\Software\Mozillaplugins\@Tools.Google.Com/Google Update;Version=3: C:\Program Files (X86)\Google\Update\1.3.21.153\Npgoogleupdate3.Dll (Google Inc.)
Ff - Hklm\Software\Mozillaplugins\@Tools.Google.Com/Google Update;Version=9: C:\Program Files (X86)\Google\Update\1.3.21.153\Npgoogleupdate3.Dll (Google Inc.)

Ff - Hkey_Local_Machine\Software\Mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Avast Software\Avast\Webrep\Ff [2013/06/12 18:18:03 | 000,000,000 | ---D | M]
Ff - Hkey_Local_Machine\Software\Mozilla\Mozilla Firefox 23.0.1\Extensions\\Components: C:\Program Files (X86)\Mozilla Firefox\Components
Ff - Hkey_Local_Machine\Software\Mozilla\Mozilla Firefox 23.0.1\Extensions\\Plugins: C:\Program Files (X86)\Mozilla Firefox\Plugins

[2012/10/19 22:29:29 | 000,000,000 | ---D | M] (No Name Found) -- C:\Users\Mike\Appdata\Roaming\Mozilla\Extensions
[2013/09/12 17:37:34 | 000,000,000 | ---D | M] (No Name Found) -- C:\Users\Mike\Appdata\Roaming\Mozilla\Firefox\Profiles\8Pslopri.Default\Extensions
[2013/09/05 12:21:29 | 000,000,000 | ---D | M] (Reminderfox) -- C:\Users\Mike\Appdata\Roaming\Mozilla\Firefox\Profiles\8Pslopri.Default\Extensions\{Ada4B710-8346-4B82-8199-5De2B400A6Ae}
[2013/09/05 12:21:29 | 000,000,000 | ---D | M] (Pocket) -- C:\Users\Mike\Appdata\Roaming\Mozilla\Firefox\Profiles\8Pslopri.Default\Extensions\[email protected]
[2013/09/04 10:56:38 | 000,332,487 | ---- | M] () (No Name Found) -- C:\Users\Mike\Appdata\Roaming\Mozilla\Firefox\Profiles\8Pslopri.Default\Extensions\[email protected]
[2013/09/05 12:21:29 | 000,027,194 | ---- | M] () (No Name Found) -- C:\Users\Mike\Appdata\Roaming\Mozilla\Firefox\Profiles\8Pslopri.Default\Extensions\[email protected]
[2013/09/04 10:56:38 | 000,355,782 | ---- | M] () (No Name Found) -- C:\Users\Mike\Appdata\Roaming\Mozilla\Firefox\Profiles\8Pslopri.Default\Extensions\[email protected]
[2013/09/02 12:48:27 | 000,000,000 | ---D | M] (No Name Found) -- C:\Program Files (X86)\Mozilla Firefox\Extensions
[2013/08/07 05:22:27 | 000,000,000 | ---D | M] (No Name Found) -- C:\Program Files (X86)\Mozilla Firefox\Browser\Extensions
[2013/08/18 09:56:02 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (X86)\Mozilla Firefox\Browser\Extensions\{972Ce4C6-7E08-4474-A285-3208198Ce6Fd}
[2013/08/17 06:41:33 | 000,000,000 | ---D | M] (No Name Found) -- C:\Program Files (X86)\Mozilla Firefox\Updated\Extensions
[2013/08/17 06:41:30 | 000,000,000 | ---D | M] (No Name Found) -- C:\Program Files (X86)\Mozilla Firefox\Updated\Browser\Extensions
[2013/08/17 06:41:55 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (X86)\Mozilla Firefox\Updated\Browser\Extensions\{972Ce4C6-7E08-4474-A285-3208198Ce6Fd}
[2013/07/31 15:58:32 | 000,000,000 | ---D | M] (Post-It® Digital Notes) -- C:\Program Files (X86)\3M\Pdnotes\Pdnfirefoxbookmarkextension
[2013/06/12 18:18:03 | 000,000,000 | ---D | M] (Avast! Online Security) -- C:\Program Files\Avast Software\Avast\Webrep\Ff
File Not Found (No Name Found) -- C:\Users\Mike\Appdata\Roaming\Mozilla\Firefox\Profiles\8Pslopri.Default\Extensions\[email protected]

========== Chrome ==========

Chr - Homepage:
Chr - Default_Search_Provider: ()
Chr - Default_Search_Provider: Search_Url =
Chr - Default_Search_Provider: Suggest_Url =
Chr - Homepage:

O1 Hosts File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\Sysnative\Drivers\Etc\Hosts
O2:64Bit: - Bho: (Avast! Online Security) - {318A227B-5E9F-45Bd-8999-7F8F10Ca4Cf5} - C:\Program Files\Avast Software\Avast\Aswwebrepie64.Dll (Avast Software)
O2 - Bho: (Avast! Online Security) - {8E5E2654-Ad2D-48Bf-Ac2D-D17F00898D06} - C:\Program Files\Avast Software\Avast\Aswwebrepie.Dll (Avast Software)
O3:64Bit: - Hklm\..\Toolbar: (Avast! Online Security) - {318A227B-5E9F-45Bd-8999-7F8F10Ca4Cf5} - C:\Program Files\Avast Software\Avast\Aswwebrepie64.Dll (Avast Software)
O3 - Hklm\..\Toolbar: (Avast! Online Security) - {8E5E2654-Ad2D-48Bf-Ac2D-D17F00898D06} - C:\Program Files\Avast Software\Avast\Aswwebrepie.Dll (Avast Software)
O4:64Bit: - Hklm..\Run: [Acronis Scheduler2 Service] C:\Program Files (X86)\Common Files\Acronis\Schedule2\Schedhlp.Exe (Acronis)
O4:64Bit: - Hklm..\Run: [Comodo Internet Security] C:\Program Files\Comodo\Comodo Internet Security\Cfp.Exe (Comodo)
O4 - Hklm..\Run: [Acronistibmountermonitor] C:\Program Files (X86)\Common Files\Acronis\Tibmounter\Tibmountermonitor.Exe (Acronis)
O4 - Hklm..\Run: [Avast] C:\Program Files\Avast Software\Avast\Avastui.Exe (Avast Software)
O4 - Hklm..\Run: [Keyscrambler] C:\Program Files (X86)\Keyscrambler\Keyscrambler.Exe (Qfx Software Corporation)
O4 - Hklm..\Run: [Trueimagemonitor.Exe] C:\Program Files (X86)\Acronis\Trueimagehome\Trueimagemonitor.Exe (Acronis)
O4 - Hklm..\Run: [Tvncontrol] C:\Program Files (X86)\Common Files\Comodo\Geekbuddyrsp.Exe (Comodo Security Solutions, Inc.)
O4 - Hkcu..\Run: [Epson Stylus Photo R285 Series (Copy 1)] C:\Windows\System32\Spool\Drivers\X64\3\E_Iaticke.Exe /Fu "C:\Windows\Temp\E_S2B73.Tmp" /Ef "Hkcu" File Not Found
O4 - Hkcu..\Run: [Power Notes] C:\Program Files (X86)\Power Soft\Power Notes\Notes.Exe (Power Soft)
O4 - Hkcu..\Run: [Sandboxiecontrol] C:\Program Files\Sandboxie\Sbiectrl.Exe (Sandboxie L.T.D)
O4 - Hkcu..\Run: [Superantispyware] C:\Program Files\Superantispyware\Superantispyware.Exe (Superantispyware)
O6 - Hklm\Software\Microsoft\Windows\Currentversion\Policies\Explorer: Noactivedesktop = 1
O6 - Hklm\Software\Microsoft\Windows\Currentversion\Policies\Explorer: Noactivedesktopchanges = 1
O6 - Hklm\Software\Microsoft\Windows\Currentversion\Policies\System: Consentpromptbehavioradmin = 0
O6 - Hklm\Software\Microsoft\Windows\Currentversion\Policies\System: Consentpromptbehavioruser = 0
O6 - Hklm\Software\Microsoft\Windows\Currentversion\Policies\System: Enablelua = 0
O6 - Hklm\Software\Microsoft\Windows\Currentversion\Policies\System: Promptonsecuredesktop = 0
O6 - Hklm\Software\Microsoft\Windows\Currentversion\Policies\System: Enablelinkedconnections = 1
O7 - Hkcu\Software\Microsoft\Windows\Currentversion\Policies\Explorer: Nodrivetypeautorun = 145
O8:64Bit: - Extra Context Menu Item: Create A Post-It® Note - C:\Program Files (X86)\3M\Pdnotes\\Psnbookmark.Html ()
O8 - Extra Context Menu Item: Create A Post-It® Note - C:\Program Files (X86)\3M\Pdnotes\\Psnbookmark.Html ()
O1364Bit: - Gopher Prefix: Missing
O13 - Gopher Prefix: Missing
O17 - Hklm\System\Ccs\Services\Tcpip\Parameters: Dhcpnameserver = 192.168.1.254
O17 - Hklm\System\Ccs\Services\Tcpip\Parameters\Interfaces\{A12D1C77-005F-4B80-97Df-5Fcaf46D0B38}: Dhcpnameserver = 192.168.1.254
O18:64Bit: - Protocol\Handler\Ms-Help - No Clsid Value Found
O18:64Bit: - Protocol\Handler\Wlmailhtml - No Clsid Value Found
O20:64Bit: - Appinit_Dlls: (C:\Windows\System32\Guard64.Dll) - C:\Windows\Sysnative\Guard64.Dll (Comodo)
O20 - Appinit_Dlls: (C:\Windows\Syswow64\Guard32.Dll) - C:\Windows\Syswow64\Guard32.Dll (Comodo)
O20:64Bit: - Hklm Winlogon: Shell - (Explorer.Exe) - C:\Windows\Explorer.Exe (Microsoft Corporation)
O20:64Bit: - Hklm Winlogon: Userinit - (C:\Windows\System32\Userinit.Exe) - C:\Windows\Sysnative\Userinit.Exe (Microsoft Corporation)
O20 - Hklm Winlogon: Shell - (Explorer.Exe) - C:\Windows\Syswow64\Explorer.Exe (Microsoft Corporation)
O20 - Hklm Winlogon: Userinit - (Userinit.Exe) - C:\Windows\Syswow64\Userinit.Exe (Microsoft Corporation)
O20:64Bit: - Winlogon\Notify\Gotoassist: Dllname - (C:\Program Files (X86)\Citrix\Gotoassist\570\G2Awinlogon_X64.Dll) - C:\Program Files (X86)\Citrix\Gotoassist\570\G2Awinlogon_X64.Dll (Citrix Online, A Division Of Citrix Systems, Inc.)
O21:64Bit: - Ssodl: Webcheck - {E6Fb5E20-De35-11Cf-9C87-00Aa005127Ed} - No Clsid Value Found.
O21 - Ssodl: Webcheck - {E6Fb5E20-De35-11Cf-9C87-00Aa005127Ed} - No Clsid Value Found.
O22:64Bit: - Sharedtaskscheduler: {1984Dd45-52Cf-49Cd-Ab77-18F378Fea264} - Fencesshellext - C:\Program Files\Stardock\Fences Pro\Fencesmenu64.Dll (Stardock)
O32 - Hklm Cdrom: Autorun - 1
O32 - Autorun File - [2012/02/24 05:02:32 | 000,000,037 | ---- | M] () - G:\Autorun.Inf -- [ Ntfs ]
O34 - Hklm Bootexecute: (Autocheck Autochk *)
O35:64Bit: - Hklm\..Comfile [Open] -- "%1" %*
O35:64Bit: - Hklm\..Exefile [Open] -- "%1" %*
O35 - Hklm\..Comfile [Open] -- "%1" %*
O35 - Hklm\..Exefile [Open] -- "%1" %*
O37:64Bit: - Hklm\...Com [@ = Comfile] -- "%1" %*
O37:64Bit: - Hklm\...Exe [@ = Exefile] -- "%1" %*
O37 - Hklm\...Com [@ = Comfile] -- "%1" %*
O37 - Hklm\...Exe [@ = Exefile] -- "%1" %*
O38 - Subsystems\\Windows: (Serverdll=Winsrv:Userserverdllinitialization,3)
O38 - Subsystems\\Windows: (Serverdll=Winsrv:Conserverdllinitialization,2)
O38 - Subsystems\\Windows: (Serverdll=Sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/09/13 05:55:29 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2013/09/13 00:12:17 | 000,000,000 | ---D | C] -- C:\Programdata\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013/09/13 00:07:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013/09/13 00:07:45 | 000,000,000 | ---D | C] -- C:\Program Files (X86)\Microsoft Silverlight
[2013/09/12 19:47:09 | 000,000,000 | ---D | C] -- C:\Program Files (X86)\Windows Live
[2013/09/11 04:06:25 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Roaming\Openoffice
[2013/09/10 11:07:56 | 000,000,000 | ---D | C] -- C:\Users\Mike\Desktop\Emoticons_Files
[2013/09/09 15:30:10 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\Restore_Point_Creator
[2013/09/09 14:48:38 | 000,000,000 | ---D | C] -- C:\Program Files (X86)\Iminent
[2013/09/09 14:45:42 | 000,000,000 | ---D | C] -- C:\Programdata\Dsearchlink
[2013/09/09 14:42:22 | 000,000,000 | ---D | C] -- C:\Programdata\Babylon
[2013/09/09 13:55:40 | 000,000,000 | ---D | C] -- C:\Programdata\Microsoft\Windows\Start Menu\Programs\Restore Point Creator
[2013/09/09 13:55:40 | 000,000,000 | ---D | C] -- C:\Program Files (X86)\Restore Point Creator
[2013/09/09 12:52:08 | 000,000,000 | ---D | C] -- C:\Programdata\Mindgems
[2013/09/09 12:52:08 | 000,000,000 | ---D | C] -- C:\Programdata\Microsoft\Windows\Start Menu\Programs\Folder Size
[2013/09/09 12:52:08 | 000,000,000 | ---D | C] -- C:\Program Files (X86)\Folder Size
[2013/09/09 12:46:57 | 000,000,000 | ---D | C] -- C:\Program Files (X86)\7-Zip
[2013/09/09 00:14:09 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Microsoft
[2013/09/09 00:03:41 | 000,000,000 | ---D | C] -- C:\Program Files (X86)\Msecache
[2013/09/08 23:41:23 | 000,000,000 | ---D | C] -- C:\Programdata\Microsoft\Windows\Start Menu\Programs\Sharepoint
[2013/09/08 23:41:21 | 000,000,000 | ---D | C] -- C:\Programdata\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2013/09/08 23:37:24 | 000,000,000 | ---D | C] -- C:\Program Files (X86)\Microsoft Synchronization Services
[2013/09/08 23:37:15 | 000,000,000 | ---D | C] -- C:\Program Files (X86)\Common Files\Designer
[2013/09/08 23:35:40 | 000,000,000 | ---D | C] -- C:\Windows\Pchealth
[2013/09/08 23:35:40 | 000,000,000 | ---D | C] -- C:\Program Files (X86)\Microsoft Sync Framework
[2013/09/08 23:35:40 | 000,000,000 | ---D | C] -- C:\Program Files (X86)\Microsoft Sql Server Compact Edition
[2013/09/08 23:30:55 | 000,000,000 | ---D | C] -- C:\Program Files (X86)\Microsoft Visual Studio 8
[2013/09/08 23:30:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013/09/08 23:29:12 | 000,000,000 | ---D | C] -- C:\Program Files (X86)\Microsoft Analysis Services
[2013/09/08 23:29:01 | 000,000,000 | ---D | C] -- C:\Windows\Shellnew
[2013/09/08 23:28:34 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\Microsoft Help
[2013/09/08 23:27:47 | 000,000,000 | ---D | C] -- C:\Program Files (X86)\Microsoft Office
[2013/09/08 23:27:41 | 000,000,000 | ---D | C] -- C:\Programdata\Microsoft Help
[2013/09/08 23:27:21 | 000,000,000 | Rh-D | C] -- C:\Msocache
[2013/09/08 23:22:27 | 000,000,000 | ---D | C] -- C:\Programdata\Microsoft\Windows\Start Menu\Programs\7-Zip
[2013/09/08 23:22:22 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2013/09/08 14:35:12 | 000,000,000 | ---D | C] -- C:\Program Files (X86)\Teamviewer
[2013/09/07 22:13:49 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\Windows Live
[2013/09/07 10:42:57 | 000,000,000 | ---D | C] -- C:\Users\Mike\Documents\Ps Power Notes
[2013/09/07 10:28:10 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{Acbd3E2C-Fd4B-4D90-B84D-E783E0Ff2009}
[2013/09/07 00:53:44 | 000,000,000 | ---D | C] -- C:\Program Files (X86)\Power Soft
[2013/09/06 22:27:59 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{A37D5577-D614-49E4-B9Cd-327670Bcfdf7}
[2013/09/06 10:27:48 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{F8D17050-6399-4E1E-8D5B-9E860493C2A8}
[2013/09/05 22:27:37 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{34A84D9E-F179-4Ffd-8C76-23A2394Af7A5}
[2013/09/05 10:27:15 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{38047Fb9-29A5-4Dcc-B5E1-Fef594De3A74}
[2013/09/04 22:26:52 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{A722486C-4C35-4F66-Ae44-69Fa4Ded2C1D}
[2013/09/04 21:02:41 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Roaming\Epson
[2013/09/04 10:26:30 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{2504575F-F1Fb-4669-9819-4Fca32Dc31Ba}
[2013/09/03 22:26:08 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{F40727B4-69B2-4B1E-A156-Abe04Df5Ff6B}
[2013/09/03 10:25:46 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{4E5Df793-Ab9B-4078-9A0C-916950742C75}
[2013/09/02 22:25:24 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{Ccdfe6F2-3107-4376-9F66-0777425C27A9}
[2013/09/02 14:16:26 | 000,000,000 | ---D | C] -- C:\Programdata\Microsoft\Windows\Start Menu\Programs\Epson Software
[2013/09/02 14:16:26 | 000,000,000 | ---D | C] -- C:\Program Files (X86)\Epson Software
[2013/09/02 14:10:20 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Roaming\Installshield
[2013/09/02 14:09:56 | 000,000,000 | ---D | C] -- C:\Programdata\Epson
[2013/09/02 14:09:35 | 000,000,000 | ---D | C] -- C:\Programdata\Microsoft\Windows\Start Menu\Programs\Epson
[2013/09/02 10:25:00 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{C8Ad54C6-457A-4E21-B18E-E228713F40F4}
[2013/09/02 09:24:20 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\Trusteer
[2013/09/02 09:24:12 | 000,000,000 | ---D | C] -- C:\Programdata\Microsoft\Windows\Start Menu\Programs\Trusteer Endpoint Protection
[2013/09/02 09:23:49 | 000,000,000 | ---D | C] -- C:\Program Files (X86)\Trusteer
[2013/09/02 09:22:12 | 000,000,000 | ---D | C] -- C:\Programdata\Trusteer
[2013/09/01 23:44:17 | 000,000,000 | ---D | C] -- C:\Users\Mike\Documents\Ps Freebie Notes
[2013/09/01 23:37:02 | 000,000,000 | ---D | C] -- C:\Programdata\Power Soft
[2013/09/01 23:36:53 | 000,000,000 | ---D | C] -- C:\Programdata\Microsoft\Windows\Start Menu\Programs\Power Soft
[2013/09/01 22:24:49 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{A91937B5-8D7D-41C2-9C3E-Bc302B950A0A}
[2013/09/01 10:24:39 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{640E3A2E-85E5-40A9-9A7B-Bed9449Cb21A}
[2013/08/31 22:24:28 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{6Eb1770E-32C6-4Db0-8Fd2-1C052B1A2B76}
[2013/08/31 10:24:17 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{E6D73B56-904D-4Def-9916-0E1C3B61C154}
[2013/08/30 22:24:06 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{Bd1Eff2B-1Ba7-4Fa6-9654-008232682Ab7}
[2013/08/30 10:23:56 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{Dbd6Ebcb-8F04-41Bf-A45E-F3Aed8D5D92F}
[2013/08/29 23:41:28 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Roaming\Donationcoder
[2013/08/29 23:41:26 | 000,000,000 | ---D | C] -- C:\Users\Mike\Documents\Donationcoder
[2013/08/29 22:23:33 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{0B5040A5-F3E1-4576-B836-1742Df5Ff7A3}
[2013/08/29 21:19:07 | 000,000,000 | ---D | C] -- C:\Programdata\Microsoft\Windows\Start Menu\Programs\Foxit Reader
[2013/08/29 21:18:50 | 000,000,000 | ---D | C] -- C:\Program Files (X86)\Foxit Software
[2013/08/29 19:27:50 | 000,000,000 | ---D | C] -- C:\Programdata\Microsoft\Windows\Start Menu\Programs\Screenshotcaptor
[2013/08/29 19:27:47 | 000,000,000 | ---D | C] -- C:\Program Files (X86)\Screenshotcaptor
[2013/08/29 19:27:47 | 000,000,000 | ---D | C] -- C:\Programdata\Donationcoder
[2013/08/29 10:23:11 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{E360482A-3560-4474-B2F6-7367A0D8C074}
[2013/08/28 23:47:55 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Roaming\Acronis
[2013/08/28 23:45:11 | 000,000,000 | ---D | C] -- C:\Programdata\Acronis
[2013/08/28 23:43:46 | 000,000,000 | ---D | C] -- C:\Programdata\Microsoft\Windows\Start Menu\Programs\Acronis
[2013/08/28 23:42:45 | 000,000,000 | ---D | C] -- C:\Program Files (X86)\Common Files\Acronis
[2013/08/28 23:42:45 | 000,000,000 | ---D | C] -- C:\Program Files (X86)\Acronis
[2013/08/28 22:22:48 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{83757A5C-235C-4105-B2Fa-7241Bc1B6B7A}
[2013/08/28 10:22:25 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{5E47Af30-8Fe3-4378-Ad57-144Dab1F15E3}
[2013/08/27 22:22:03 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{B2D28Cbd-5Eef-4B3B-Af10-C48253Ac5Cdd}
[2013/08/27 10:26:32 | 000,000,000 | ---D | C] -- C:\Program Files\Ccleaner
[2013/08/27 10:21:41 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{4F04Fcfe-Df74-45A6-9211-F25C7Bac9B95}
[2013/08/27 09:11:41 | 000,000,000 | ---D | C] -- C:\Programdata\Vs Revo Group
[2013/08/26 22:21:17 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{7C12Ad38-F6Ad-440D-Ad04-07B7Cec60611}
[2013/08/26 10:21:04 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{7323Cd84-392F-4A17-B626-7De5418A4295}
[2013/08/25 22:20:41 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{4505Fa1B-6F01-4372-8643-27C60006E95F}
[2013/08/25 10:20:20 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{36F503Ee-5A66-4Dc2-88Cf-48609115Fbd0}
[2013/08/24 22:19:45 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{45F05Db2-E47B-4581-B719-1A74D4Fd0Feb}
[2013/08/24 21:56:18 | 000,000,000 | ---D | C] -- C:\Program Files\Epson
[2013/08/24 10:19:22 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{8Ea47Bec-8F87-448C-A943-A462F211801E}
[2013/08/23 22:19:00 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{E4C67811-3573-4A0A-A751-0609Da851Db1}
[2013/08/23 10:18:25 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{A6195915-38C9-4C92-B30C-81Fe3Cd5Cc11}
[2013/08/22 22:17:49 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{2290Bb01-5Ad3-41B9-9B53-F00100Dbe756}
[2013/08/22 10:17:14 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{B1662E42-A370-4D52-B1E0-A8C8B8C81C95}
[2013/08/22 04:45:34 | 000,000,000 | ---D | C] -- C:\Programdata\Microsoft\Windows\Start Menu\Programs\Easeus Partition Master 9.2.2
[2013/08/21 22:16:39 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{4D5Cb68A-6898-4E64-Be24-277B68A0Cf70}
[2013/08/21 16:14:35 | 000,000,000 | ---D | C] -- C:\Program Files (X86)\Easeus
[2013/08/21 14:58:41 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Roaming\Leadertech
[2013/08/21 14:25:21 | 000,000,000 | ---D | C] -- C:\Programdata\Logishrd
[2013/08/21 14:25:19 | 000,000,000 | ---D | C] -- C:\Programdata\Microsoft\Windows\Start Menu\Programs\Logitech
[2013/08/21 14:24:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Logishrd
[2013/08/21 10:16:02 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{Fb704710-43F8-444D-A50C-C32Dd973Eb2D}
[2013/08/20 22:15:41 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{81Cb6196-Bff6-43B4-B571-26827C3D5151}
[2013/08/20 10:15:04 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{03Aabcc5-7Df9-4D9C-Bb8D-9D6Bbf8E9Bb7}
[2013/08/19 22:14:52 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{C46Fd129-E24A-45Bc-B50C-D5B177Ad22D5}
[2013/08/19 10:14:28 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{38701Cef-E714-4540-8838-Fb4A43Ed191D}
[2013/08/18 22:14:05 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{41Ac8C81-F10F-48Dc-B14F-F40Bdfc1Be1B}
[2013/08/18 10:13:42 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{8F671648-0Dfc-4Deb-933E-7Baa5283Fa42}
[2013/08/17 22:13:18 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{C15B5Ec4-A8Bd-4225-8D4F-F0562B26F728}
[2013/08/17 16:38:18 | 000,000,000 | ---D | C] -- C:\Users\Mike\Desktop\Malware Removal Tools
[2013/08/17 10:12:55 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{1878519C-B229-486E-937A-B64496A6F2D6}
[2013/08/17 02:49:17 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{6864D03A-Ab6D-45B2-Bcbd-5Dc326B62E22}
[2013/08/17 00:38:29 | 000,000,000 | ---D | C] -- C:\Programdata\Microsoft\Windows\Start Menu\Programs\Speccy
[2013/08/17 00:36:01 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Roaming\Nitro Pdf
[2013/08/16 21:35:53 | 000,000,000 | ---D | C] -- C:\Users\Mike\Desktop\Setting Up A Win7_Win8 Dual-Boot System_Files
[2013/08/16 19:33:17 | 000,000,000 | ---D | C] -- C:\Programdata\Genie9
[2013/08/16 14:48:55 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{073A427D-8871-4D86-8D43-F4Cad8C78Ad1}
[2013/08/16 02:48:31 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{B10D7582-Fb6C-42Ea-A577-4650Afa3D82E}
[2013/08/15 14:48:08 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{2Dbe479C-6642-4107-A7C2-35Aafb66D792}
[2013/08/15 03:06:13 | 000,000,000 | ---D | C] -- C:\Windows\Sysnative\Mrt
[2013/08/15 02:47:32 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{Fcba86Cb-3C22-4F21-9E95-Bd1Aadbf81Aa}

========== Files - Modified Within 30 Days ==========

[2013/09/13 16:52:02 | 000,000,830 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.Job
[2013/09/13 16:35:01 | 000,000,894 | ---- | M] () -- C:\Windows\Tasks\Googleupdatetaskmachineua.Job
[2013/09/13 14:35:01 | 000,000,890 | ---- | M] () -- C:\Windows\Tasks\Googleupdatetaskmachinecore.Job
[2013/09/13 12:30:38 | 000,020,496 | -H-- | M] () -- C:\Windows\Sysnative\7B296Fb0-376B-497E-B012-9C450E1B7327-5P-1.C7483456-A289-439D-8115-601632D005A0
[2013/09/13 12:30:38 | 000,020,496 | -H-- | M] () -- C:\Windows\Sysnative\7B296Fb0-376B-497E-B012-9C450E1B7327-5P-0.C7483456-A289-439D-8115-601632D005A0
[2013/09/13 12:22:26 | 000,067,584 | --S- | M] () -- C:\Windows\Bootstat.Dat
[2013/09/13 12:22:17 | 2095,308,799 | -Hs- | M] () -- C:\Hiberfil.Sys
[2013/09/13 10:30:37 | 000,004,727 | ---- | M] () -- C:\Users\Mike\Desktop\Everything.Ini
[2013/09/13 09:36:01 | 000,000,508 | ---- | M] () -- C:\Windows\Tasks\Superantispyware Scheduled Task D70E1027-9250-4D73-Bc0D-64B2D1Fc2341.Job
[2013/09/13 08:51:28 | 000,001,581 | ---- | M] () -- C:\Users\Mike\Desktop\System Ninja.Exe - Shortcut.Lnk
[2013/09/13 08:30:07 | 002,220,841 | ---- | M] () -- C:\Users\Mike\Desktop\Everything.Db
[2013/09/13 08:24:59 | 000,001,721 | ---- | M] () -- C:\Users\Mike\Desktop\Reminder.Exe - Shortcut.Lnk
[2013/09/13 06:17:12 | 000,001,458 | ---- | M] () -- C:\Users\Mike\Desktop\Windows Live Mail.Lnk
[2013/09/13 02:00:01 | 000,000,508 | ---- | M] () -- C:\Windows\Tasks\Superantispyware Scheduled Task 3Be760De-62Ce-40A4-9Dc2-469De9D183Ef.Job
[2013/09/13 00:20:42 | 000,001,674 | ---- | M] () -- C:\Windows\Sandboxie.Ini
[2013/09/12 17:37:51 | 000,000,866 | ---- | M] () -- C:\Windows\Syswow64\Installutil.Installlog
[2013/09/12 13:56:32 | 000,436,432 | ---- | M] () -- C:\Windows\Sysnative\Fntcache.Dat
[2013/09/12 13:08:41 | 000,001,922 | ---- | M] () -- C:\Users\Public\Desktop\Avast! Pro Antivirus.Lnk
[2013/09/12 13:08:32 | 000,000,000 | ---- | M] () -- C:\Windows\Syswow64\Config.Nt
[2013/09/10 23:05:56 | 000,000,000 | -H-- | M] () -- C:\Users\Mike\Documents\Default.Rdp
[2013/09/10 13:44:12 | 000,007,334 | ---- | M] () -- C:\Users\Mike\Desktop\New Opendocument Text.Odt
[2013/09/10 11:07:59 | 000,017,149 | ---- | M] () -- C:\Users\Mike\Desktop\Emoticons.Htm
[2013/09/10 06:56:55 | 000,001,476 | ---- | M] () -- C:\Users\Mike\Desktop\Power-Notes.Lnk
[2013/09/09 13:55:41 | 000,001,167 | ---- | M] () -- C:\Users\Public\Desktop\Restore Point Creator.Lnk
[2013/09/09 12:52:09 | 000,001,042 | ---- | M] () -- C:\Users\Mike\Desktop\Folder Size.Lnk
[2013/09/09 06:53:10 | 000,003,029 | ---- | M] () -- C:\Users\Mike\Desktop\Microsoft Outlook 2010.Lnk
[2013/09/09 00:14:27 | 000,001,135 | ---- | M] () -- C:\Users\Mike\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.Lnk
[2013/09/09 00:02:26 | 000,734,810 | ---- | M] () -- C:\Windows\Syswow64\Perfstringbackup.Ini
[2013/09/09 00:02:26 | 000,630,928 | ---- | M] () -- C:\Windows\Sysnative\Perfh009.Dat
[2013/09/09 00:02:26 | 000,111,052 | ---- | M] () -- C:\Windows\Sysnative\Perfc009.Dat
[2013/09/08 15:01:10 | 000,001,166 | ---- | M] () -- C:\Users\Public\Desktop\Teamviewer 7.Lnk
[2013/09/08 10:34:49 | 000,033,193 | ---- | M] () -- C:\Users\Mike\Appdata\Roaming\Usertile.Png
[2013/09/08 10:12:56 | 000,078,915 | ---- | M] () -- C:\Users\Mike\Desktop\X86B4New Win7.Png
[2013/09/07 22:03:10 | 000,000,020 | ---- | M] () -- C:\Windows\Äød
[2013/09/02 14:16:51 | 000,000,858 | ---- | M] () -- C:\Users\Public\Desktop\Print Cd.Lnk
[2013/08/30 07:49:47 | 000,001,002 | ---- | M] () -- C:\Users\Mike\Desktop\Sandboxed Web Browser.Lnk
[2013/08/30 07:49:47 | 000,000,866 | ---- | M] () -- C:\Users\Public\Desktop\Ccleaner Pro.Lnk
[2013/08/30 07:49:47 | 000,000,840 | ---- | M] () -- C:\Users\Public\Desktop\Speccy.Lnk
[2013/08/30 07:49:46 | 000,001,852 | ---- | M] () -- C:\Users\Public\Desktop\Super Antispyware Pro.Lnk
[2013/08/30 07:49:46 | 000,001,458 | ---- | M] () -- C:\Users\Mike\Desktop\Epm_Winpe - Shortcut.Lnk
[2013/08/29 23:41:28 | 000,000,058 | ---- | M] () -- C:\Windows\Syswow64\Donationcoder_Screenshotcaptor_Installinfo.Dat
[2013/08/29 23:41:28 | 000,000,058 | ---- | M] () -- C:\Users\Mike\Appdata\Local\Donationcoder_Screenshotcaptor_Installinfo.Dat
[2013/08/29 21:19:08 | 000,002,054 | ---- | M] () -- C:\Users\Public\Desktop\Foxit Reader.Lnk
[2013/08/29 19:27:50 | 000,001,107 | ---- | M] () -- C:\Users\Mike\Desktop\Screenshot Captor.Lnk
[2013/08/28 23:43:48 | 000,001,205 | ---- | M] () -- C:\Users\Public\Desktop\Acronis True Image 2014.Lnk
[2013/08/27 09:20:17 | 000,001,121 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.Lnk
[2013/08/25 01:18:08 | 000,000,910 | ---- | M] () -- C:\Users\Mike\Desktop\Trusteer - Shortcut.Lnk
[2013/08/25 01:12:30 | 000,000,938 | ---- | M] () -- C:\Users\Mike\Desktop\Keyscrambler - Shortcut.Lnk
[2013/08/22 04:45:34 | 000,001,395 | ---- | M] () -- C:\Users\Public\Desktop\Easeus Partition Master 9.2.2.Lnk
[2013/08/21 14:58:13 | 000,726,316 | ---- | M] () -- C:\Windows\Sysnative\Perfstringbackup.Ini
[2013/08/21 14:23:59 | 000,001,191 | ---- | M] () -- C:\Users\Mike\Desktop\Downloads.Lnk
[2013/08/20 15:54:08 | 000,001,132 | ---- | M] () -- C:\Users\Mike\Documents\Thingstodo.Rtf
[2013/08/19 16:21:43 | 000,003,218 | ---- | M] () -- C:\Users\Mike\Desktop\Avastlicense_16265891.Avastlic
[2013/08/17 16:38:22 | 000,047,977 | ---- | M] () -- C:\Users\Mike\Desktop\Malware Removal Tools .Htm
[2013/08/17 16:36:35 | 000,042,275 | ---- | M] () -- C:\Users\Mike\Desktop\Setting Up A Win7_Win8 Dual-Boot System.Htm
[2013/08/17 10:32:30 | 000,002,019 | ---- | M] () -- C:\Users\Mike\Desktop\Things Todo.Lnk
[2013/08/15 22:47:41 | 000,008,716 | ---- | M] () -- C:\Users\Mike\Documents\Fluid Flow.Rtf

========== Files Created - No Company Name ==========

[2013/09/13 10:30:37 | 000,004,727 | ---- | C] () -- C:\Users\Mike\Desktop\Everything.Ini
[2013/09/13 08:51:28 | 000,001,581 | ---- | C] () -- C:\Users\Mike\Desktop\System Ninja.Exe - Shortcut.Lnk
[2013/09/13 08:30:04 | 002,220,841 | ---- | C] () -- C:\Users\Mike\Desktop\Everything.Db
[2013/09/13 08:24:59 | 000,001,721 | ---- | C] () -- C:\Users\Mike\Desktop\Reminder.Exe - Shortcut.Lnk
[2013/09/13 06:17:12 | 000,001,458 | ---- | C] () -- C:\Users\Mike\Desktop\Windows Live Mail.Lnk
[2013/09/12 19:48:35 | 000,001,458 | ---- | C] () -- C:\Programdata\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.Lnk
[2013/09/10 23:05:56 | 000,000,000 | -H-- | C] () -- C:\Users\Mike\Documents\Default.Rdp
[2013/09/10 13:44:12 | 000,007,334 | ---- | C] () -- C:\Users\Mike\Desktop\New Opendocument Text.Odt
[2013/09/10 11:07:56 | 000,017,149 | ---- | C] () -- C:\Users\Mike\Desktop\Emoticons.Htm
[2013/09/10 06:56:55 | 000,001,476 | ---- | C] () -- C:\Users\Mike\Desktop\Power-Notes.Lnk
[2013/09/09 14:50:10 | 000,000,866 | ---- | C] () -- C:\Windows\Syswow64\Installutil.Installlog
[2013/09/09 13:55:41 | 000,001,167 | ---- | C] () -- C:\Users\Public\Desktop\Restore Point Creator.Lnk
[2013/09/09 12:52:09 | 000,001,042 | ---- | C] () -- C:\Users\Mike\Desktop\Folder Size.Lnk
[2013/09/09 06:53:10 | 000,003,029 | ---- | C] () -- C:\Users\Mike\Desktop\Microsoft Outlook 2010.Lnk
[2013/09/09 00:14:27 | 000,001,135 | ---- | C] () -- C:\Users\Mike\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.Lnk
[2013/09/09 00:02:26 | 000,734,810 | ---- | C] () -- C:\Windows\Syswow64\Perfstringbackup.Ini
[2013/09/08 15:01:11 | 000,001,178 | ---- | C] () -- C:\Programdata\Microsoft\Windows\Start Menu\Programs\Teamviewer 7.Lnk
[2013/09/08 15:01:10 | 000,001,166 | ---- | C] () -- C:\Users\Public\Desktop\Teamviewer 7.Lnk
[2013/09/08 10:34:49 | 000,033,193 | ---- | C] () -- C:\Users\Mike\Appdata\Roaming\Usertile.Png
[2013/09/08 10:12:55 | 000,078,915 | ---- | C] () -- C:\Users\Mike\Desktop\X86B4New Win7.Png
[2013/09/07 22:03:09 | 000,000,020 | ---- | C] () -- C:\Windows\Äød
[2013/09/02 14:16:51 | 000,000,858 | ---- | C] () -- C:\Users\Public\Desktop\Print Cd.Lnk
[2013/09/02 14:10:25 | 000,000,097 | ---- | C] () -- C:\Windows\Syswow64\Picsdk.Ini
[2013/09/02 14:10:24 | 000,073,220 | ---- | C] () -- C:\Windows\Syswow64\Eppicprinterdb.Dat
[2013/09/02 14:10:24 | 000,031,053 | ---- | C] () -- C:\Windows\Syswow64\Eppicpattern131.Dat
[2013/09/02 14:10:24 | 000,029,114 | ---- | C] () -- C:\Windows\Syswow64\Eppicpattern1.Dat
[2013/09/02 14:10:24 | 000,027,417 | ---- | C] () -- C:\Windows\Syswow64\Eppicpattern121.Dat
[2013/09/02 14:10:24 | 000,021,021 | ---- | C] () -- C:\Windows\Syswow64\Eppicpattern3.Dat
[2013/09/02 14:10:24 | 000,015,670 | ---- | C] () -- C:\Windows\Syswow64\Eppicpattern5.Dat
[2013/09/02 14:10:24 | 000,013,280 | ---- | C] () -- C:\Windows\Syswow64\Eppicpattern2.Dat
[2013/09/02 14:10:24 | 000,010,673 | ---- | C] () -- C:\Windows\Syswow64\Eppicpattern4.Dat
[2013/09/02 14:10:24 | 000,004,943 | ---- | C] () -- C:\Windows\Syswow64\Eppicpattern6.Dat
[2013/09/02 14:10:24 | 000,001,140 | ---- | C] () -- C:\Windows\Syswow64\Eppicpresetdata_Pt.Dat
[2013/09/02 14:10:24 | 000,001,140 | ---- | C] () -- C:\Windows\Syswow64\Eppicpresetdata_Bp.Dat
[2013/09/02 14:10:24 | 000,001,137 | ---- | C] () -- C:\Windows\Syswow64\Eppicpresetdata_Es.Dat
[2013/09/02 14:10:24 | 000,001,130 | ---- | C] () -- C:\Windows\Syswow64\Eppicpresetdata_Fr.Dat
[2013/09/02 14:10:24 | 000,001,130 | ---- | C] () -- C:\Windows\Syswow64\Eppicpresetdata_Cf.Dat
[2013/09/02 14:10:24 | 000,001,104 | ---- | C] () -- C:\Windows\Syswow64\Eppicpresetdata_En.Dat
[2013/09/02 14:10:23 | 000,012,669 | ---- | C] () -- C:\Windows\Syswow64\Eppiclocal_En.Cfg
[2013/09/02 14:10:23 | 000,006,478 | ---- | C] () -- C:\Windows\Syswow64\Eppiclocal_Pt.Cfg
[2013/09/02 14:10:23 | 000,006,478 | ---- | C] () -- C:\Windows\Syswow64\Eppiclocal_Bp.Cfg
[2013/09/02 14:10:23 | 000,006,366 | ---- | C] () -- C:\Windows\Syswow64\Eppiclocal_Fr.Cfg
[2013/09/02 14:10:23 | 000,006,366 | ---- | C] () -- C:\Windows\Syswow64\Eppiclocal_Cf.Cfg
[2013/09/02 14:10:23 | 000,006,226 | ---- | C] () -- C:\Windows\Syswow64\Eppiclocal_Es.Cfg
[2013/08/30 08:26:58 | 160,223,232 | ---- | C] () -- C:\Users\Mike\Desktop\Easeus_Partition_Master_Image.Iso
[2013/08/29 23:41:28 | 000,000,058 | ---- | C] () -- C:\Windows\Syswow64\Donationcoder_Screenshotcaptor_Installinfo.Dat
[2013/08/29 23:41:28 | 000,000,058 | ---- | C] () -- C:\Users\Mike\Appdata\Local\Donationcoder_Screenshotcaptor_Installinfo.Dat
[2013/08/29 21:19:08 | 000,002,054 | ---- | C] () -- C:\Users\Public\Desktop\Foxit Reader.Lnk
[2013/08/29 21:19:07 | 000,216,064 | ---- | C] () -- C:\Windows\Syswow64\Gcapi_Dll.Dll
[2013/08/29 19:27:50 | 000,001,107 | ---- | C] () -- C:\Users\Mike\Desktop\Screenshot Captor.Lnk
[2013/08/28 23:43:48 | 000,001,205 | ---- | C] () -- C:\Users\Public\Desktop\Acronis True Image 2014.Lnk
[2013/08/25 01:18:08 | 000,000,910 | ---- | C] () -- C:\Users\Mike\Desktop\Trusteer - Shortcut.Lnk
[2013/08/25 01:12:30 | 000,000,938 | ---- | C] () -- C:\Users\Mike\Desktop\Keyscrambler - Shortcut.Lnk
[2013/08/22 04:45:34 | 000,001,395 | ---- | C] () -- C:\Users\Public\Desktop\Easeus Partition Master 9.2.2.Lnk
[2013/08/22 04:45:19 | 000,016,256 | ---- | C] () -- C:\Windows\Sysnative\Euepmgdi.Dll
[2013/08/22 04:45:18 | 003,376,640 | ---- | C] () -- C:\Windows\Sysnative\Bootman.Exe
[2013/08/22 04:45:18 | 002,498,216 | ---- | C] () -- C:\Windows\Syswow64\Bootman.Exe
[2013/08/22 04:45:18 | 000,100,936 | ---- | C] () -- C:\Windows\Sysnative\Setupempdrvx64.Exe
[2013/08/22 04:45:18 | 000,087,112 | ---- | C] () -- C:\Windows\Syswow64\Setupempdrv03.Exe
[2013/08/22 04:45:18 | 000,019,840 | ---- | C] () -- C:\Windows\Syswow64\Euepmgdi.Dll
[2013/08/22 04:45:18 | 000,017,480 | ---- | C] () -- C:\Windows\Sysnative\Epmntdrv.Sys
[2013/08/22 04:45:18 | 000,009,800 | ---- | C] () -- C:\Windows\Sysnative\Eugdidrv.Sys
[2013/08/22 04:45:17 | 000,013,896 | ---- | C] () -- C:\Windows\Syswow64\Epmntdrv.Sys
[2013/08/22 04:45:17 | 000,009,160 | ---- | C] () -- C:\Windows\Syswow64\Eugdidrv.Sys
[2013/08/22 03:47:19 | 000,001,458 | ---- | C] () -- C:\Users\Mike\Desktop\Epm_Winpe - Shortcut.Lnk
[2013/08/19 16:21:42 | 000,003,218 | ---- | C] () -- C:\Users\Mike\Desktop\Avastlicense_16265891.Avastlic
[2013/08/17 16:38:17 | 000,047,977 | ---- | C] () -- C:\Users\Mike\Desktop\Malware Removal Tools .Htm
[2013/08/17 10:32:30 | 000,002,019 | ---- | C] () -- C:\Users\Mike\Desktop\Things Todo.Lnk
[2013/08/16 21:35:52 | 000,042,275 | ---- | C] () -- C:\Users\Mike\Desktop\Setting Up A Win7_Win8 Dual-Boot System.Htm
[2013/05/28 16:29:19 | 000,007,636 | ---- | C] () -- C:\Users\Mike\Appdata\Local\Resmon.Resmoncfg
[2012/12/21 03:11:12 | 000,001,674 | ---- | C] () -- C:\Windows\Sandboxie.Ini
[2012/12/05 21:05:32 | 000,000,162 | ---- | C] () -- C:\Windows\Reimage.Ini
[2012/11/04 07:42:54 | 000,000,193 | ---- | C] () -- C:\Windows\Wordpad.Ini

========== Zeroaccess Check ==========

[2012/07/14 19:11:12 | 000,000,596 | ---- | M] () -- C:\Users\Mike\Appdata\Roaming\Mozilla\Firefox\Profiles\8Pslopri.Default\Extensions\{Ada4B710-8346-4B82-8199-5De2B400A6Ae}\Defaults\Printing\Icons\@.Png
[2009/07/14 05:55:00 | 000,000,227 | Rhs- | M] () -- C:\Windows\Assembly\Desktop.Ini

[Hkey_Current_User\Software\Classes\Clsid\{42Aedc87-2188-41Fd-B9A3-0C966Feabec1}\Inprocserver32] /64

[Hkey_Current_User\Software\Classes\Wow6432Node\Clsid\{42Aedc87-2188-41Fd-B9A3-0C966Feabec1}\Inprocserver32]

[Hkey_Current_User\Software\Classes\Clsid\{Fbeb8A05-Beee-4442-804E-409D6C4515E9}\Inprocserver32] /64

[Hkey_Current_User\Software\Classes\Wow6432Node\Clsid\{Fbeb8A05-Beee-4442-804E-409D6C4515E9}\Inprocserver32]

[Hkey_Local_Machine\Software\Classes\Clsid\{42Aedc87-2188-41Fd-B9A3-0C966Feabec1}\Inprocserver32] /64
"" = C:\Windows\Sysnative\Shell32.Dll -- [2013/07/26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"Threadingmodel" = Apartment

[Hkey_Local_Machine\Software\Wow6432Node\Classes\Clsid\{42Aedc87-2188-41Fd-B9A3-0C966Feabec1}\Inprocserver32]
"" = %Systemroot%\System32\Shell32.Dll -- [2013/07/26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"Threadingmodel" = Apartment

[Hkey_Local_Machine\Software\Classes\Clsid\{5839Fca9-774D-42A1-Acda-D6A79037F57F}\Inprocserver32] /64
"" = C:\Windows\Sysnative\Wbem\Fastprox.Dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"Threadingmodel" = Free

[Hkey_Local_Machine\Software\Wow6432Node\Classes\Clsid\{5839Fca9-774D-42A1-Acda-D6A79037F57F}\Inprocserver32]
"" = %Systemroot%\System32\Wbem\Fastprox.Dll -- [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"Threadingmodel" = Free

[Hkey_Local_Machine\Software\Classes\Clsid\{F3130Cdb-Aa52-4C3A-Ab32-85Ffc23Af9C1}\Inprocserver32] /64
"" = C:\Windows\Sysnative\Wbem\Wbemess.Dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"Threadingmodel" = Both

[Hkey_Local_Machine\Software\Wow6432Node\Classes\Clsid\{F3130Cdb-Aa52-4C3A-Ab32-85Ffc23Af9C1}\Inprocserver32]

========== Lop Check ==========

[2013/09/04 19:33:53 | 000,000,000 | ---D | M] -- C:\Users\Mike\Appdata\Roaming\3M
[2013/08/28 23:47:55 | 000,000,000 | ---D | M] -- C:\Users\Mike\Appdata\Roaming\Acronis
[2013/05/23 16:02:15 | 000,000,000 | ---D | M] -- C:\Users\Mike\Appdata\Roaming\Avg
[2013/08/29 23:41:28 | 000,000,000 | ---D | M] -- C:\Users\Mike\Appdata\Roaming\Donationcoder
[2013/05/12 00:02:12 | 000,000,000 | ---D | M] -- C:\Users\Mike\Appdata\Roaming\Downloaded Installations
[2013/09/04 21:02:41 | 000,000,000 | ---D | M] -- C:\Users\Mike\Appdata\Roaming\Epson
[2013/05/12 00:05:51 | 000,000,000 | ---D | M] -- C:\Users\Mike\Appdata\Roaming\Fileopen
[2013/04/23 18:30:46 | 000,000,000 | ---D | M] -- C:\Users\Mike\Appdata\Roaming\Foxit Software
[2013/07/26 17:12:44 | 000,000,000 | ---D | M] -- C:\Users\Mike\Appdata\Roaming\Genie9
[2013/08/21 14:58:41 | 000,000,000 | ---D | M] -- C:\Users\Mike\Appdata\Roaming\Leadertech
[2013/05/12 00:24:38 | 000,000,000 | ---D | M] -- C:\Users\Mike\Appdata\Roaming\Nitro
[2013/09/06 11:10:58 | 000,000,000 | ---D | M] -- C:\Users\Mike\Appdata\Roaming\Nitro Pdf
[2013/09/11 04:06:25 | 000,000,000 | ---D | M] -- C:\Users\Mike\Appdata\Roaming\Openoffice
[2013/05/12 11:37:51 | 000,000,000 | ---D | M] -- C:\Users\Mike\Appdata\Roaming\Openoffice.Org
[2013/09/12 13:05:03 | 000,000,000 | ---D | M] -- C:\Users\Mike\Appdata\Roaming\Qfx Software
[2012/10/20 06:47:37 | 000,000,000 | ---D | M] -- C:\Users\Mike\Appdata\Roaming\Stardock
[2013/09/10 14:28:48 | 000,000,000 | ---D | M] -- C:\Users\Mike\Appdata\Roaming\Teamviewer
[2012/10/21 19:38:38 | 000,000,000 | ---D | M] -- C:\Users\Mike\Appdata\Roaming\Windows Live Writer

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 192 Bytes -> C:\Windows:Nlspreferences
@Alternate Data Stream - 137 Bytes -> C:\Programdata\Temp:0B4227B4

< End Of Report >
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP