Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

ping.exe going nuts, mbam finds nothing...


  • This topic is locked This topic is locked
2 replies to this topic

#1 marksmith14

marksmith14

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:12:44 AM

Posted 16 December 2013 - 01:33 PM

Hi all

 

I'm Mark, currently using an Acer laptop with Win 7 64 belonging to a friend.

 

I have always managed over the years to remove malware and viruses from PCs but this one has me a bit stumped!

 

I noticed the CPU at 100% and in task manager there were about 5 instances of ping.exe running.

 

I disabled my wifi and scanned with MBAM, Comodo Internet Security and TDSSkiller - none of which found anything and the cpu continued at 100%

 

I then ran Combofix as a last ditch attempt and this stopped all the ping.exe processes.

 

I rescanned with MBAM etc but still nothing found.

 

Then today had a repeat of the whole episode!

 

Here's the OTL Log - I would be really grateful if someone could take a look at it.

 

I hope I have done this right - apologies if not!

 

Thanks in advance

 

Mark

 

------------

 

OTL logfile created on: 16/12/2013 10:40:39 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Will\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
 
7.86 Gb Total Physical Memory | 2.26 Gb Available Physical Memory | 28.68% Memory free
21.32 Gb Paging File | 8.36 Gb Available in Paging File | 39.23% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 213.52 Gb Total Space | 57.52 Gb Free Space | 26.94% Space Free | Partition Type: NTFS
Drive D: | 2.79 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 7.39 Gb Total Space | 4.86 Gb Free Space | 65.77% Space Free | Partition Type: FAT32
Drive F: | 931.28 Gb Total Space | 493.89 Gb Free Space | 53.03% Space Free | Partition Type: FAT32
Drive Y: | 50.02 Gb Total Space | 8.68 Gb Free Space | 17.36% Space Free | Partition Type: NTFS
Drive Z: | 465.65 Gb Total Space | 430.94 Gb Free Space | 92.55% Space Free | Partition Type: FAT
 
Computer Name: WILL-PC | User Name: Will | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - File not found -- 
PRC - [2013/12/16 10:40:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Will\Downloads\OTL.exe
PRC - [2013/11/20 15:55:39 | 009,079,296 | ---- | M] () -- C:\Program Files (x86)\MultiBit-0.5.15\multibit.exe
PRC - [2013/10/08 06:46:47 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Program Files (x86)\Java\jre7\bin\javaw.exe
PRC - [2013/09/30 20:56:11 | 001,538,920 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\BitTorrent Sync\BTSync.exe
PRC - [2013/09/20 13:06:24 | 009,837,056 | ---- | M] (Apache Software Foundation) -- C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
PRC - [2013/09/20 13:06:24 | 009,828,864 | ---- | M] (Apache Software Foundation) -- C:\Program Files (x86)\OpenOffice 4\program\soffice.bin
PRC - [2013/09/20 13:06:24 | 000,103,936 | ---- | M] (Apache Software Foundation) -- C:\Program Files (x86)\OpenOffice 4\program\swriter.exe
PRC - [2013/09/07 08:14:38 | 000,055,624 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
PRC - [2013/06/23 18:44:42 | 001,104,384 | ---- | M] (Spotify Ltd) -- C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
PRC - [2013/05/08 21:20:01 | 000,360,024 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
PRC - [2013/02/15 15:28:54 | 000,601,976 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-Agent.exe
PRC - [2013/02/15 15:28:12 | 000,384,888 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
PRC - [2012/03/09 12:30:50 | 000,484,976 | ---- | M] () -- C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe
PRC - [2010/11/05 22:54:22 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/07/23 12:24:48 | 000,296,808 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
PRC - [2010/03/28 23:33:38 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2010/02/22 04:57:06 | 000,406,992 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
PRC - [2009/11/01 23:39:48 | 001,094,736 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2009/10/01 04:01:32 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2009/10/01 04:01:30 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2009/09/24 23:42:32 | 000,261,888 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
PRC - [2009/09/24 23:42:28 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
PRC - [2009/09/11 05:42:46 | 000,305,448 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
PRC - [2009/09/11 05:42:30 | 000,349,480 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
PRC - [2009/08/04 21:09:34 | 000,199,464 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
PRC - [2009/07/04 02:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2007/12/11 14:23:02 | 004,004,288 | ---- | M] (EverNote Corp., 710 Lakeway Dr. #290, Sunnyvale, CA 94086) -- C:\Program Files (x86)\Evernote\Evernote\EverNote.exe
PRC - [2007/03/08 18:48:16 | 001,081,344 | ---- | M] (Pantone & X-Rite) -- C:\Program Files (x86)\Pantone\hueyPRO\hueyPROTray.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013/12/04 03:54:10 | 000,399,312 | ---- | M] () -- C:\Users\Will\AppData\Local\Google\Chrome\Application\32.0.1700.41\ppgooglenaclpluginchrome.dll
MOD - [2013/12/04 03:54:09 | 013,586,896 | ---- | M] () -- C:\Users\Will\AppData\Local\Google\Chrome\Application\32.0.1700.41\PepperFlash\pepflashplayer.dll
MOD - [2013/12/04 03:54:07 | 004,054,992 | ---- | M] () -- C:\Users\Will\AppData\Local\Google\Chrome\Application\32.0.1700.41\pdf.dll
MOD - [2013/12/04 03:53:17 | 000,715,216 | ---- | M] () -- C:\Users\Will\AppData\Local\Google\Chrome\Application\32.0.1700.41\libglesv2.dll
MOD - [2013/12/04 03:53:16 | 000,099,792 | ---- | M] () -- C:\Users\Will\AppData\Local\Google\Chrome\Application\32.0.1700.41\libegl.dll
MOD - [2013/12/04 03:53:14 | 001,634,256 | ---- | M] () -- C:\Users\Will\AppData\Local\Google\Chrome\Application\32.0.1700.41\ffmpegsumo.dll
MOD - [2013/11/20 15:55:39 | 009,079,296 | ---- | M] () -- C:\Program Files (x86)\MultiBit-0.5.15\multibit.exe
MOD - [2013/11/14 18:34:23 | 000,644,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\HD-Agent\f768cff12d41654a1b38221aefa48565\HD-Agent.ni.exe
MOD - [2013/11/14 17:49:41 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll
MOD - [2013/11/14 17:49:13 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll
MOD - [2013/09/20 12:50:06 | 000,988,160 | ---- | M] () -- C:\Program Files (x86)\OpenOffice 4\program\libxml2.dll
MOD - [2013/09/17 03:54:38 | 000,303,616 | ---- | M] () -- C:\Program Files (x86)\OpenOffice 4\program\libxmlsec.dll
MOD - [2013/09/17 03:54:38 | 000,170,496 | ---- | M] () -- C:\Program Files (x86)\OpenOffice 4\program\libxslt.dll
MOD - [2013/09/17 03:54:38 | 000,136,192 | ---- | M] () -- C:\Program Files (x86)\OpenOffice 4\program\libxmlsec-mscrypto.dll
MOD - [2013/09/11 13:19:06 | 011,914,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\6ebbfafc5521934f7e1c154937a2788b\System.Web.ni.dll
MOD - [2013/08/18 21:35:38 | 000,155,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\JSON\4ba7f6b7f913674357934532e7e87ef7\JSON.ni.dll
MOD - [2013/08/18 19:43:58 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013/08/18 19:43:27 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2013/08/18 19:43:17 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013/07/11 11:10:49 | 000,220,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\de6ee26de5e4f343509de7e92ab48ba6\CustomMarshalers.ni.dll
MOD - [2013/07/11 10:30:28 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\8c20095bd7d46cdfa7933eb258a07daa\Accessibility.ni.dll
MOD - [2013/07/11 10:28:53 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2012/11/29 21:59:32 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
MOD - [2012/03/09 12:30:50 | 000,484,976 | ---- | M] () -- C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe
MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/11/05 01:57:39 | 000,069,120 | ---- | M] () -- C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
MOD - [2010/03/28 23:33:38 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
MOD - [2010/02/22 04:50:20 | 000,060,416 | ---- | M] () -- C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\zlib1.dll
MOD - [2009/02/27 20:52:56 | 000,258,048 | ---- | M] () -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\sqlite.dll
MOD - [2009/02/03 01:33:56 | 000,460,199 | ---- | M] () -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
MOD - [2009/01/18 23:50:02 | 000,417,792 | ---- | M] () -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AdobeXMP.dll
MOD - [2007/12/11 14:22:40 | 000,117,184 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\ENImaDLL.dll
MOD - [2007/11/06 16:20:48 | 000,122,880 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\ANR\9\Gate_T.dll
MOD - [2007/11/06 16:20:34 | 000,352,256 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\ANR\9\OnlMerge.dll
MOD - [2007/11/06 16:19:14 | 000,315,392 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2013/10/20 01:23:22 | 006,254,152 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV:64bit: - [2013/09/24 10:53:32 | 000,164,056 | ---- | M] (COMODO) [On_Demand | Stopped] -- C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe -- (cmdvirth)
SRV:64bit: - [2013/05/27 05:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/03/29 01:34:18 | 000,241,152 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/03/18 17:14:32 | 000,020,480 | ---- | M] (Oki Data Corporation) [Auto | Running] -- C:\Windows\SysNative\spool\drivers\x64\3\OPHQLDCS.EXE -- (OKI OPHQ DCS Loader)
SRV:64bit: - [2009/09/30 13:44:58 | 000,844,320 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2009/07/04 02:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV:64bit: - [2009/03/28 02:10:16 | 000,016,896 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
SRV:64bit: - [2008/07/17 15:37:52 | 002,549,248 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Auto | Running] -- C:\Windows\SysNative\hasplms.exe -- (hasplms)
SRV - [2013/12/12 12:50:40 | 000,226,640 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\ramaint.exe -- (LMIMaint)
SRV - [2013/12/12 12:50:14 | 000,376,144 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2013/12/11 08:03:08 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/09/12 09:41:29 | 000,381,312 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Synology Data Replicator  3\SynoDrServicex64.exe -- (SynoDrService)
SRV - [2013/09/05 10:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/08/12 15:01:24 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/02/15 15:28:12 | 000,384,888 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe -- (BstHdLogRotatorSvc)
SRV - [2013/02/15 15:27:52 | 000,393,080 | ---- | M] (BlueStack Systems, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\BlueStacks\HD-Service.exe -- (BstHdAndroidSvc)
SRV - [2012/06/08 11:06:24 | 000,407,424 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn)
SRV - [2010/11/05 22:54:22 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/07/23 12:24:48 | 000,296,808 | ---- | M] (Nuance Communications, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe -- (DragonSvc)
SRV - [2010/03/18 17:14:32 | 000,020,480 | ---- | M] (Oki Data Corporation) [Auto | Running] -- C:\Windows\system32\spool\DRIVERS\x64\3\OPHQLDCS.EXE -- (OKI OPHQ DCS Loader)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010/01/29 23:40:16 | 001,043,584 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2009/10/01 04:01:32 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009/10/01 04:01:30 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/09/24 23:42:28 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2009/09/11 05:42:46 | 000,305,448 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService)
SRV - [2009/06/10 21:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/05/31 10:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 10:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013/12/12 12:50:20 | 000,107,368 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV:64bit: - [2013/09/24 10:54:12 | 000,023,168 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\cmderd.sys -- (cmderd)
DRV:64bit: - [2013/09/09 17:46:50 | 000,055,776 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\busenum.sys -- (busenum)
DRV:64bit: - [2013/03/29 02:35:02 | 011,658,752 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2013/03/29 02:35:02 | 011,658,752 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013/03/29 01:09:44 | 000,581,120 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013/02/14 11:41:10 | 000,096,768 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2013/02/12 04:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2012/12/13 12:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/23 14:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 14:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/06/08 11:06:24 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV:64bit: - [2012/06/08 11:05:56 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lmimirr.sys -- (lmimirr)
DRV:64bit: - [2012/03/01 06:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/11/24 23:25:52 | 000,015,360 | ---- | M] (June Fabrics Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pneteth.sys -- (pneteth)
DRV:64bit: - [2011/08/01 14:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2011/07/12 16:09:20 | 000,415,744 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbnet.sys -- (ewusbnet)
DRV:64bit: - [2011/07/12 13:02:28 | 000,086,016 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV:64bit: - [2011/07/12 13:02:22 | 000,220,032 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2011/03/24 07:53:02 | 000,013,952 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)
DRV:64bit: - [2011/03/24 07:53:00 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV:64bit: - [2011/03/18 12:46:20 | 000,074,376 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
DRV:64bit: - [2011/03/18 12:46:06 | 000,085,384 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K)
DRV:64bit: - [2011/03/11 06:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 06:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 13:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/05 22:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/08/11 11:43:56 | 000,114,304 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbfake.sys -- (hwusbfake)
DRV:64bit: - [2009/11/06 20:56:06 | 001,550,848 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/10/14 18:08:34 | 000,036,760 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2009/09/18 04:12:06 | 000,292,912 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/09/17 20:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/08/13 19:20:46 | 001,209,856 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/08/06 12:43:58 | 000,320,040 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2009/07/22 22:06:26 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2009/07/14 01:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 01:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 01:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 00:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/25 02:23:24 | 000,205,472 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009/06/20 02:09:57 | 000,054,272 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E)
DRV:64bit: - [2009/06/10 20:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 20:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/06/10 20:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 20:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 20:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 20:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/04 13:57:38 | 000,129,536 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gtuhs51.sys -- (GTUHSNDISIPXP)
DRV:64bit: - [2009/06/04 13:57:38 | 000,088,576 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gtuhsbus.sys -- (GTUHSBUS)
DRV:64bit: - [2009/06/04 13:57:38 | 000,010,496 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gtuhsser.sys -- (GTUHSSER)
DRV:64bit: - [2009/06/03 03:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009/06/03 03:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009/06/03 03:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2009/05/06 00:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009/05/06 00:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2008/03/27 17:50:12 | 000,128,512 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aksfridge.sys -- (aksfridge)
DRV:64bit: - [2008/02/11 15:57:10 | 000,070,272 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aksdf.sys -- (aksdf)
DRV:64bit: - [2007/08/29 14:53:00 | 000,062,976 | ---- | M] (Frontier Design Group, LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\US122Wdmx64.sys -- (US122WdmService)
DRV:64bit: - [2007/08/29 14:52:46 | 000,020,224 | ---- | M] (Frontier Design Group) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\US122DLx64.sys -- (US122DL)
DRV:64bit: - [2007/08/29 14:52:36 | 000,200,320 | ---- | M] (Frontier Design Group, LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\US122x64.sys -- (US122)
DRV:64bit: - [2007/08/06 13:32:42 | 000,314,880 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hardlock.sys -- (Hardlock)
DRV - [2013/05/28 22:03:01 | 000,016,056 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys -- (LMIInfo)
DRV - [2013/02/15 15:28:06 | 000,071,032 | ---- | M] (BlueStack Systems) [Kernel | Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys -- (BstHdDrv)
DRV - [2009/07/14 01:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&m=aspire_5740&r=27360510h116l0418z105t45k1d240
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&m=aspire_5740&r=27360510h116l0418z105t45k1d240
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&m=aspire_5740&r=27360510h116l0418z105t45k1d240
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&m=aspire_5740&r=27360510h116l0418z105t45k1d240
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&m=aspire_5740&r=27360510h116l0418z105t45k1d240
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=18865
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.google.co.uk/firefox"
FF - prefs.js..extensions.enabledAddons: {317B5128-0B0B-49b2-B2DB-1E7560E16C74}:2.8.12
FF - prefs.js..extensions.enabledAddons: {53A03D43-5363-4669-8190-99061B2DEBA5}:1.5.5
FF - prefs.js..extensions.enabledAddons: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.2.5
FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.9
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {53A03D43-5363-4669-8190-99061B2DEBA5}:1.4.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}:6.0.27
FF - prefs.js..extensions.enabledItems: {317B5128-0B0B-49b2-B2DB-1E7560E16C74}:2.7.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@hypercosm.com/HypercosmPlayer: C:\Program Files (x86)\Hypercosm\Hypercosm Player\components\nphypercosm.dll (Hypercosm LLC)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Photosynth,version=2.0: C:\Program Files (x86)\Photosynth\npPhotosynthMozilla.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Will\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Will\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/10/14 09:55:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/10/14 09:55:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Will\AppData\Roaming\IDM\idmmzcc3
 
[2011/02/24 16:48:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Will\AppData\Roaming\Mozilla\Extensions
[2010/12/08 02:44:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Will\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2013/08/12 15:02:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Will\AppData\Roaming\Mozilla\Firefox\Profiles\itf1vas1.default\extensions
[2013/08/12 15:02:33 | 000,000,000 | ---D | M] (SeoQuake) -- C:\Users\Will\AppData\Roaming\Mozilla\Firefox\Profiles\itf1vas1.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}
[2013/08/12 15:02:34 | 000,399,504 | ---- | M] () (No name found) -- C:\Users\Will\AppData\Roaming\Mozilla\Firefox\Profiles\itf1vas1.default\extensions\{53A03D43-5363-4669-8190-99061B2DEBA5}.xpi
[2013/08/12 15:02:40 | 001,360,435 | ---- | M] () (No name found) -- C:\Users\Will\AppData\Roaming\Mozilla\Firefox\Profiles\itf1vas1.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi
[2013/08/12 15:01:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/08/12 15:01:24 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013/08/12 15:01:21 | 000,001,525 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-en-GB.xml
[2011/08/24 12:18:18 | 000,002,226 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2013/08/12 15:01:21 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/08/12 15:01:21 | 000,000,935 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\chambers-en-GB.xml
[2013/08/12 15:01:21 | 000,001,166 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-en-GB.xml
[2013/08/12 15:01:21 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
[2013/08/12 15:01:21 | 000,001,121 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-en-GB.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Will\AppData\Local\Google\Chrome\Application\32.0.1700.41\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Will\AppData\Local\Google\Chrome\Application\32.0.1700.41\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Will\AppData\Local\Google\Chrome\Application\32.0.1700.41\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Hypercosm Player (Enabled) = C:\Program Files (x86)\Hypercosm\Hypercosm Player\components\nphypercosm.dll
CHR - plugin:  (Enabled) = C:\Program Files (x86)\Photosynth\npPhotosynthMozilla.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: PDF-XChange Viewer (Enabled) = C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - Extension: Google Cache Continue Redux = C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\anijpdgcfbjmjlhodolmgcmohoogoeek\0.5_0\
CHR - Extension: YouTube = C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: DuckDuckGo for Chrome = C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao\42.5.15_0\
CHR - Extension: Google Search = C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Session Buddy = C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko\3.2.4_0\
CHR - Extension: SeoQuake Lite = C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdebajliaokjigkhnddejphjblbdhifm\1.0.9_0\
CHR - Extension: Bulk Download Images(ZIG) = C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfjhimhkjmipphnaminnnnjpnlneeplk\2013.11.11_0\
CHR - Extension: Referer Control = C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnkcfpcejkafcihlgbojoidoihckciin\0.48_0\
CHR - Extension: bitly | \u2665  your bitmarks = C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\iabeihobmhlgpkcgjiloemdbofjbdcic\2.0.94_0\
CHR - Extension: Disconnect = C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo\5.10.4_0\
CHR - Extension: Autodesk Homestyler = C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdmmkfaghgcicheaimnpffeeekheafkb\2.6_0\
CHR - Extension: Instant Image Editor = C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\kflilpkdgadcajfcafmefmndemaafcfe\1.1_1\
CHR - Extension: StayFocusd = C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.4.7_0\
CHR - Extension: NaturalReader Text to Speech = C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpffgiekkmdfnmknoollbedhaabacpgg\2.2_0\
CHR - Extension: Google Wallet = C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_1\
CHR - Extension: SEO for Chrome = C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\oangcciaeihlfmhppegpdceadpfaoclj\0.9.5_0\
CHR - Extension: LogMeIn = C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\omkjapkpkiciphacnalicgmmcelfolon\1.0.0.1037_0\
CHR - Extension: Gmail = C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2011/10/20 02:50:51 | 000,001,125 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 4tube.com
O1 - Hosts: 127.0.0.1 worldsex.com
O1 - Hosts: 127.0.0.1 pornstarbook.com
O1 - Hosts: 127.0.0.1 freeones.com
O1 - Hosts: 127.0.0.1 spankwire.com
O1 - Hosts: 127.0.0.1 xvideos.com
O1 - Hosts: 127.0.0.1 kuntfutube.com
O1 - Hosts: 127.0.0.1 eskimotube.com
O1 - Hosts: 127.0.0.1 redtube.com
O1 - Hosts: 127.0.0.1 pornotube.com
O1 - Hosts: 127.0.0.1 porntube.com
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe (COMODO)
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)
O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdcBase.exe (Microsoft Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.)
O4 - HKLM..\Run: [DNS7reminder] C:\Program Files (x86)\Nuance\NaturallySpeaking11\Ereg\Ereg.exe ()
O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [AdobeBridge]  File not found
O4 - HKCU..\Run: [BitTorrent Sync] C:\Program Files (x86)\BitTorrent Sync\BTSync.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe ()
O4 - HKCU..\Run: [Spotify Web Helper] C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll (Malwarebytes Corporation)
O4 - Startup: C:\Users\Will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BBC iPlayer Desktop.lnk =  File not found
O4 - Startup: C:\Users\Will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Will\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PdaNet Desktop.lnk = C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Download Flash with Flash &Grabber - C:\Program Files (x86)\Flash Grabber\swfgrab.dll (Easy Software)
O8 - Extra context menu item: Download Flash with Flash &Grabber - C:\Program Files (x86)\Flash Grabber\swfgrab.dll (Easy Software)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} http://www.madonion.com/virtualmark/tc/FMSI.cab (Futuremark SystemInfo)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{079E895E-A34A-44CA-AB30-B5385D4D0B79}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2277BCFC-B7C5-4699-BA2A-D1521BEFB788}: NameServer = 88.82.13.12 88.82.13.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3D1234E2-A5FF-4CBF-933E-2F5D76B2CC0D}: NameServer = 88.82.13.44 88.82.13.44
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4485FB93-C2E9-4EF8-A045-28786192D408}: NameServer = 88.82.13.12 88.82.13.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{955D0A0D-9BA4-46A2-8546-9CDD70933403}: DhcpNameServer = 192.168.0.1 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9DCCD5A8-6B95-4F9F-9B6E-3146ACDCC516}: NameServer = 88.82.13.28 88.82.13.28
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BD2C74C1-BB2F-4F10-A010-3E2E96F20325}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BD2C74C1-BB2F-4F10-A010-3E2E96F20325}: NameServer = 8.26.56.26,156.154.70.22
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/12/09 19:18:19 | 000,000,040 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{215c7f9e-ef82-11e0-84c9-00262d9a1c39}\Shell - "" = AutoRun
O33 - MountPoints2\{215c7f9e-ef82-11e0-84c9-00262d9a1c39}\Shell\AutoRun\command - "" = E:\setup_vmb_lite.exe /checkApplicationPresence
O33 - MountPoints2\{215c8089-ef82-11e0-84c9-00262d9a1c39}\Shell - "" = AutoRun
O33 - MountPoints2\{215c8089-ef82-11e0-84c9-00262d9a1c39}\Shell\AutoRun\command - "" = E:\setup_vmb_lite.exe /checkApplicationPresence
O33 - MountPoints2\{551f24c9-09e4-11e3-86c7-00262d9a1c39}\Shell - "" = AutoRun
O33 - MountPoints2\{551f24c9-09e4-11e3-86c7-00262d9a1c39}\Shell\AutoRun\command - "" = F:\SetupWi-Fi.exe
O33 - MountPoints2\{551f256b-09e4-11e3-86c7-00262d9a1c39}\Shell - "" = AutoRun
O33 - MountPoints2\{551f256b-09e4-11e3-86c7-00262d9a1c39}\Shell\AutoRun\command - "" = SetupWi-Fi.exe
O33 - MountPoints2\{57a57fe4-d552-11e0-84fa-00262d9a1c39}\Shell - "" = AutoRun
O33 - MountPoints2\{57a57fe4-d552-11e0-84fa-00262d9a1c39}\Shell\AutoRun\command - "" = E:\setup_vmb_lite.exe /checkApplicationPresence
O33 - MountPoints2\{57a5802a-d552-11e0-84fa-00262d9a1c39}\Shell - "" = AutoRun
O33 - MountPoints2\{57a5802a-d552-11e0-84fa-00262d9a1c39}\Shell\AutoRun\command - "" = E:\setup_vmb_lite.exe /checkApplicationPresence
O33 - MountPoints2\{57a58145-d552-11e0-84fa-00262d9a1c39}\Shell - "" = AutoRun
O33 - MountPoints2\{57a58145-d552-11e0-84fa-00262d9a1c39}\Shell\AutoRun\command - "" = E:\setup_vmb_lite.exe /checkApplicationPresence
O33 - MountPoints2\{57a58150-d552-11e0-84fa-00262d9a1c39}\Shell - "" = AutoRun
O33 - MountPoints2\{57a58150-d552-11e0-84fa-00262d9a1c39}\Shell\AutoRun\command - "" = E:\setup_vmb_lite.exe /checkApplicationPresence
O33 - MountPoints2\{57a5815c-d552-11e0-84fa-00262d9a1c39}\Shell - "" = AutoRun
O33 - MountPoints2\{57a5815c-d552-11e0-84fa-00262d9a1c39}\Shell\AutoRun\command - "" = E:\setup_vmb_lite.exe /checkApplicationPresence
O33 - MountPoints2\{57a5816f-d552-11e0-84fa-00262d9a1c39}\Shell - "" = AutoRun
O33 - MountPoints2\{57a5816f-d552-11e0-84fa-00262d9a1c39}\Shell\AutoRun\command - "" = E:\setup_vmb_lite.exe /checkApplicationPresence
O33 - MountPoints2\{5ea7dff4-ea92-11e0-9299-00262d9a1c39}\Shell - "" = AutoRun
O33 - MountPoints2\{5ea7dff4-ea92-11e0-9299-00262d9a1c39}\Shell\AutoRun\command - "" = E:\setup_vmb_lite.exe /checkApplicationPresence
O33 - MountPoints2\{5ea7e008-ea92-11e0-9299-00262d9a1c39}\Shell - "" = AutoRun
O33 - MountPoints2\{5ea7e008-ea92-11e0-9299-00262d9a1c39}\Shell\AutoRun\command - "" = E:\setup_vmb_lite.exe /checkApplicationPresence
O33 - MountPoints2\{66e2fef4-0e97-11e0-bbe1-00262d9a1c39}\Shell - "" = AutoRun
O33 - MountPoints2\{66e2fef4-0e97-11e0-bbe1-00262d9a1c39}\Shell\AutoRun\command - "" = H:\setup_vmb_lite.exe /checkApplicationPresence
O33 - MountPoints2\{6b3135f0-ea9c-11e0-b7c3-00262d9a1c39}\Shell - "" = AutoRun
O33 - MountPoints2\{6b3135f0-ea9c-11e0-b7c3-00262d9a1c39}\Shell\AutoRun\command - "" = E:\setup_vmb_lite.exe /checkApplicationPresence
O33 - MountPoints2\{6b313605-ea9c-11e0-b7c3-00262d9a1c39}\Shell - "" = AutoRun
O33 - MountPoints2\{6b313605-ea9c-11e0-b7c3-00262d9a1c39}\Shell\AutoRun\command - "" = E:\setup_vmb_lite.exe /checkApplicationPresence
O33 - MountPoints2\{6b31366e-ea9c-11e0-b7c3-00262d9a1c39}\Shell - "" = AutoRun
O33 - MountPoints2\{6b31366e-ea9c-11e0-b7c3-00262d9a1c39}\Shell\AutoRun\command - "" = E:\setup_vmb_lite.exe /checkApplicationPresence
O33 - MountPoints2\{6b3137c1-ea9c-11e0-b7c3-00262d9a1c39}\Shell - "" = AutoRun
O33 - MountPoints2\{6b3137c1-ea9c-11e0-b7c3-00262d9a1c39}\Shell\AutoRun\command - "" = E:\setup_vmb_lite.exe /checkApplicationPresence
O33 - MountPoints2\{6b3137e3-ea9c-11e0-b7c3-00262d9a1c39}\Shell - "" = AutoRun
O33 - MountPoints2\{6b3137e3-ea9c-11e0-b7c3-00262d9a1c39}\Shell\AutoRun\command - "" = E:\setup_vmb_lite.exe /checkApplicationPresence
O33 - MountPoints2\{6b313895-ea9c-11e0-b7c3-00262d9a1c39}\Shell - "" = AutoRun
O33 - MountPoints2\{6b313895-ea9c-11e0-b7c3-00262d9a1c39}\Shell\AutoRun\command - "" = E:\setup_vmb_lite.exe /checkApplicationPresence
O33 - MountPoints2\{6b3138b1-ea9c-11e0-b7c3-00262d9a1c39}\Shell - "" = AutoRun
O33 - MountPoints2\{6b3138b1-ea9c-11e0-b7c3-00262d9a1c39}\Shell\AutoRun\command - "" = E:\setup_vmb_lite.exe /checkApplicationPresence
O33 - MountPoints2\{6c3e1333-27a3-11e0-bcb0-00262d9a1c39}\Shell - "" = AutoRun
O33 - MountPoints2\{6c3e1333-27a3-11e0-bcb0-00262d9a1c39}\Shell\AutoRun\command - "" = E:\setup_vmb_lite.exe /checkApplicationPresence
O33 - MountPoints2\{853cdfc3-bf6f-11e1-aef1-00262d9a1c39}\Shell - "" = AutoRun
O33 - MountPoints2\{853cdfc3-bf6f-11e1-aef1-00262d9a1c39}\Shell\AutoRun\command - "" = E:\setup_vmb_lite.exe /checkApplicationPresence
O33 - MountPoints2\{89bf05fe-ff10-11df-832e-00262d9a1c39}\Shell - "" = AutoRun
O33 - MountPoints2\{89bf05fe-ff10-11df-832e-00262d9a1c39}\Shell\AutoRun\command - "" = E:\setup_vmb_lite.exe /checkApplicationPresence
O33 - MountPoints2\{89bf0620-ff10-11df-832e-00262d9a1c39}\Shell - "" = AutoRun
O33 - MountPoints2\{89bf0620-ff10-11df-832e-00262d9a1c39}\Shell\AutoRun\command - "" = F:\setup_vmb_lite.exe /checkApplicationPresence
O33 - MountPoints2\{b7a1907e-f7f2-11e0-8f61-00262d9a1c39}\Shell - "" = AutoRun
O33 - MountPoints2\{b7a1907e-f7f2-11e0-8f61-00262d9a1c39}\Shell\AutoRun\command - "" = F:\setup_vmb_lite.exe /checkApplicationPresence
O33 - MountPoints2\{b7a1923b-f7f2-11e0-8f61-001e101f8924}\Shell - "" = AutoRun
O33 - MountPoints2\{b7a1923b-f7f2-11e0-8f61-001e101f8924}\Shell\AutoRun\command - "" = F:\setup_vmb_lite.exe /checkApplicationPresence
O33 - MountPoints2\{b7a19246-f7f2-11e0-8f61-001e101f8924}\Shell - "" = AutoRun
O33 - MountPoints2\{b7a19246-f7f2-11e0-8f61-001e101f8924}\Shell\AutoRun\command - "" = E:\setup_vmb_lite.exe /checkApplicationPresence
O33 - MountPoints2\{b7a19543-f7f2-11e0-8f61-001e101f8924}\Shell - "" = AutoRun
O33 - MountPoints2\{b7a19543-f7f2-11e0-8f61-001e101f8924}\Shell\AutoRun\command - "" = E:\setup_vmb_lite.exe /checkApplicationPresence
O33 - MountPoints2\{cfef3d89-e2df-11e1-aef1-00262d9a1c39}\Shell - "" = AutoRun
O33 - MountPoints2\{cfef3d89-e2df-11e1-aef1-00262d9a1c39}\Shell\AutoRun\command - "" = F:\setup_vmb_lite.exe /checkApplicationPresence
O33 - MountPoints2\{dae855e6-28c8-11e2-ba48-00262d9a1c39}\Shell - "" = AutoRun
O33 - MountPoints2\{dae855e6-28c8-11e2-ba48-00262d9a1c39}\Shell\AutoRun\command - "" = F:\SetupWi-Fi.exe
O33 - MountPoints2\{ff984c2a-ea74-11e0-bf1d-00262d9a1c39}\Shell - "" = AutoRun
O33 - MountPoints2\{ff984c2a-ea74-11e0-bf1d-00262d9a1c39}\Shell\AutoRun\command - "" = E:\setup_vmb_lite.exe /checkApplicationPresence
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\setup_vmb_lite.exe /checkApplicationPresence
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\setup_vmb_lite.exe /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/12/16 10:36:56 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{794AC3C8-5232-47A4-BD3E-DBBEE7B17A7C}
[2013/12/16 02:50:50 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/12/16 02:49:58 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2013/12/15 22:36:28 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{00D15D0C-90B0-4290-9344-00842C63F48A}
[2013/12/15 18:30:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited
[2013/12/15 18:30:19 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Roaming\Canneverbe Limited
[2013/12/15 18:30:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CDBurnerXP
[2013/12/15 17:34:44 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\LogMeIn Client
[2013/12/15 10:36:14 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{5713C491-2BA6-40EC-BD27-25ADA56E86A4}
[2013/12/14 22:35:52 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{4B62CC77-38D6-4C88-A30D-AB70A3CB7B10}
[2013/12/14 10:35:41 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{607B72C0-6202-4669-958E-C02567E89CEE}
[2013/12/13 22:35:25 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{CA98F376-DC1E-40DE-8AEA-5155E6ECA607}
[2013/12/13 10:35:14 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{5E06274F-23F5-461F-9D9A-4661F1ABAFEE}
[2013/12/12 22:34:52 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{D7F4B7B0-C11F-4ACF-8DAD-A41DD065BE2E}
[2013/12/12 10:34:31 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{FA124F69-D65C-4266-B730-2F5D11BFA569}
[2013/12/11 22:34:16 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{5FE0E712-F330-4866-865A-89D427D2F36A}
[2013/12/11 12:38:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2013/12/11 10:33:54 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{D739B43F-071C-422E-909E-D3662D4B7201}
[2013/12/10 22:33:32 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{812BCD6B-6E51-4B13-96AC-CA8978B713EA}
[2013/12/10 10:33:09 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{8CCB955F-1DE6-4684-9415-1CE43EE4C3B1}
[2013/12/09 22:32:52 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{FDB55095-56F7-4437-AD17-FF5B168243E4}
[2013/12/09 18:42:47 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Roaming\Audacity
[2013/12/09 18:42:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audacity
[2013/12/09 10:13:00 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{00B187B5-57B4-448E-B752-22678E3D4A5A}
[2013/12/09 00:01:29 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Roaming\MultiBit
[2013/12/09 00:00:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MultiBit-0.5.15
[2013/12/09 00:00:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MultiBit
[2013/12/08 23:46:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GPU Temp
[2013/12/08 23:46:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GPU Temp
[2013/12/08 22:12:57 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{C264E95E-0DC3-4739-8BB8-E57360471A17}
[2013/12/08 10:12:35 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{A8E7DD37-9610-4C8A-8D1E-C830E093FDA2}
[2013/12/07 22:12:12 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{1854229D-3F1F-441D-9081-FEAA897C6F6B}
[2013/12/07 10:12:00 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{7258A17E-BE47-408A-A248-8F97F2736B42}
[2013/12/06 22:11:46 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{E7513F06-12D1-49F3-965B-92F5FC9EE14A}
[2013/12/06 19:02:33 | 000,000,000 | ---D | C] -- C:\Users\Will\Documents\J Comp
[2013/12/06 10:11:24 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{2BBC67F1-6E1C-4AE2-A407-65AA3F16249A}
[2013/12/05 22:11:10 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{96CACB8B-6BBC-4FDF-B923-0AB1152EF6E3}
[2013/12/05 17:21:04 | 000,000,000 | ---D | C] -- C:\Users\Will\Documents\Making Waves Installer and samples
[2013/12/05 15:25:35 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Acer
[2013/12/05 10:10:55 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{68810131-D2B0-44A0-BE40-AB3F60308F18}
[2013/12/04 22:10:33 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{FA64D4D8-243C-4D3C-AFC8-EC4470F2E900}
[2013/12/04 10:09:11 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{BA0D7B35-0EF4-474B-BFE5-369CEB507ABE}
[2013/12/03 22:08:56 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{ED6527B5-B17B-4759-B65D-F21B122C51C5}
[2013/12/03 10:08:39 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{EFDB55E5-657B-455C-B465-E3311D5AD582}
[2013/12/02 22:08:25 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{2527F729-E2A1-46A3-9D91-2A7F26BBDC93}
[2013/12/02 10:08:10 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{EF61DB96-1516-4B2B-BF3A-F074DBBCCA87}
[2013/12/01 22:07:54 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{EA772FE0-5620-4E05-B32D-E2F58B5F4B76}
[2013/12/01 10:07:32 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{0FD8358A-362C-4140-96D6-D403529A26D5}
[2013/11/30 22:07:12 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{80E31E02-C2F5-45FB-80EC-CD7536BBEA33}
[2013/11/30 10:07:03 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{2A864870-6DB2-4A61-91E3-CE0E06298FBD}
[2013/11/29 22:06:33 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{D809CE3C-53E5-4B57-B4C7-5A35B32E6079}
[2013/11/29 14:01:32 | 000,000,000 | ---D | C] -- C:\Users\Will\Documents\Customer Projects 2014
[2013/11/29 12:49:23 | 000,000,000 | -H-D | C] -- C:\VTRoot
[2013/11/29 10:05:58 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{E6F3F4E2-046A-4785-A16E-0C27D9135D76}
[2013/11/28 13:06:03 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{4D157C24-2397-4974-AFEC-12B4D896FE0B}
[2013/11/28 01:05:38 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{70654EAC-6008-437E-9CF9-BCF43F9B13BA}
[2013/11/27 17:36:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
[2013/11/27 17:35:53 | 000,000,000 | --SD | C] -- C:\ProgramData\Shared Space
[2013/11/27 17:35:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo
[2013/11/27 13:04:14 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{5FD06F6A-7888-4C57-99EA-43B8E834A734}
[2013/11/27 01:03:59 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{A5B15179-833D-44E7-8A33-7E8DE93897C7}
[2013/11/26 21:26:34 | 000,208,216 | ---- | C] (Kaspersky Lab, GERT) -- C:\Windows\SysNative\drivers\86177052.sys
[2013/11/26 13:03:37 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{C8202C9E-1F02-48D3-BA53-D6F667B33211}
[2013/11/26 01:03:15 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{274B45CC-349C-4DAA-AE0F-7C6BEA4D9D96}
[2013/11/25 13:03:03 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{9620507B-CFD7-4323-AF1E-C6D7BF9E30D3}
[2013/11/25 01:02:40 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{90EFB6E9-F713-4674-80C8-535B68E432D3}
[2013/11/24 13:02:18 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{8CEF65A2-6F13-4A1E-A9CB-735D2080CA36}
[2013/11/24 01:02:14 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{2FDB5E31-0EF4-42FC-BBBA-999BE00F44C6}
[2013/11/23 13:02:00 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{91B2EFDB-9198-4DE5-A414-077F9E6AD5D8}
[2013/11/23 01:01:45 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{A270FF6E-17F3-497A-B070-CEE1EEE11F28}
[2013/11/22 13:01:23 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{597D760F-D53C-4D31-9133-098639098701}
[2013/11/22 01:01:08 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{BBAFA266-1EF9-43BA-B9A4-12DB77AD4E11}
[2013/11/21 13:00:54 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{ADE72758-D7A5-4E33-AE8C-7D9FFD09D317}
[2013/11/21 01:00:32 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{C9CB687E-B82B-42D6-9B42-74774AF3BCD1}
[2013/11/20 13:00:09 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{B8B3EF1B-EE4B-4D04-A6A2-BE485574CFF0}
[2013/11/20 01:00:06 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{883542F0-6EC5-426A-9280-5C2682341D00}
[2013/11/19 13:30:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/11/19 13:27:44 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/11/19 13:27:43 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/11/19 13:27:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013/11/19 13:27:43 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013/11/19 12:59:44 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{AAD9E1CE-A4F9-44D8-9DF2-B3D2B5FB2E5F}
[2013/11/19 00:59:30 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{0DDD9B25-A4D6-43C4-8882-80A56DD4C630}
[2013/11/18 12:59:06 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{A6CDD207-9C7F-41C0-83F1-CAF63611F93D}
[2013/11/18 00:58:46 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{621C46AF-B1CA-46AD-95BA-BE6312ECBE2F}
[2013/11/17 12:58:24 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{D441B0DC-3AB3-4CC6-86CB-EA17FD0E91DB}
[2013/11/17 00:58:03 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{8B2CF9C2-5BBE-422F-BCCF-112557CDCE06}
[2013/11/16 12:57:41 | 000,000,000 | ---D | C] -- C:\Users\Will\AppData\Local\{2E008728-5BFE-47B1-84E4-72353BCA6C1F}
[2011/08/24 12:15:55 | 002,081,832 | ---- | C] (DownVision                                                  ) -- C:\Users\Will\AppData\Local\setup.exe
[2009/11/05 03:33:04 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe
[3 C:\Users\Will\Documents\*.tmp files -> C:\Users\Will\Documents\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013/12/16 10:47:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3191988764-3146026481-2413432723-1001UA.job
[2013/12/16 10:45:02 | 001,474,832 | ---- | M] () -- C:\Windows\SysNative\drivers\sfi.dat
[2013/12/16 10:34:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/12/16 10:02:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/12/16 02:34:07 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/12/15 20:47:01 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3191988764-3146026481-2413432723-1001Core.job
[2013/12/15 18:30:17 | 000,001,949 | ---- | M] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
[2013/12/13 21:22:00 | 000,003,301 | ---- | M] () -- C:\Windows\Sage.ini
[2013/12/13 09:53:48 | 000,000,640 | ---- | M] () -- C:\Windows\SysWow64\SGLCH32.USR
[2013/12/13 09:53:48 | 000,000,124 | ---- | M] () -- C:\Windows\SysWow64\SageInformer50.ssf
[2013/12/13 00:35:12 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/12/13 00:35:12 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/12/12 12:50:20 | 000,107,368 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIRfsClientNP.dll
[2013/12/12 12:50:15 | 000,092,488 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIinit.dll
[2013/12/12 12:50:15 | 000,035,656 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIport.dll
[2013/12/09 18:42:42 | 000,001,015 | ---- | M] () -- C:\Users\Public\Desktop\Audacity.lnk
[2013/12/09 00:01:22 | 000,007,664 | ---- | M] () -- C:\Users\Will\AppData\Local\Resmon.ResmonCfg
[2013/12/09 00:00:05 | 000,001,817 | ---- | M] () -- C:\Users\Public\Desktop\MultiBit 0.5.15.lnk
[2013/12/06 22:54:44 | 003,250,763 | ---- | M] () -- C:\Users\Will\Documents\SWL CONTRACT.pdf
[2013/12/05 15:57:45 | 000,730,532 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/12/05 15:57:45 | 000,631,816 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/12/05 15:57:45 | 000,111,908 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/12/05 12:04:37 | 000,001,124 | ---- | M] () -- C:\Windows\SGREP32.INI
[2013/12/04 19:18:59 | 000,002,275 | ---- | M] () -- C:\Users\Will\AppData\Roaming\SAS7_000.DAT
[2013/11/29 21:34:16 | 002,424,832 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2013/11/29 21:34:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/11/29 21:34:06 | 2037,776,383 | -HS- | M] () -- C:\hiberfil.sys
[2013/11/29 21:33:38 | 000,118,200 | ---- | M] () -- C:\Windows\SysNative\drivers\fvstore.dat
[2013/11/27 20:25:41 | 000,011,286 | ---- | M] () -- C:\Users\Will\Desktop\CisReport_v6.3.301686.2974_20131127-202536.zip
[2013/11/27 18:21:11 | 000,029,980 | ---- | M] () -- C:\cc_20131127_182106.reg
[2013/11/27 17:37:00 | 000,001,888 | ---- | M] () -- C:\Users\Public\Desktop\COMODO Internet Security.lnk
[2013/11/27 17:36:57 | 000,000,597 | ---- | M] () -- C:\Users\Public\Desktop\Shared Space.lnk
[2013/11/26 21:26:34 | 000,208,216 | ---- | M] (Kaspersky Lab, GERT) -- C:\Windows\SysNative\drivers\86177052.sys
[2013/11/19 13:30:02 | 000,001,787 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[3 C:\Users\Will\Documents\*.tmp files -> C:\Users\Will\Documents\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/12/15 18:30:17 | 000,001,949 | ---- | C] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
[2013/12/15 18:30:17 | 000,001,907 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
[2013/12/09 18:42:42 | 000,001,027 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
[2013/12/09 18:42:42 | 000,001,015 | ---- | C] () -- C:\Users\Public\Desktop\Audacity.lnk
[2013/12/09 00:00:05 | 000,001,817 | ---- | C] () -- C:\Users\Public\Desktop\MultiBit 0.5.15.lnk
[2013/12/06 22:54:36 | 003,250,763 | ---- | C] () -- C:\Users\Will\Documents\SWL CONTRACT.pdf
[2013/11/29 12:49:22 | 000,118,200 | ---- | C] () -- C:\Windows\SysNative\drivers\fvstore.dat
[2013/11/28 15:21:24 | 000,000,157 | ---- | C] () -- C:\Users\Will\Documents\signature.html
[2013/11/27 20:25:40 | 000,011,286 | ---- | C] () -- C:\Users\Will\Desktop\CisReport_v6.3.301686.2974_20131127-202536.zip
[2013/11/27 18:21:09 | 000,029,980 | ---- | C] () -- C:\cc_20131127_182106.reg
[2013/11/27 17:37:00 | 000,001,888 | ---- | C] () -- C:\Users\Public\Desktop\COMODO Internet Security.lnk
[2013/11/27 17:36:57 | 000,000,597 | ---- | C] () -- C:\Users\Public\Desktop\Shared Space.lnk
[2013/11/19 13:30:02 | 000,001,787 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/09/29 14:37:36 | 000,000,014 | ---- | C] () -- C:\Users\Will\AppData\Roaming\bnej.shareclip.recentitems.ff
[2013/03/29 02:13:14 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2013/03/29 02:13:12 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2012/11/27 00:18:46 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012/08/09 12:55:28 | 000,000,032 | ---- | C] () -- C:\Windows\Menu.INI
[2012/08/01 09:57:32 | 000,000,044 | ---- | C] () -- C:\Users\Will\AppData\Roaming\Opusbext.dat
[2012/07/30 08:53:48 | 005,445,617 | ---- | C] () -- C:\Windows\aapt.exe
[2012/06/26 15:02:38 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012/06/26 15:02:38 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012/06/26 15:02:38 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012/06/26 15:02:38 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2012/05/17 16:18:58 | 000,000,132 | ---- | C] () -- C:\Users\Will\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2012/02/15 02:36:36 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/02/15 02:36:36 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011/09/06 20:01:14 | 000,038,448 | ---- | C] () -- C:\Users\Will\AppData\Roaming\Comma Separated Values (Windows).ADR
[2011/07/27 14:34:11 | 000,000,000 | ---- | C] () -- C:\Users\Will\AppData\Local\{0635EF3D-6AFC-4355-A5D5-E31A38C53C1A}
[2011/07/25 14:35:10 | 000,000,000 | ---- | C] () -- C:\Users\Will\AppData\Local\{23F0766D-C2E1-429E-92FB-28DC98AC3F9D}
[2011/07/24 10:42:00 | 000,000,000 | ---- | C] () -- C:\Users\Will\AppData\Local\{0471CD78-7662-409B-8F2E-18233003ACD5}
[2011/07/08 12:50:49 | 000,000,132 | ---- | C] () -- C:\Users\Will\AppData\Roaming\Adobe BMP Format CS5 Prefs
[2011/05/03 10:28:02 | 000,000,036 | ---- | C] () -- C:\Users\Will\AppData\Local\housecall.guid.cache
[2011/05/02 00:43:04 | 000,000,132 | ---- | C] () -- C:\Users\Will\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011/03/14 19:30:34 | 000,002,275 | ---- | C] () -- C:\Users\Will\AppData\Roaming\SAS7_000.DAT
[2011/03/14 12:07:01 | 000,007,664 | ---- | C] () -- C:\Users\Will\AppData\Local\Resmon.ResmonCfg
[2011/03/01 15:33:30 | 000,001,456 | ---- | C] () -- C:\Users\Will\AppData\Local\Adobe Save for Web 12.0 Prefs
[2011/02/16 21:03:17 | 000,072,080 | ---- | C] () -- C:\Users\Will\g2mdlhlpx.exe
[2011/02/02 15:47:03 | 000,000,042 | ---- | C] () -- C:\Users\Will\RoomEQWizardV5-Path
[2010/12/15 00:34:25 | 002,741,127 | ---- | C] () -- C:\Users\Will\.websiteauditor.properties
[2010/12/12 22:42:21 | 000,340,371 | ---- | C] () -- C:\Users\Will\.ranktracker.properties
[2010/12/12 22:08:28 | 000,534,205 | ---- | C] () -- C:\Users\Will\.linkassistant.properties
[2010/12/08 21:02:21 | 000,005,970 | ---- | C] () -- C:\Users\Will\AppData\Local\ssc5h.xml
[2010/12/08 02:58:22 | 000,662,948 | ---- | C] () -- C:\Users\Will\.spyglass.properties
[2010/12/07 00:26:46 | 000,005,632 | ---- | C] () -- C:\Users\Will\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2009/07/14 04:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 02:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 01:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 01:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 12:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 01:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2010/05/19 15:17:56 | 000,000,000 | -HSD | M] -- C:\Users\Will\AppData\Roaming\.#
[2013/12/09 20:10:05 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\Audacity
[2010/07/26 19:28:51 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
[2013/12/08 23:25:04 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\Bitcoin
[2013/12/16 10:30:02 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\BitTorrent Sync
[2011/11/06 23:47:17 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\Broadlook Technologies
[2013/12/15 18:30:19 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\Canneverbe Limited
[2011/02/03 22:58:54 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/02/03 17:14:15 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\CoffeeCup Software
[2011/10/30 04:17:15 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2011/05/31 09:05:36 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\DMCache
[2013/12/16 01:00:00 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\Dropbox
[2013/12/04 19:17:20 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\FileZilla
[2011/04/27 12:35:44 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\G-Lock Software
[2010/05/19 15:08:52 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\GameConsole
[2013/01/28 17:06:08 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\HandBrake
[2011/02/11 18:57:16 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\Hypercosm
[2011/02/22 15:43:46 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\IrfanView
[2011/06/27 17:25:17 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\MixUp
[2010/12/06 13:32:25 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\MountainDesk
[2013/12/16 01:59:52 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\MultiBit
[2011/03/02 22:56:12 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\Notepad++
[2011/03/14 11:43:55 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\Nuance
[2013/10/17 14:01:38 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\OpenOffice
[2013/08/12 18:31:02 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\Oracle
[2013/11/14 18:16:12 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\Pantone
[2011/02/11 18:04:12 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\preFab
[2013/12/05 12:05:01 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\PrimoPDF
[2010/09/17 21:41:50 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\REAPER
[2012/07/23 23:29:59 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\Samsung
[2011/06/27 15:13:07 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\Spacehead
[2013/07/11 10:03:43 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\Spotify
[2010/09/28 11:44:16 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013/10/30 16:10:46 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\TeamViewer
[2012/02/10 15:19:20 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\Tracker Software
[2010/12/01 20:30:05 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\Trillian
[2011/02/02 14:28:42 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\Tube Groove
[2012/05/15 23:38:05 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\Universal SQL Editor
[2013/09/26 00:46:11 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\uTorrent
[2010/12/03 19:18:49 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\Vodafone
[2010/12/01 11:38:30 | 000,000,000 | ---D | M] -- C:\Users\Will\AppData\Roaming\Windows Live Writer
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 749 bytes -> C:\Users\Will\Desktop\TapeOp.com V4 is live.eml:OECustomProperty
@Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:93DE1838
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:0FF263E8
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:DED17083
@Alternate Data Stream - 107 bytes -> C:\ProgramData\Temp:F35A93AD
 
< End of report >
 

 



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,699 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:44 PM

Posted 21 December 2013 - 01:35 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/517661 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,699 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:44 PM

Posted 26 December 2013 - 01:40 PM

Hello again!

I haven't heard from you in 5 days. Therefore, I am going to assume that you no longer need our help, and close this topic.

If you do still need help, please send a Private Message to any Moderator within the next five days. Be sure to include a link to your topic in your Private Message.

Thank you for using Bleeping Computer, and have a great day!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users