Jump to content

i have Trojan.0Access and i can't get rid of it!


Recommended Posts

  • Replies 91
  • Created
  • Last Reply

Top Posters In This Topic

OTL logfile created on: 16/07/2013 3:58:37 PM - Run 2

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\josh\Desktop

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

 

3.25 Gb Total Physical Memory | 1.77 Gb Available Physical Memory | 54.44% Memory free

6.71 Gb Paging File | 5.05 Gb Available in Paging File | 75.20% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 581.11 Gb Total Space | 77.09 Gb Free Space | 13.27% Space Free | Partition Type: NTFS

Drive D: | 15.00 Gb Total Space | 9.74 Gb Free Space | 64.91% Space Free | Partition Type: NTFS

Unable to calculate disk information.

 

Computer Name: WILLIAMS-PC | User Name: josh | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2013/07/11 19:44:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\josh\Desktop\OTL.exe

PRC - [2013/07/10 11:56:20 | 001,672,616 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\steam2\Steam.exe

PRC - [2013/06/28 14:02:06 | 002,255,184 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe

PRC - [2013/06/28 14:02:04 | 001,440,080 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe

PRC - [2013/05/28 23:05:16 | 000,163,328 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe

PRC - [2013/05/14 13:26:12 | 003,289,208 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

PRC - [2013/01/27 11:11:46 | 000,295,232 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe

PRC - [2013/01/27 11:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe

PRC - [2012/12/11 03:52:44 | 003,147,384 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgui.exe

PRC - [2012/12/10 11:11:44 | 001,342,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgfws.exe

PRC - [2012/11/17 06:45:20 | 000,453,632 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe

PRC - [2012/11/17 06:44:46 | 000,217,088 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe

PRC - [2012/11/15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgidsagent.exe

PRC - [2012/10/30 04:59:56 | 000,726,648 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgrsx.exe

PRC - [2012/10/22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe

PRC - [2012/10/22 13:04:32 | 001,116,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgnsx.exe

PRC - [2012/10/22 13:03:52 | 000,796,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgemcx.exe

PRC - [2012/10/22 13:03:46 | 000,440,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgcsrvx.exe

PRC - [2012/06/11 15:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) -- C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.EXE

PRC - [2011/12/16 16:51:54 | 001,778,176 | ---- | M] () -- C:\Program Files\FreeWordHelper\FreeWordHelperUpdt.exe

PRC - [2010/09/03 16:45:02 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.1.121\SSScheduler.exe

PRC - [2009/08/24 08:43:18 | 001,890,304 | ---- | M] (SoftPerfect Research) -- C:\Program Files\NetWorx\networx.exe

PRC - [2009/06/03 13:46:38 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe

PRC - [2009/04/11 16:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2009/04/09 18:29:00 | 001,762,032 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe

PRC - [2009/01/30 02:50:06 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe

PRC - [2009/01/13 20:32:52 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe

PRC - [2008/12/18 15:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe

PRC - [2008/03/18 02:06:00 | 001,848,648 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

PRC - [2008/01/21 12:24:43 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe

 

 

========== Modules (No Company Name) ==========

 

MOD - [2013/05/17 07:53:21 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\3da65115bf9debbf564861f6b123a2e4\System.Configuration.ni.dll

MOD - [2013/05/17 07:49:42 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e9ea3e70247b4aa4a8b260426db3aa6b\System.Windows.Forms.ni.dll

MOD - [2013/05/17 07:49:21 | 014,329,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\2673a8a481ae675588349b79b521cec1\PresentationFramework.ni.dll

MOD - [2013/05/17 07:49:03 | 012,219,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\a3968930e9e2ae833447b0a280082073\PresentationCore.ni.dll

MOD - [2013/05/17 07:48:40 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\fe2a238282c6fedc2a21b3dd25885437\WindowsBase.ni.dll

MOD - [2013/02/16 16:33:59 | 011,820,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\421cb77e6a4c21f94e3c5ddf766de23b\System.Web.ni.dll

MOD - [2013/02/16 16:33:49 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\d186bf251ae14af93b3a943d472ee9f5\System.Web.Services.ni.dll

MOD - [2013/01/11 02:39:53 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f042f66c2ad8fd5b8c34fa22cd22079e\System.Management.ni.dll

MOD - [2013/01/11 02:37:48 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\9b2eef59d0cfc5aff182d0951de5f040\Accessibility.ni.dll

MOD - [2013/01/11 02:37:44 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b5df40c22ab563a816103629e2ca99d4\System.Runtime.Remoting.ni.dll

MOD - [2013/01/11 02:37:20 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b757806657fa5db2b1ed1a89b026b463\System.Xml.ni.dll

MOD - [2013/01/11 02:36:52 | 001,593,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll

MOD - [2013/01/11 02:35:36 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll

MOD - [2013/01/11 02:35:24 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll

MOD - [2012/11/17 05:37:32 | 000,037,376 | ---- | M] () -- C:\Windows\System32\atitmpxx.dll

MOD - [2012/11/16 15:09:18 | 000,369,152 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll

MOD - [2012/06/19 01:24:30 | 000,260,096 | ---- | M] () -- C:\Program Files\Notepad++\NppShell_05.dll

MOD - [2011/11/01 22:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

MOD - [2011/11/01 22:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

MOD - [2009/07/02 01:50:31 | 001,691,648 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3331.38812__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll

MOD - [2009/07/02 01:50:31 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3331.38896__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll

MOD - [2009/07/02 01:50:31 | 000,290,816 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3331.38795__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll

MOD - [2009/07/02 01:50:31 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3331.38814__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll

MOD - [2009/07/02 01:50:31 | 000,139,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3331.38897__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll

MOD - [2009/07/02 01:50:31 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3331.38802__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll

MOD - [2009/07/02 01:50:31 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3331.38809__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll

MOD - [2009/07/02 01:50:31 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3331.38838__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll

MOD - [2009/07/02 01:50:31 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3331.38803__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll

MOD - [2009/07/02 01:50:30 | 000,811,008 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3331.38841__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll

MOD - [2009/07/02 01:50:30 | 000,712,704 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3331.38804__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll

MOD - [2009/07/02 01:50:30 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3331.38869__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll

MOD - [2009/07/02 01:50:30 | 000,364,544 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3331.38859__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll

MOD - [2009/07/02 01:50:30 | 000,225,280 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3331.38814__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll

MOD - [2009/07/02 01:50:30 | 000,126,976 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3331.38850__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll

MOD - [2009/07/02 01:50:30 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3331.38860__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll

MOD - [2009/07/02 01:50:30 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3331.38840__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll

MOD - [2009/07/02 01:50:30 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3331.38839__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll

MOD - [2009/07/02 01:50:30 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3331.38858__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll

MOD - [2009/07/02 01:50:30 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3331.38818__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll

MOD - [2009/07/02 01:50:30 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3331.38850__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll

MOD - [2009/07/02 01:50:29 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3309.28604__90ba9c70f846762e\CLI.Foundation.dll

MOD - [2009/07/02 01:50:29 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll

MOD - [2009/07/02 01:50:29 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3331.38840__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll

MOD - [2009/07/02 01:50:29 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3309.28601__90ba9c70f846762e\LOG.Foundation.dll

MOD - [2009/07/02 01:50:29 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3309.28603__90ba9c70f846762e\NEWAEM.Foundation.dll

MOD - [2009/07/02 01:50:29 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3309.28669__90ba9c70f846762e\CLI.Foundation.XManifest.dll

MOD - [2009/07/02 01:50:29 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3309.28630__90ba9c70f846762e\DEM.OS.I0602.dll

MOD - [2009/07/02 01:50:29 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3309.28620__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll

MOD - [2009/07/02 01:50:29 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll

MOD - [2009/07/02 01:50:29 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3309.28608__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll

MOD - [2009/07/02 01:50:29 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3309.28626__90ba9c70f846762e\MOM.Foundation.dll

MOD - [2009/07/02 01:50:29 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3309.28645__90ba9c70f846762e\DEM.OS.dll

MOD - [2009/07/02 01:50:29 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll

MOD - [2009/07/02 01:50:29 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3309.28630__90ba9c70f846762e\DEM.Graphics.dll

MOD - [2009/07/02 01:50:29 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll

MOD - [2009/07/02 01:50:29 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3309.28629__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll

MOD - [2009/07/02 01:50:29 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll

MOD - [2009/07/02 01:50:29 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll

MOD - [2009/07/02 01:50:28 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3331.38890__90ba9c70f846762e\MOM.Implementation.dll

MOD - [2009/07/02 01:50:28 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll

MOD - [2009/07/02 01:50:28 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3331.38888__90ba9c70f846762e\LOG.Foundation.Implementation.dll

MOD - [2009/07/02 01:50:28 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3309.28618__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll

MOD - [2009/07/02 01:50:28 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Shared\2.0.3309.28647__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Shared.dll

MOD - [2009/07/02 01:50:28 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll

MOD - [2009/07/02 01:50:28 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll

MOD - [2009/07/02 01:50:28 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll

MOD - [2009/07/02 01:50:28 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll

MOD - [2009/07/02 01:50:28 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3331.38906__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll

MOD - [2009/07/02 01:50:28 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll

MOD - [2009/07/02 01:50:28 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll

MOD - [2009/07/02 01:50:28 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3309.28614__90ba9c70f846762e\LOG.Foundation.Private.dll

MOD - [2009/07/02 01:50:28 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3309.28624__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll

MOD - [2009/07/02 01:50:28 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3309.28632__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll

MOD - [2009/07/02 01:50:28 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll

MOD - [2009/07/02 01:50:28 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3309.28627__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll

MOD - [2009/07/02 01:50:28 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3309.28635__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll

MOD - [2009/07/02 01:50:28 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll

MOD - [2009/07/02 01:50:28 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3309.28612__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll

MOD - [2009/07/02 01:50:28 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3309.28626__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll

MOD - [2009/07/02 01:50:28 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll

MOD - [2009/07/02 01:50:28 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3309.28611__90ba9c70f846762e\CLI.Component.Client.Shared.dll

MOD - [2009/07/02 01:50:28 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll

MOD - [2009/07/02 01:50:28 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3309.28626__90ba9c70f846762e\APM.Foundation.dll

MOD - [2009/07/02 01:50:28 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll

MOD - [2009/07/02 01:50:28 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll

MOD - [2009/07/02 01:50:28 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll

MOD - [2009/07/02 01:50:28 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Server.Shared.dll

MOD - [2009/07/02 01:50:28 | 000,014,848 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll

MOD - [2009/07/02 01:50:28 | 000,013,312 | ---- | M] () -- C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll

MOD - [2009/07/02 01:50:28 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3331.38791__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll

MOD - [2009/07/02 01:50:27 | 001,142,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3331.38799__90ba9c70f846762e\CLI.Component.Dashboard.dll

MOD - [2009/07/02 01:50:27 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3331.38808__90ba9c70f846762e\CLI.Component.Wizard.dll

MOD - [2009/07/02 01:50:27 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3331.38793__90ba9c70f846762e\CLI.Component.Runtime.dll

MOD - [2009/07/02 01:50:27 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3331.38793__90ba9c70f846762e\ATIDEMOS.dll

MOD - [2009/07/02 01:50:27 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3331.38792__90ba9c70f846762e\APM.Server.dll

MOD - [2009/07/02 01:50:27 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3331.38794__90ba9c70f846762e\CLI.Component.SkinFactory.dll

MOD - [2009/07/02 01:50:27 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3309.28628__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll

MOD - [2009/07/02 01:50:27 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3331.38791__90ba9c70f846762e\AEM.Server.dll

MOD - [2009/07/02 01:50:27 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3309.28608__90ba9c70f846762e\CLI.Foundation.Private.dll

MOD - [2009/07/02 01:50:27 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3309.28621__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll

MOD - [2009/07/02 01:50:27 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll

MOD - [2009/07/02 01:50:27 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3331.38889__90ba9c70f846762e\CCC.Implementation.dll

MOD - [2009/07/02 01:50:27 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3309.28627__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll

MOD - [2009/07/02 01:50:27 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3309.28624__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll

MOD - [2009/07/02 01:50:27 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3309.28637__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll

MOD - [2009/06/28 00:29:34 | 000,439,296 | ---- | M] () -- C:\Program Files\NetWorx\sqlite.dll

MOD - [2009/04/09 18:29:00 | 001,762,032 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe

MOD - [2009/04/09 18:29:00 | 000,263,920 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\SdbShared.dll

MOD - [2009/04/09 18:29:00 | 000,132,336 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\SdbShared.XmlSerializers.dll

MOD - [2009/04/09 18:29:00 | 000,095,472 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\SdbUI.dll

MOD - [2009/04/09 18:29:00 | 000,058,608 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\BalloonWindow.dll

MOD - [2009/04/09 18:29:00 | 000,017,648 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\CppUtils.dll

MOD - [2009/01/19 19:41:52 | 000,054,784 | ---- | M] () -- C:\Windows\System32\bcmwlrmt.dll

 

 

========== Services (SafeList) ==========

 

SRV - [2013/07/10 11:56:22 | 000,559,016 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)

SRV - [2013/07/05 09:44:46 | 001,495,512 | ---- | M] (Echobit LLC) [On_Demand | Stopped] -- C:\Program Files\Echobit\Evolve\EvoSvc.exe -- (EvoSvc)

SRV - [2013/06/28 14:02:04 | 001,440,080 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)

SRV - [2013/06/21 09:53:36 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2013/05/28 23:05:16 | 000,163,328 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2013/05/14 13:26:12 | 003,289,208 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)

SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)

SRV - [2013/01/27 11:11:46 | 000,295,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)

SRV - [2013/01/27 11:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)

SRV - [2012/12/10 11:11:44 | 001,342,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgfws.exe -- (avgfws)

SRV - [2012/11/24 11:18:02 | 000,131,912 | ---- | M] (Desura Pty Ltd) [On_Demand | Stopped] -- C:\Program Files\Common Files\Desura\desura_service.exe -- (Desura Install Service)

SRV - [2012/11/17 06:44:46 | 000,217,088 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)

SRV - [2012/11/15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)

SRV - [2012/10/22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe -- (avgwd)

SRV - [2012/08/01 09:29:15 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2012/06/11 15:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.EXE -- (BBUpdate)

SRV - [2012/06/11 15:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.EXE -- (BBSvc)

SRV - [2011/12/16 16:51:54 | 001,778,176 | ---- | M] () [Auto | Running] -- C:\Program Files\FreeWordHelper\FreeWordHelperUpdt.exe -- (FreeWordHelper)

SRV - [2010/09/03 16:45:02 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.1.121\McCHSvc.exe -- (McComponentHostService)

SRV - [2009/07/02 01:54:16 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)

SRV - [2009/01/30 02:50:06 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter)

SRV - [2009/01/13 20:32:52 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe -- (AERTFilters)

SRV - [2008/12/18 15:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)

SRV - [2008/01/21 12:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

 

 

========== Driver Services (SafeList) ==========

 

DRV - File not found [Kernel | Auto | Stopped] -- C:\Program Files\Free Ride Games\X6XSEx_Pr143.Sys -- (X6XSEx_Pr143)

DRV - File not found [Kernel | Boot | Unknown] -- system32\drivers\Partizan.sys -- (Partizan)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)

DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\kkhlafex.sys -- (kkhlafex)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)

DRV - [2013/06/29 15:27:11 | 000,099,400 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MijXfilt.sys -- (MotioninJoyXFilter)

DRV - [2013/05/22 22:15:28 | 000,018,584 | ---- | M] (Echobit, LLC) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\evolve.sys -- (EvolveVirtualAdapter)

DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)

DRV - [2013/01/20 15:59:04 | 000,100,328 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)

DRV - [2012/11/17 07:07:06 | 010,070,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)

DRV - [2012/11/17 07:07:06 | 010,070,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)

DRV - [2012/11/17 07:07:06 | 010,070,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)

DRV - [2012/11/17 05:38:48 | 000,290,304 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)

DRV - [2012/11/15 23:33:26 | 000,094,048 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)

DRV - [2012/10/22 13:02:46 | 000,179,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)

DRV - [2012/10/15 03:48:52 | 000,055,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX)

DRV - [2012/10/02 03:30:38 | 000,159,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)

DRV - [2012/09/21 03:46:06 | 000,164,832 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)

DRV - [2012/09/21 03:46:00 | 000,177,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avglogx.sys -- (Avglogx)

DRV - [2012/09/21 03:45:54 | 000,019,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)

DRV - [2012/09/14 03:05:20 | 000,035,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)

DRV - [2012/09/04 10:39:32 | 000,050,296 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgfwd6x.sys -- (Avgfwfd)

DRV - [2012/02/23 22:31:36 | 000,083,984 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdLH3.sys -- (AtiHDAudioService)

DRV - [2011/08/02 16:38:44 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netaapl.sys -- (Netaapl)

DRV - [2009/08/29 12:51:51 | 000,038,976 | ---- | M] (microOLAP Technologies LTD) [Kernel | System | Running] -- C:\Windows\System32\drivers\pssdk42.sys -- (PSSDK42)

DRV - [2009/03/18 15:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)

DRV - [2009/01/19 19:40:58 | 000,018,424 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY)

DRV - [2009/01/13 22:39:40 | 000,138,240 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)

DRV - [2008/11/05 09:16:40 | 000,022,904 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Dell Support Center\HWDiag\bin\pcd5srvc.pkms -- (PCD5SRVC{3F6A8B78-EC003E00-05040104})

DRV - [2008/04/03 22:36:14 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)

DRV - [2008/01/21 12:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)

DRV - [2007/06/29 14:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AmdLLD.sys -- (AmdLLD)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://www.google.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://www.google.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.com

IE - HKLM\..\SearchScopes,DefaultScope = 

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 

 

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 

 

IE - HKU\S-1-5-21-3287801049-2637330249-1735968051-1002\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1

IE - HKU\S-1-5-21-3287801049-2637330249-1735968051-1002\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKU\S-1-5-21-3287801049-2637330249-1735968051-1002\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKU\S-1-5-21-3287801049-2637330249-1735968051-1002\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://www.google.com

IE - HKU\S-1-5-21-3287801049-2637330249-1735968051-1002\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.com

IE - HKU\S-1-5-21-3287801049-2637330249-1735968051-1002\..\SearchScopes,DefaultScope = 

IE - HKU\S-1-5-21-3287801049-2637330249-1735968051-1002\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\S-1-5-21-3287801049-2637330249-1735968051-1002\..\SearchScopes\{52AC9703-45DB-48CB-A233-DFB87D488AF3}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=DLCDF7&pc=MDDC&src=IE-SearchBox

IE - HKU\S-1-5-21-3287801049-2637330249-1735968051-1002\..\SearchScopes\{54C213C6-A9BA-4FA8-8613-A96262987179}: "URL" = http://delicious.com/search?p={searchTerms}

IE - HKU\S-1-5-21-3287801049-2637330249-1735968051-1002\..\SearchScopes\{65478155-B43B-4152-9DB2-D9029124ED8C}: "URL" = http://www.flickr.com/search/?q={searchTerms}

IE - HKU\S-1-5-21-3287801049-2637330249-1735968051-1002\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\S-1-5-21-3287801049-2637330249-1735968051-1002\..\SearchScopes\{A085142A-1794-4EBD-991E-894EEC4E13B8}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

IE - HKU\S-1-5-21-3287801049-2637330249-1735968051-1002\..\SearchScopes\{EED74EFB-6793-4D8C-867D-875B47980146}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=chr-yie9

IE - HKU\S-1-5-21-3287801049-2637330249-1735968051-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

========== FireFox ==========

 

FF - prefs.js..browser.startup.homepage: 

FF - prefs.js..browser.search.defaultenginename: "Google" 

FF - user.js - File not found

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@exent.com/npExentCtl,version=7.0.0.0: C:\Program Files\Free Ride Games\npExentCtl.dll File not found

FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Users\josh\Desktop\Picasa3\npPicasa3.dll File not found

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\www.exent.com/GameTreatWidget: C:\Program Files\Free Ride Games\NPGameTreatPlugin.dll File not found

FF - HKCU\Software\MozillaPlugins\@nsroblox.roblox.com/launcher: C:\Users\josh\AppData\Local\Roblox\Versions\version-bac2ef28b67142d0\\NPRobloxProxy.dll ()

FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\josh\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/11/01 19:23:00 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/07/07 09:22:58 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/07/07 09:22:58 | 000,000,000 | ---D | M]

 

[2013/07/02 19:34:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\josh\AppData\Roaming\mozilla\Extensions

[2013/07/12 08:04:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\josh\AppData\Roaming\mozilla\firefox\Profiles\lxx114p3.default\Extensions

[2013/07/03 16:51:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2013/06/15 11:33:17 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

[2012/09/18 19:38:14 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

[2013/05/17 18:16:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}

[2013/06/15 11:33:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions

[2013/06/15 11:33:17 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

[2012/08/01 09:29:16 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2011/12/07 23:57:20 | 000,075,776 | ---- | M] (Free Word Help) -- C:\Program Files\mozilla firefox\plugins\npFreeWordHelper.dll

[2012/04/24 17:20:42 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

[2012/04/24 17:20:42 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

[2009/04/07 12:59:38 | 000,000,872 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Yahooober703666315.gif

[2009/12/18 05:46:46 | 000,000,202 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Yahooober703666315.src

 

========== Chrome  ==========

 

CHR - default_search_provider: Mixi.DJ Search (Enabled)

CHR - default_search_provider: search_url = http://mixidj.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=669D0000A1F8C1A8&affID=121136&tsp=4931

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},

CHR - homepage: 

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll

CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.72\pdf.dll

CHR - plugin: Norton Confidential (Enabled) = C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.5.11_0\npcoplgn.dll

CHR - plugin: widdit (Enabled) = C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejdabpabkmacjiiooccecnpakonoibah\1.4_0\npwiddit.dll

CHR - plugin: Free Word Help (Enabled) = C:\Program Files\Google\Chrome\Application\plugins\npFreeWordHelper.dll

CHR - plugin: Coupons Inc., Coupon Printer Manager  (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll

CHR - plugin: Coupons Inc., Coupon Printer Manager  (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll

CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll

CHR - plugin: Adobe Acrobat (Enabled) = c:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

CHR - plugin: Java Platform SE 6 U35 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

CHR - plugin: Java Deployment Toolkit 6.0.350.10 (Enabled) = C:\Windows\system32\npdeployJava1.dll

CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll

CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

CHR - plugin: Windows Live Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

CHR - plugin: Roblox Launcher Plugin (Enabled) = C:\Users\josh\AppData\Local\Roblox\Versions\version-470c28140c5148c2\\NPRobloxProxy.dll

CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

 

O1 HOSTS File: ([2013/07/10 17:07:33 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)

O3 - HKLM\..\Toolbar: (&NetWorx Desk Band) - {FEEA54B4-D80F-41C7-87B9-DC08E6D3255F} - C:\Program Files\NetWorx\deskband.dll (SoftPerfect Research)

O3 - HKU\S-1-5-21-3287801049-2637330249-1735968051-1002\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.

O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)

O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)

O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)

O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe ()

O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)

O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)

O4 - HKLM..\Run: [NetWorx] C:\Program Files\NetWorx\networx.exe (SoftPerfect Research)

O4 - HKLM..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKU\S-1-5-21-3287801049-2637330249-1735968051-1002..\Run: [Desura] C:\Program Files\Desura\desura.exe (Desura Pty Ltd)

O4 - HKU\S-1-5-21-3287801049-2637330249-1735968051-1002..\Run: [Dxtory Update Checker 2.0] C:\Program Files\Dxtory Software\Dxtory2.0\UpdateChecker.exe (Dxtory Software)

O4 - HKU\S-1-5-21-3287801049-2637330249-1735968051-1002..\Run: [EvolveClient] C:\Program Files\Echobit\Evolve\EvolveClient.exe (Echobit LLC)

O4 - HKU\S-1-5-21-3287801049-2637330249-1735968051-1002..\Run: [steam] C:\Program Files\Steam\steam2\steam.exe (Valve Corporation)

O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

O4 - Startup: C:\Users\josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

O4 - Startup: C:\Users\Ken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

O4 - Startup: C:\Users\Williams\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-3287801049-2637330249-1735968051-1002\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-3287801049-2637330249-1735968051-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O15 - HKU\S-1-5-21-3287801049-2637330249-1735968051-1002\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)

O15 - HKU\S-1-5-21-3287801049-2637330249-1735968051-1002\..Trusted Domains: freerealms.com ([]* in Trusted sites)

O15 - HKU\S-1-5-21-3287801049-2637330249-1735968051-1002\..Trusted Domains: soe.com ([]* in Trusted sites)

O15 - HKU\S-1-5-21-3287801049-2637330249-1735968051-1002\..Trusted Domains: sony.com ([]* in Trusted sites)

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/GAME_UNO1.cab (UnoCtrl Class)

O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455}  (ExentInf Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab (Java Plug-in 10.25.2)

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)

O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)

O16 - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab (Java Plug-in 10.25.2)

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{478B4304-BA1B-4DBB-BEC8-D3389FCF3CB6}: DhcpNameServer = 10.143.147.147 10.143.147.148

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AB062B98-9986-4F2B-9B17-5EC7862F454C}: DhcpNameServer = 10.0.0.138

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)

O24 - Desktop WallPaper: C:\Users\josh\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg

O24 - Desktop BackupWallPaper: C:\Users\josh\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006/09/19 07:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O34 - HKLM BootExecute: (MACHINE BootExecut)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

 

========== Files/Folders - Created Within 30 Days ==========

 

[2013/07/14 22:10:25 | 000,000,000 | ---D | C] -- C:\Users\josh\Desktop\minecraft server 1.6.2 origanal

[2013/07/14 17:47:28 | 000,000,000 | ---D | C] -- C:\Program Files\Skype

[2013/07/14 10:17:11 | 000,000,000 | ---D | C] -- C:\Users\josh\Desktop\minecraft bukkit server 1.6.2

[2013/07/13 14:35:17 | 000,000,000 | -HSD | C] -- C:\found.003

[2013/07/12 08:04:46 | 000,000,000 | ---D | C] -- C:\_OTL

[2013/07/11 19:43:34 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\josh\Desktop\OTL.exe

[2013/07/10 21:46:23 | 000,000,000 | ---D | C] -- C:\Users\josh\Desktop\key changer

[2013/07/10 20:39:19 | 000,000,000 | ---D | C] -- C:\Users\josh\AppData\Roaming\AVG2013

[2013/07/10 20:37:16 | 000,000,000 | ---D | C] -- C:\Users\josh\AppData\Roaming\TuneUp Software

[2013/07/10 20:37:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

[2013/07/10 20:33:46 | 000,000,000 | -H-D | C] -- C:\$AVG

[2013/07/10 20:33:46 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013

[2013/07/10 20:31:01 | 000,000,000 | ---D | C] -- C:\Program Files\AVG

[2013/07/10 20:21:02 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files

[2013/07/10 20:21:02 | 000,000,000 | ---D | C] -- C:\Users\josh\AppData\Local\MFAData

[2013/07/10 20:21:02 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData

[2013/07/10 20:21:02 | 000,000,000 | ---D | C] -- C:\Users\josh\AppData\Local\Avg2013

[2013/07/10 20:13:15 | 000,000,000 | ---D | C] -- C:\Program Files\ESET

[2013/07/10 20:11:18 | 002,347,384 | ---- | C] (ESET) -- C:\Users\josh\Desktop\esetsmartinstaller_enu.exe

[2013/07/10 19:25:55 | 000,000,000 | ---D | C] -- C:\Users\josh\Desktop\New Folder (5)

[2013/07/10 17:24:24 | 000,000,000 | ---D | C] -- C:\Windows\temp

[2013/07/10 17:24:23 | 000,000,000 | ---D | C] -- C:\Users\josh\AppData\Local\temp

[2013/07/10 16:39:00 | 000,000,000 | ---D | C] -- C:\Windows\erdnt

[2013/07/09 16:58:16 | 000,000,000 | ---D | C] -- C:\Users\josh\AppData\Roaming\Quest3D

[2013/07/09 16:58:15 | 000,000,000 | ---D | C] -- C:\Users\josh\Documents\ShipSimExtremesDemo Userdata

[2013/07/09 16:56:39 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation

[2013/07/08 18:41:56 | 000,643,592 | ---- | C] (Unity Technologies ApS) -- C:\Users\josh\Desktop\UnityWebPlayer.exe

[2013/07/08 18:41:34 | 000,000,000 | ---D | C] -- C:\Users\josh\AppData\Local\Unity

[2013/07/07 11:35:07 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\josh\Desktop\tdsskiller (1).exe

[2013/07/07 11:12:06 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT

[2013/07/07 11:11:19 | 000,000,000 | ---D | C] -- C:\JRT

[2013/07/07 11:11:10 | 000,545,954 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\josh\Desktop\JRT.exe

[2013/07/07 09:28:50 | 000,000,000 | ---D | C] -- C:\Users\josh\AppData\Roaming\Uniblue

[2013/07/05 09:58:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus

[2013/07/05 09:43:51 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\josh\Desktop\dds.com

[2013/07/04 15:21:58 | 001,492,584 | ---- | C] (Skype Technologies S.A.) -- C:\Users\josh\Desktop\SkypeSetup (1).exe

[2013/07/04 09:34:38 | 000,000,000 | ---D | C] -- C:\Users\josh\Desktop\malwerebytes logs

[2013/07/04 07:49:54 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan

[2013/07/04 07:47:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi

[2013/07/04 07:47:39 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi

[2013/07/03 17:44:05 | 000,000,000 | ---D | C] -- C:\Users\josh\AppData\Roaming\HPAppData

[2013/07/03 17:43:11 | 000,000,000 | ---D | C] -- C:\Program Files\AMD APP

[2013/07/03 17:42:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center

[2013/07/03 17:36:35 | 000,000,000 | ---D | C] -- C:\Program Files\ATI

[2013/07/03 17:35:08 | 000,000,000 | ---D | C] -- C:\AMD

[2013/07/03 17:23:29 | 000,792,704 | ---- | C] (AMD) -- C:\Users\josh\Desktop\amddriverdownloader.exe

[2013/07/03 16:50:44 | 000,000,000 | ---D | C] -- C:\@RestoreQuarantine

[2013/07/03 13:20:14 | 000,000,000 | ---D | C] -- C:\BackSys

[2013/07/03 08:24:47 | 000,000,000 | ---D | C] -- C:\ProgramData\RegRun

[2013/07/03 08:24:37 | 000,000,000 | ---D | C] -- C:\Users\josh\Documents\RegRun2

[2013/07/03 08:24:23 | 000,000,000 | ---D | C] -- C:\Program Files\UnHackMe

[2013/07/02 07:59:58 | 000,000,000 | ---D | C] -- C:\Users\josh\Desktop\new minecraft

[2013/07/01 22:12:03 | 000,000,000 | ---D | C] -- C:\9a65bd9af90ba97ce36c19

[2013/07/01 22:05:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client

[2013/07/01 22:03:49 | 011,091,432 | ---- | C] (Microsoft Corporation) -- C:\Users\josh\Desktop\mseinstall.exe

[2013/07/01 21:25:32 | 000,000,000 | ---D | C] -- C:\Users\josh\AppData\Roaming\Malwarebytes

[2013/07/01 16:43:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2013/07/01 16:43:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2013/07/01 16:43:47 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2013/07/01 16:43:47 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2013/07/01 16:42:30 | 000,000,000 | ---D | C] -- C:\ProgramData\1E1A5

[2013/07/01 10:49:30 | 000,000,000 | ---D | C] -- C:\Users\josh\AppData\Local\Macromedia

[2013/07/01 10:48:36 | 000,000,000 | ---D | C] -- C:\Users\josh\AppData\Local\Mozilla

[2013/06/29 15:26:06 | 000,255,496 | ---- | C] (Logitech Inc.) -- C:\Windows\System32\MijFrc.dll

[2013/06/29 15:26:06 | 000,000,000 | ---D | C] -- C:\Users\josh\AppData\Roaming\MotioninJoy

[2013/06/29 15:26:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotioninJoy

[2013/06/29 15:26:05 | 000,099,400 | ---- | C] (MotioninJoy) -- C:\Windows\System32\drivers\MijXfilt.sys

[2013/06/29 09:40:12 | 000,034,304 | ---- | C] (AMD, Inc.) -- C:\Windows\System32\drivers\AmdLLD.sys

[2013/06/29 09:40:10 | 000,000,000 | ---D | C] -- C:\Program Files\AMD

[2013/06/29 09:39:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard

[2013/06/26 15:47:06 | 000,000,000 | ---D | C] -- C:\Users\josh\Documents\Euro Truck Simulator 2

[2013/06/25 16:31:32 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan

[2013/06/25 16:29:38 | 000,263,592 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe

[2013/06/25 16:28:30 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe

[2013/06/25 16:28:30 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe

[2013/06/25 16:28:30 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll

[2013/06/25 07:51:17 | 000,000,000 | ---D | C] -- C:\Users\josh\Documents\DeadIsland

[2013/06/23 10:31:31 | 000,000,000 | ---D | C] -- C:\Users\josh\Desktop\New Folder (4)

[2013/06/21 16:48:31 | 000,000,000 | ---D | C] -- C:\Users\josh\Desktop\StarMade

[2013/06/21 16:48:21 | 000,000,000 | ---D | C] -- C:\Users\josh\Desktop\Slendytubbies V2 Beta

[2013/06/21 16:39:14 | 000,000,000 | ---D | C] -- C:\Users\josh\AppData\Roaming\.StarMade

[2013/06/18 21:43:54 | 000,000,000 | ---D | C] -- C:\Users\josh\AppData\Roaming\3909 LLC

[2013/06/18 21:38:50 | 000,000,000 | ---D | C] -- C:\Users\josh\Desktop\papers please

[2013/06/17 22:00:11 | 000,000,000 | ---D | C] -- C:\Users\josh\AppData\Local\IsolatedStorage

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2013/07/16 16:05:04 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2013/07/16 16:04:28 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2013/07/16 15:59:59 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3287801049-2637330249-1735968051-1000UA.job

[2013/07/16 15:52:37 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2013/07/16 15:52:37 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2013/07/16 15:52:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2013/07/16 15:52:00 | 3487,748,096 | -HS- | M] () -- C:\hiberfil.sys

[2013/07/15 22:21:03 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2013/07/15 17:23:44 | 000,000,408 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Williams.job

[2013/07/15 15:20:04 | 000,000,680 | ---- | M] () -- C:\Users\josh\AppData\Local\d3d9caps.dat

[2013/07/15 15:19:17 | 000,000,918 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3287801049-2637330249-1735968051-1000Core.job

[2013/07/11 19:44:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\josh\Desktop\OTL.exe

[2013/07/10 20:37:16 | 000,000,844 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk

[2013/07/10 20:11:39 | 002,347,384 | ---- | M] (ESET) -- C:\Users\josh\Desktop\esetsmartinstaller_enu.exe

[2013/07/10 17:07:33 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts

[2013/07/09 16:09:16 | 000,000,222 | ---- | M] () -- C:\Users\josh\Desktop\Ship Simulator Extremes Demo.url

[2013/07/08 18:36:42 | 000,643,592 | ---- | M] (Unity Technologies ApS) -- C:\Users\josh\Desktop\UnityWebPlayer.exe

[2013/07/07 11:31:02 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\josh\Desktop\tdsskiller (1).exe

[2013/07/07 11:23:13 | 000,000,193 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat

[2013/07/07 11:14:04 | 000,650,027 | ---- | M] () -- C:\Users\josh\Desktop\AdwCleaner.exe

[2013/07/07 09:38:16 | 000,545,954 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\josh\Desktop\JRT.exe

[2013/07/06 15:17:02 | 000,000,221 | ---- | M] () -- C:\Users\josh\Desktop\Killing Floor.url

[2013/07/05 09:58:27 | 000,001,717 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

[2013/07/05 09:41:26 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\josh\Desktop\dds.com

[2013/07/04 15:20:44 | 001,492,584 | ---- | M] (Skype Technologies S.A.) -- C:\Users\josh\Desktop\SkypeSetup (1).exe

[2013/07/04 07:47:43 | 000,000,809 | ---- | M] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk

[2013/07/03 17:21:18 | 000,792,704 | ---- | M] (AMD) -- C:\Users\josh\Desktop\amddriverdownloader.exe

[2013/07/03 13:28:41 | 000,632,170 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2013/07/03 13:28:41 | 000,118,796 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2013/07/03 08:24:42 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt

[2013/07/03 08:24:42 | 000,001,688 | ---- | M] () -- C:\Windows\System32\autoexec.nt

[2013/07/03 08:24:42 | 000,000,002 | RHS- | M] () -- C:\Windows\winstart.bat

[2013/07/01 22:08:45 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif

[2013/07/01 22:00:54 | 011,091,432 | ---- | M] (Microsoft Corporation) -- C:\Users\josh\Desktop\mseinstall.exe

[2013/07/01 16:43:58 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2013/07/01 16:25:38 | 000,000,557 | ---- | M] () -- C:\Windows\System32\MyDefrag.debuglog

[2013/06/29 21:01:28 | 011,181,219 | ---- | M] () -- C:\Users\josh\Desktop\ARMA2_OA_Build_105785.zip

[2013/06/29 15:38:45 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_xusb21_01009.Wdf

[2013/06/29 15:38:44 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_MijXfilt_01009.Wdf

[2013/06/29 15:27:11 | 000,099,400 | ---- | M] (MotioninJoy) -- C:\Windows\System32\drivers\MijXfilt.sys

[2013/06/29 15:26:10 | 000,000,937 | ---- | M] () -- C:\Users\josh\Application Data\Microsoft\Internet Explorer\Quick Launch\DS3 Tool.lnk

[2013/06/29 15:16:24 | 001,964,304 | ---- | M] () -- C:\Users\josh\Desktop\MotioninJoy_050002_x86.zip

[2013/06/29 14:59:33 | 000,000,223 | ---- | M] () -- C:\Users\josh\Desktop\Cry of Fear.url

[2013/06/29 08:44:44 | 000,000,222 | ---- | M] () -- C:\Users\josh\Desktop\Moonbase Alpha.url

[2013/06/25 22:35:17 | 000,000,223 | ---- | M] () -- C:\Users\josh\Desktop\Euro Truck Simulator 2 Demo.url

[2013/06/25 16:24:52 | 000,263,592 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe

[2013/06/25 16:24:52 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe

[2013/06/25 16:24:52 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll

[2013/06/25 16:24:51 | 000,867,240 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npdeployJava1.dll

[2013/06/25 16:24:51 | 000,789,416 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll

[2013/06/25 16:24:51 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe

[2013/06/25 09:04:43 | 003,020,770 | ---- | M] () -- C:\Users\josh\Desktop\TechnicLauncher.exe

[2013/06/24 21:09:25 | 000,000,222 | ---- | M] () -- C:\Users\josh\Desktop\Dead Island.url

[2013/06/23 21:08:39 | 000,000,196 | ---- | M] () -- C:\Users\josh\Desktop\Gunpoint Demo.url

[2013/06/21 16:37:04 | 001,142,586 | ---- | M] () -- C:\Users\josh\Desktop\StarMade-starter.exe

[2013/06/18 17:07:05 | 000,007,380 | ---- | M] () -- C:\Users\josh\Desktop\minecraft- worst server ever.xej

[2013/06/18 17:00:02 | 000,001,284 | ---- | M] () -- C:\Users\josh\Desktop\minecraft-worst server ever.lnk

[2013/06/18 16:54:21 | 005,928,662 | ---- | M] () -- C:\Users\josh\Desktop\iDayzkilla intro.wmv

[2013/06/18 16:54:04 | 000,012,288 | ---- | M] () -- C:\Users\josh\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2013/06/17 22:26:31 | 146,144,976 | ---- | M] () -- C:\Users\josh\Desktop\ScreenCapture_17-06-2013 10.25.00 PM.xesc

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2013/07/10 20:37:16 | 000,000,844 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2013.lnk

[2013/07/09 16:09:16 | 000,000,222 | ---- | C] () -- C:\Users\josh\Desktop\Ship Simulator Extremes Demo.url

[2013/07/07 11:18:14 | 000,000,193 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat

[2013/07/07 11:16:52 | 000,650,027 | ---- | C] () -- C:\Users\josh\Desktop\AdwCleaner.exe

[2013/07/06 15:17:02 | 000,000,221 | ---- | C] () -- C:\Users\josh\Desktop\Killing Floor.url

[2013/07/03 08:24:42 | 000,000,002 | RHS- | C] () -- C:\Windows\winstart.bat

[2013/07/01 22:07:50 | 000,001,828 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk

[2013/07/01 16:43:58 | 000,000,908 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2013/06/29 21:03:10 | 011,181,219 | ---- | C] () -- C:\Users\josh\Desktop\ARMA2_OA_Build_105785.zip

[2013/06/29 15:38:45 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_xusb21_01009.Wdf

[2013/06/29 15:38:44 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_MijXfilt_01009.Wdf

[2013/06/29 15:26:10 | 000,000,937 | ---- | C] () -- C:\Users\josh\Application Data\Microsoft\Internet Explorer\Quick Launch\DS3 Tool.lnk

[2013/06/29 15:19:11 | 001,964,304 | ---- | C] () -- C:\Users\josh\Desktop\MotioninJoy_050002_x86.zip

[2013/06/29 14:59:33 | 000,000,223 | ---- | C] () -- C:\Users\josh\Desktop\Cry of Fear.url

[2013/06/29 08:44:43 | 000,000,222 | ---- | C] () -- C:\Users\josh\Desktop\Moonbase Alpha.url

[2013/06/25 22:35:16 | 000,000,223 | ---- | C] () -- C:\Users\josh\Desktop\Euro Truck Simulator 2 Demo.url

[2013/06/25 16:31:33 | 000,001,717 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

[2013/06/24 21:09:25 | 000,000,222 | ---- | C] () -- C:\Users\josh\Desktop\Dead Island.url

[2013/06/23 21:08:38 | 000,000,196 | ---- | C] () -- C:\Users\josh\Desktop\Gunpoint Demo.url

[2013/06/21 16:39:07 | 001,142,586 | ---- | C] () -- C:\Users\josh\Desktop\StarMade-starter.exe

[2013/06/18 17:07:04 | 000,007,380 | ---- | C] () -- C:\Users\josh\Desktop\minecraft- worst server ever.xej

[2013/06/18 17:00:02 | 000,001,284 | ---- | C] () -- C:\Users\josh\Desktop\minecraft-worst server ever.lnk

[2013/06/18 16:54:08 | 005,928,662 | ---- | C] () -- C:\Users\josh\Desktop\iDayzkilla intro.wmv

[2013/06/17 22:25:01 | 146,144,976 | ---- | C] () -- C:\Users\josh\Desktop\ScreenCapture_17-06-2013 10.25.00 PM.xesc

[2013/06/13 16:08:03 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI

[2013/04/11 11:15:58 | 000,139,424 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys

[2013/04/11 11:15:57 | 000,138,056 | ---- | C] () -- C:\Users\josh\AppData\Roaming\PnkBstrK.sys

[2013/04/11 11:15:46 | 000,282,104 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe

[2013/04/11 11:15:42 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe

[2013/04/11 11:15:40 | 002,793,768 | ---- | C] () -- C:\Windows\System32\pbsvc.exe

[2013/01/25 15:23:38 | 000,042,880 | ---- | C] () -- C:\Windows\System32\xfcodec.dll

[2013/01/07 10:31:38 | 000,000,552 | ---- | C] () -- C:\Users\josh\AppData\Local\d3d8caps.dat

[2012/11/17 05:37:32 | 000,037,376 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll

[2012/11/16 16:01:04 | 000,159,232 | ---- | C] () -- C:\Windows\System32\clinfo.exe

[2012/11/13 16:25:00 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat

[2012/09/30 12:32:53 | 000,015,432 | ---- | C] () -- C:\Windows\Launcher.exe

[2012/09/08 18:48:16 | 000,000,680 | ---- | C] () -- C:\Users\josh\AppData\Local\d3d9caps.dat

[2012/09/08 09:09:52 | 001,145,382 | ---- | C] () -- C:\Users\josh\AppData\Local\Tempmusic.ogg

[2012/09/03 16:43:51 | 000,012,288 | ---- | C] () -- C:\Users\josh\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012/04/20 08:14:22 | 000,057,344 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll

[2012/03/07 03:59:32 | 000,618,823 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat

[2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat

[2011/09/13 08:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat

[2010/05/30 15:01:10 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

 

========== ZeroAccess Check ==========

 

[2006/11/02 22:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 03:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 16:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 16:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:6D4F7F2B

@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:D1B5B4F1

 

< End of report >
Link to post
Share on other sites

Run OTL

  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :files

    ipconfig /flushdns /c

    ipconfig /release /c

    ipconfig /renew /c

    :Commands

    [emptytemp]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Please post the OTL fix log in your next reply.
Note: A copy of an OTL fix log is saved in a text file at C:\_OTL\MovedFiles
Link to post
Share on other sites

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . : 

C:\Users\josh\Desktop\cmd.bat deleted successfully.

C:\Users\josh\Desktop\cmd.txt deleted successfully.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: All Users

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

 

User: josh

->Temp folder emptied: 168071732 bytes

->Temporary Internet Files folder emptied: 27036819 bytes

->Java cache emptied: 1876 bytes

->FireFox cache emptied: 5865335 bytes

->Google Chrome cache emptied: 14103959 bytes

->Flash cache emptied: 58824 bytes

 

User: Ken

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 16093057 bytes

->Java cache emptied: 0 bytes

->FireFox cache emptied: 21298145 bytes

->Google Chrome cache emptied: 47662572 bytes

->Flash cache emptied: 1666 bytes

 

User: Public

->Temp folder emptied: 0 bytes

 

User: Williams

->Temp folder emptied: 866279 bytes

->Temporary Internet Files folder emptied: 1973204 bytes

->Java cache emptied: 5652055 bytes

->FireFox cache emptied: 81596909 bytes

->Google Chrome cache emptied: 16999537 bytes

->Flash cache emptied: 1008 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 104930405 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes

RecycleBin emptied: 0 bytes

 

Total Files Cleaned = 488.00 mb

 

 

OTL by OldTimer - Version 3.2.69.0 log created on 07162013_193439

 

Files\Folders moved on Reboot...

 

PendingFileRenameOperations files...

 

Registry entries deleted on Reboot...

Link to post
Share on other sites

The message "The directory is not empty" may display in the command window. Ignore this message as it is related to the creation of a new directory. The files are removed.

e. Close the command prompt window and restart the computer.

Do you still have problem with corrupted message?

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.