Jump to content

Unable to run windows update and access certain sites


Max124

Recommended Posts

  • Staff

Hello

Lets see if this will fix what is wrong with the internet

Complete Internet Repair

  • Please download http://www.petrichorpost.com/?ddownload=524 Complete Internet Repair and save it to your desktop

    and save it to your desktop

  • Double click the icon and select Run
  • Click Extract
  • Double click the Complete Internet Repair folder on your desktop
  • Double click the CIntRep.exe icon
  • Place a checkmark next to the following entries:
    • Reset Internet Protocol (TCP/IP)
    • Repair Winsock (Reset Catalog)
    • Renew Internet Connections
    • Flush DNS Resolver Cache
    • Repair Internet Explorer 6.0.2900
    • Clear Windows Update History
    • Repair Windows / Automatic Updates
    • Repair SSL / HTTPS / Cryptography
    • Reset Windows Firewall Configuration
    • Restore the default hosts file
    • Repair Workgroup Computers view
  • Click Go!
  • Ignore any error messages for now
  • Click OK to reboot your computer
  • Check your internet access
Please let me know if this worked

Gringo

Link to post
Share on other sites

  • Replies 62
  • Created
  • Last Reply

Top Posters In This Topic

  • Staff

Hello Max124

Lets get a deeper look into the system and lets see if something shows up.

Download and run OTL

Download OTL by Old Timer and save it to your Desktop.

  • Double click on OTL.exe to run it.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened and the that I need posted back here
    • Extra.txt <-- Will be minimized - save this one on your desktop in case I ask for it later
  • Please post the contents of OTL.txt in your next reply.
Gringo
Link to post
Share on other sites

OTL logfile created on: 12/2/2013 9:59:11 PM - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\otl
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
5.97 Gb Total Physical Memory | 1.32 Gb Available Physical Memory | 22.13% Memory free
12.07 Gb Paging File | 7.11 Gb Available in Paging File | 58.89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 208.51 Gb Total Space | 99.66 Gb Free Space | 47.80% Space Free | Partition Type: NTFS
Drive D: | 15.01 Gb Total Space | 7.51 Gb Free Space | 50.05% Space Free | Partition Type: NTFS
Drive E: | 193.00 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 14.83 Gb Total Space | 9.87 Gb Free Space | 66.54% Space Free | Partition Type: FAT32
Drive J: | 1863.01 Gb Total Space | 1270.07 Gb Free Space | 68.17% Space Free | Partition Type: NTFS
Drive K: | 581.12 Gb Total Space | 505.05 Gb Free Space | 86.91% Space Free | Partition Type: NTFS
Drive M: | 15.00 Gb Total Space | 7.50 Gb Free Space | 49.99% Space Free | Partition Type: NTFS
 
Computer Name: DESKTOP | User Name: Max | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\otl\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Miranda IM\miranda32.exe ( )
PRC - C:\Program Files (x86)\Opera\opera.exe (Opera Software)
PRC - C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
PRC - C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe (Seagate Technology LLC)
PRC - C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe (Seagate Technology LLC)
PRC - C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe (Seagate Technology LLC)
PRC - C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit Inc.)
PRC - C:\Program Files (x86)\Datacolor\Spyder3Elite\Utility\Spyder3Utility.exe ()
PRC - C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
PRC - C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe (Citrix Systems, Inc.)
PRC - C:\Program Files (x86)\Citrix\ICA Client\ssonsvr.exe (Citrix Systems, Inc.)
PRC - C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\XnView\xnview.exe (XnView, http://www.xnview.com)
PRC - C:\Program Files (x86)\RealVNC\VNC4\winvnc4.exe (RealVNC Ltd.)
PRC - C:\Program Files\Dell\DellDock\DockLogin.exe (Stardock Corporation)
PRC - C:\Windows\SysWOW64\WebUpdateSvc4.exe (Data Perceptions / PowerProgrammer)
PRC - C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe (Creative Technology Ltd.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\ce9a2e0e508484f2ccc43194945cfae4\Microsoft.VisualBasic.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\e40d894a772b2cff5ffd5a84ef20d2d4\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\dac1208781fdd0b960afc12efff42944\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\71d887ce964fb69b7f03c4fe7a3f28ff\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\8927b576eb15c4a8f4bb04f05e7cc51e\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\884bcbd22130ebeb1211bc7bcc3910c9\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\3a3fc0216674bdea0be809b305517c98\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\de853615c8224ba5d9aa9b76276c6d98\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\cf58670896c5313b9b52f026f4455a5d\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Miranda IM\zlib.dll ()
MOD - C:\Program Files (x86)\Miranda IM\Plugins\ICQ.dll ()
MOD - C:\Program Files (x86)\Miranda IM\Plugins\dbx_mmap.dll ()
MOD - C:\Program Files (x86)\Miranda IM\Plugins\Aim.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstautodetect.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\gstreamer.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstoggdec.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstffmpegcolorspace.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstwebmdec.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstcoreplugins.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioresample.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioconvert.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstwavparse.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstdirectsound.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstdecodebin2.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstwaveform.dll ()
MOD - C:\Program Files (x86)\Datacolor\Spyder3Elite\Utility\Spyder3Utility.exe ()
MOD - C:\Program Files (x86)\Datacolor\Spyder3Elite\Utility\Spyder3Utility Libs\RBScript.dll ()
MOD - C:\Program Files (x86)\Datacolor\Spyder3Elite\Utility\Spyder3Utility Libs\XML.dll ()
MOD - C:\Program Files (x86)\Datacolor\Spyder3Elite\Utility\Spyder3Utility Libs\CGamma.dll ()
MOD - C:\Program Files (x86)\Datacolor\Spyder3Elite\Utility\Spyder3Utility Libs\RegEx.dll ()
MOD - C:\Program Files (x86)\Datacolor\Spyder3Elite\Utility\Spyder3Utility Libs\Appearance Pak.dll ()
MOD - C:\Program Files (x86)\Datacolor\Spyder3Elite\Utility\Spyder3Utility Libs\Shell.dll ()
MOD - C:\Program Files (x86)\Datacolor\Spyder3Elite\Utility\Spyder3Utility Libs\CSensor.dll ()
MOD - C:\Program Files (x86)\Datacolor\Spyder3Elite\Utility\Spyder3Utility Libs\MBSRegistrationPlugin16042.dll ()
MOD - C:\Program Files (x86)\Datacolor\Spyder3Elite\Utility\Spyder3Utility Libs\MBSPluginVersionPlugin16042.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe (SUPERAntiSpyware.com)
SRV:64bit: - (FLEXnet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.)
SRV:64bit: - (DockLoginService) -- C:\Program Files\Dell\DellDock\DockLogin.exe (Stardock Corporation)
SRV:64bit: - (AERTFilters) -- C:\Windows\SysNative\AERTSr64.exe (Andrea Electronics Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Seagate Dashboard Services) -- C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe (Seagate Technology LLC)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (IntuitUpdateService) -- C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit Inc.)
SRV - (GameConsoleService) -- C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ccSetMgr) -- C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (ccEvtMgr) -- C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (SNAC) -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE (Symantec Corporation)
SRV - (SmcService) -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe (Symantec Corporation)
SRV - (Symantec AntiVirus) -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe (Symantec Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (LiveUpdate) -- C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_3.EXE (Symantec Corporation)
SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)
SRV - (WinVNC4) -- C:\Program Files (x86)\RealVNC\VNC4\winvnc4.exe (RealVNC Ltd.)
SRV - (WebUpdate4) -- C:\Windows\SysWOW64\WebUpdateSvc4.exe (Data Perceptions / PowerProgrammer)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS (Symantec Corporation)
DRV:64bit: - (gfibto) -- C:\Windows\SysNative\drivers\gfibto.sys (GFI Software)
DRV:64bit: - (adfs) -- C:\Windows\SysNative\drivers\adfs.sys (Adobe Systems, Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\DRIVERS\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\DRIVERS\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:64bit: - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (RimUsb) -- C:\Windows\SysNative\Drivers\RimUsb_AMD64.sys (Research In Motion Limited)
DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation)
DRV:64bit: - (ctxusbm) -- C:\Windows\SysNative\DRIVERS\ctxusbm.sys (Citrix Systems, Inc.)
DRV:64bit: - (SRTSPL) -- C:\Windows\SysNative\Drivers\SRTSPL64.SYS (Symantec Corporation)
DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\Drivers\SRTSP64.SYS (Symantec Corporation)
DRV:64bit: - (SRTSPX) -- C:\Windows\SysNative\Drivers\SRTSPX64.SYS (Symantec Corporation)
DRV:64bit: - (NuidFltr) -- C:\Windows\SysNative\DRIVERS\NuidFltr.sys (Microsoft Corporation)
DRV:64bit: - (RTL8169) -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys (Realtek Corporation                                            )
DRV:64bit: - (RimVSerPort) -- C:\Windows\SysNative\DRIVERS\RimSerial_AMD64.sys (Research in Motion Ltd)
DRV:64bit: - (Spyder3) -- C:\Windows\SysNative\DRIVERS\Spyder3.sys ()
DRV:64bit: - (OA002Vid) -- C:\Windows\SysNative\DRIVERS\OA002Vid.sys (Creative Technology Ltd.)
DRV:64bit: - (RtNdPt60) -- C:\Windows\SysNative\DRIVERS\RtNdPt60.sys (Windows ® Codename Longhorn DDK provider)
DRV:64bit: - (IntcHdmiAddService) -- C:\Windows\SysNative\drivers\IntcHdmi.sys (Intel® Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iastor.sys (Intel Corporation)
DRV:64bit: - (OA002Ufd) -- C:\Windows\SysNative\DRIVERS\OA002Ufd.sys (Creative Technology Ltd.)
DRV:64bit: - (ROOTMODEM) -- C:\Windows\SysNative\Drivers\RootMdm.sys (Microsoft Corporation)
DRV:64bit: - (e1express) -- C:\Windows\SysNative\DRIVERS\e1e6032e.sys (Intel Corporation)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\Drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (OA002Afx) -- C:\Windows\SysNative\Drivers\OA002Afx.sys (Creative Technology Ltd.)
DRV:64bit: - (RLDesignVirtualAudioCableWdm) -- C:\Windows\SysNative\DRIVERS\livecamv.sys ()
DRV:64bit: - (R300) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (ATI Technologies Inc.)
DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (NAVEX15) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20131202.016\ex64.sys (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20131202.016\eng64.sys (Symantec Corporation)
DRV - (adfs) -- C:\Windows\SysWow64\drivers\adfs.sys (Adobe Systems, Inc.)
DRV - (SRTSPL) -- C:\Windows\SysWOW64\drivers\srtspl64.sys (Symantec Corporation)
DRV - (SRTSP) -- C:\Windows\SysWOW64\drivers\srtsp64.sys (Symantec Corporation)
DRV - (SRTSPX) -- C:\Windows\SysWOW64\drivers\srtspx64.sys (Symantec Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-21-2184758152-4010477325-542078138-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
IE - HKU\S-1-5-21-2184758152-4010477325-542078138-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2184758152-4010477325-542078138-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Eudora OSE 1.0\extensions\\Components: C:\Program Files (x86)\Eudora OSE\components [2011/02/15 10:05:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Eudora OSE 1.0\extensions\\Plugins: C:\Program Files (x86)\Eudora OSE\plugins
 
[2011/02/15 10:06:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Max\AppData\Roaming\Mozilla\Extensions
[2011/02/15 10:06:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Max\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2013/11/14 10:47:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Max\AppData\Roaming\Mozilla\Firefox\extensions
 
O1 HOSTS File: ([2013/12/02 16:01:56 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O3 - HKU\S-1-5-21-2184758152-4010477325-542078138-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m File not found
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ccApp] C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [DBAgent] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe (Seagate Technology LLC)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKU\S-1-5-21-2184758152-4010477325-542078138-1000..\Run: [Gadwin PrintScreen] C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe (Gadwin Systems, Inc)
O4 - HKU\S-1-5-21-2184758152-4010477325-542078138-1000..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)
O4 - HKU\S-1-5-21-2184758152-4010477325-542078138-1000..\Run: [uploader] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe (Seagate Technology LLC)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk =  File not found
O4 - Startup: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk =  File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2184758152-4010477325-542078138-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2184758152-4010477325-542078138-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7269A6D6-C07D-4C51-A049-8897A2739644}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/12/02 21:57:39 | 000,000,000 | ---D | C] -- C:\otl
[2013/11/27 17:10:49 | 000,692,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/11/25 22:30:46 | 002,926,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2013/11/23 16:03:57 | 000,000,000 | ---D | C] -- C:\FRST
[2013/11/20 21:17:00 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/11/20 20:08:31 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Local\Google
[2013/11/20 20:08:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013/11/18 12:53:26 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013/11/18 12:51:27 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\catroot2
[2013/11/18 09:52:06 | 000,181,064 | ---- | C] (Sysinternals) -- C:\Windows\PSEXESVC.EXE
[2013/11/18 09:43:58 | 000,000,000 | ---D | C] -- C:\RegBackup
[2013/11/17 23:01:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
[2013/11/17 23:01:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tweaking.com
[2013/11/17 21:16:04 | 000,000,000 | ---D | C] -- C:\Users\Max\Doctor Web
[2013/11/15 23:02:16 | 004,121,440 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Max\Desktop\tdsskiller.exe
[2013/11/14 10:42:05 | 000,000,000 | ---D | C] -- C:\temp
[2013/11/14 10:42:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Updater
[2013/11/14 10:42:00 | 000,000,000 | ---D | C] -- C:\ProgramData\RHelpers
[2013/11/14 02:07:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2013/11/14 01:55:15 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2013/11/14 01:55:02 | 000,000,000 | ---D | C] -- C:\mbar
[2013/11/13 23:14:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2013/11/13 23:14:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2013/11/13 17:09:56 | 000,000,000 | ---D | C] -- C:\Users\Max\Desktop\GooredFix Backups
[2013/11/13 02:10:35 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\SUPERAntiSpyware.com
[2013/11/13 02:10:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2013/11/13 02:10:31 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2013/11/13 02:10:31 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2013/11/13 00:09:03 | 093,171,984 | ---- | C] (Microsoft Corporation) -- C:\Users\Max\Desktop\msert.exe
[2013/11/12 00:27:17 | 000,000,000 | ---D | C] -- C:\Users\Max\Documents\ProcAlyzer Dumps
[2013/11/11 21:43:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2013/11/06 21:47:15 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Local\CrashDumps
[2013/11/06 15:43:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013/11/06 15:43:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2013/11/06 15:39:57 | 040,658,208 | ---- | C] (Safer-Networking Ltd.                                       ) -- C:\Users\Max\Desktop\spybot-2.2.exe
[2013/11/06 14:12:31 | 000,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2013/11/06 14:04:24 | 013,812,408 | ---- | C] (Microsoft Corporation) -- C:\Users\Max\Desktop\mseinstall.exe
[2013/11/05 16:54:31 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/11/05 16:38:15 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/11/05 16:38:15 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/11/05 16:38:15 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/11/05 16:38:05 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/11/05 16:37:51 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/11/05 16:36:22 | 005,146,522 | R--- | C] (Swearware) -- C:\Users\Max\Desktop\ComboFix.exe
[2013/11/05 16:31:15 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/11/05 16:25:31 | 000,000,000 | ---D | C] -- C:\Users\Max\Desktop\RK_Quarantine
 
========== Files - Modified Within 30 Days ==========
 
[2013/12/02 21:31:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/12/02 20:18:51 | 000,003,744 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/12/02 20:18:51 | 000,003,744 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/12/02 16:23:10 | 000,703,516 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/12/02 16:23:10 | 000,592,760 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/12/02 16:23:10 | 000,100,360 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/12/02 16:18:55 | 000,000,288 | ---- | M] () -- C:\Windows\tasks\RtlNICDiagVistaStart.job
[2013/12/02 16:18:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/12/02 16:18:42 | 2110,971,903 | -HS- | M] () -- C:\hiberfil.sys
[2013/12/02 16:01:56 | 000,000,761 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013/12/02 12:54:18 | 000,379,166 | ---- | M] () -- C:\Users\Max\Desktop\MIoffehh376763052statusmatch.jpg
[2013/11/27 17:10:49 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/11/27 17:10:49 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/11/25 22:33:30 | 000,091,352 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2013/11/20 21:05:12 | 005,146,522 | R--- | M] (Swearware) -- C:\Users\Max\Desktop\ComboFix.exe
[2013/11/20 20:14:32 | 004,161,024 | ---- | M] () -- C:\Users\Max\Desktop\RogueKillerX64.exe
[2013/11/20 20:02:21 | 748,439,513 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/11/18 12:51:12 | 002,990,992 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/11/18 12:49:21 | 000,181,064 | ---- | M] (Sysinternals) -- C:\Windows\PSEXESVC.EXE
[2013/11/18 12:42:16 | 000,703,516 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/11/18 10:23:47 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2013/11/18 09:59:33 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts_bak_900
[2013/11/18 09:44:24 | 000,000,207 | ---- | M] () -- C:\Windows\tweaking.com-regbackup-DESKTOP-Microsoft®-Windows-Vista™-Home-Premium-(64-bit).dat
[2013/11/17 23:01:58 | 000,001,996 | ---- | M] () -- C:\Users\Max\Desktop\Tweaking.com - Windows Repair (All in One).lnk
[2013/11/17 22:23:54 | 000,000,680 | ---- | M] () -- C:\Users\Max\AppData\Local\d3d9caps.dat
[2013/11/16 10:21:16 | 004,121,440 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Max\Desktop\tdsskiller.exe
[2013/11/15 10:13:17 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts_bak_72
[2013/11/14 11:45:51 | 000,000,945 | ---- | M] () -- C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2013/11/13 02:10:34 | 000,001,655 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2013/11/13 00:09:21 | 093,171,984 | ---- | M] (Microsoft Corporation) -- C:\Users\Max\Desktop\msert.exe
[2013/11/11 22:40:05 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013/11/06 15:40:32 | 040,658,208 | ---- | M] (Safer-Networking Ltd.                                       ) -- C:\Users\Max\Desktop\spybot-2.2.exe
[2013/11/06 14:04:24 | 013,812,408 | ---- | M] (Microsoft Corporation) -- C:\Users\Max\Desktop\mseinstall.exe
[2013/11/05 15:00:00 | 000,275,181 | ---- | M] () -- C:\Users\Max\Desktop\WindowsUpdateDiagnostic.diagcab
[2013/11/05 09:22:35 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe
 
========== Files Created - No Company Name ==========
 
[2013/12/02 12:54:17 | 000,379,166 | ---- | C] () -- C:\Users\Max\Desktop\MIoffehh376763052statusmatch.jpg
[2013/11/27 16:56:49 | 2110,971,903 | -HS- | C] () -- C:\hiberfil.sys
[2013/11/18 09:56:19 | 000,703,516 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/11/18 09:44:24 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-DESKTOP-Microsoft®-Windows-Vista™-Home-Premium-(64-bit).dat
[2013/11/17 23:01:58 | 000,001,996 | ---- | C] () -- C:\Users\Max\Desktop\Tweaking.com - Windows Repair (All in One).lnk
[2013/11/13 23:14:58 | 000,000,945 | ---- | C] () -- C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2013/11/13 02:10:34 | 000,001,655 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2013/11/06 14:13:01 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif
[2013/11/05 16:38:15 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/11/05 16:38:15 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/11/05 16:38:15 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/11/05 16:38:15 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/11/05 16:38:15 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/11/05 16:25:15 | 004,161,024 | ---- | C] () -- C:\Users\Max\Desktop\RogueKillerX64.exe
[2013/11/05 14:59:59 | 000,275,181 | ---- | C] () -- C:\Users\Max\Desktop\WindowsUpdateDiagnostic.diagcab
[2013/07/30 11:56:50 | 000,000,000 | ---- | C] () -- C:\ProgramData\Nalpeiron
[2012/11/26 12:10:24 | 000,001,460 | ---- | C] () -- C:\Users\Max\AppData\Local\d3d9caps64.dat
[2011/12/04 23:17:33 | 000,098,304 | ---- | C] () -- C:\Windows\SysWow64\redmonnt.dll
[2011/06/08 22:32:47 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/01/24 16:18:57 | 000,000,173 | ---- | C] () -- C:\Users\Max\AppData\Local\RAExpertHistory.xml
[2009/08/25 17:39:06 | 000,008,192 | ---- | C] () -- C:\Users\Max\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/07/30 09:12:33 | 000,000,947 | ---- | C] () -- C:\Users\Max\AppData\Roaming\DataSafeDotNet.exe
[2009/04/08 11:43:30 | 000,024,226 | ---- | C] () -- C:\Users\Max\AppData\Roaming\UserTile.png
[2009/04/08 09:41:11 | 000,000,680 | ---- | C] () -- C:\Users\Max\AppData\Local\d3d9caps.dat
 
========== ZeroAccess Check ==========
 
[2006/11/02 10:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\desktop.in0
[2013/11/14 10:41:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 12:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 12:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/04/11 02:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\SysWow64\wbem\fastprox.dll -- [2009/04/11 01:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008/01/20 21:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\SysWow64\wbem\wbemess.dll
 
========== Files - Unicode (All) ==========
[2012/02/16 15:06:41 | 000,014,309 | ---- | M] ()(C:\Users\Max\Documents\????? ?? ????? ?? ????? ??? ????.docx) -- C:\Users\Max\Documents\Культ не культ но вождь всё знал.docx
[2012/02/16 15:06:38 | 000,014,309 | ---- | C] ()(C:\Users\Max\Documents\????? ?? ????? ?? ????? ??? ????.docx) -- C:\Users\Max\Documents\Культ не культ но вождь всё знал.docx
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 5 bytes -> C:\ProgramData\Nalpeiron:user.ns1
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:5D432CE3

< End of report >

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.