Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

I have a spam problem

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

I have a spam problem

Unread postby shakey1991 » November 3rd, 2011, 3:43 am

I have had a spam problem on my hotmail account for a while, I believe I fixed this by removing all my contacts.

However, I think the same problem is happening with my yahoo account which I use to apply for jobs and for uni, apparently "I" sent one of my tutors an e-mail with a link to a porn site lol. I run Spybot weekly, as well as CCleaner, and AVG free although less frequently because it never finds anything. I have a Zonealarm free firewall. I have just run hijackthis and don't know what programs are the possible bad ones. I tried to download the DDS thing but it didn't work, sorry. Also I am not the only person who uses this laptop, so it may be that others in my family are doing/installing programs I am unaware about, although I try to keep a fairly tight ship in regards to that.

Anything else that might be helpful just tell me, I am reasonably competent with computers, but this sort of thing is beyond my grasp.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:28:33 PM, on 3/11/2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Conor\Desktop\HijackThis.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8118
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
R3 - URLSearchHook: (no name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)
R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\8.0.0.34\AVG Secure Search_toolbar.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\8.0.0.34\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [Microsoft Pinyin IME Migration] C:\PROGRA~2\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE /INSTALL
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\8.0.1\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\SysWOW64\ZoneLabs\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13414 bytes
shakey1991
Active Member
 
Posts: 9
Joined: November 3rd, 2011, 3:32 am
Advertisement
Register to Remove

Re: I have a spam problem

Unread postby Gary R » November 4th, 2011, 2:13 am

Looking over your logs, back soon.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: I have a spam problem

Unread postby Gary R » November 4th, 2011, 2:23 am

Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the "malware removal" forum and wait for help.


Unless informed of in advance, failure to post replies within 3 days will result in this thread being closed.


Hi shakey1991

I'm Gary R, I'll be glad to help you with your computer problems.

Before we start: Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.

I'd also recommend that you create a System Restore Point that we can restore to if necessary.

  • Click Start, and type Create a restore point into the Search programs and files box.
  • Now click on the Create a restore point icon at the top of the find list.
  • This will open a System Properties box, with the System Protection tab open ...
    • Click on the Create button in the lower part of the window.
    • Type Pre Malware Cleanup into the description box, then click Create.
    • Windows will now create a Restore Point and notify you when finished.
    • Exit any open windows.

Please observe these rules while we work:
  • Perform all actions in the order given.
  • If you don't know, stop and ask! Don't keep going on.
  • Please reply to this thread. Do not start a new topic.
  • Stick with it till you're given the all clear.
  • Remember, absence of symptoms does not mean the infection is all gone.
  • Don't attempt to install any new software (other than those I ask you to) until we've got your computer clean.
  • Don't attempt to clean your computer with any tools other than the ones I ask you to use during the cleanup process. If your defensive programmes warn you about any of those tools, be assured that they are not infected, and are safe to use.
If you can do these things, everything should go smoothly.
  • As you're using Vista or Windows7, it will be necessary to right click all tools we use and select ----> Run as Administrator

It may be helpful to you to print out or take a copy of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.


Since both Hotmail and Yahoo are online accounts, it's quite possible that there is no active infection on your computer, and that it's Hotmail and Yahoo that have been hacked. This has happened in the past.

If that is the case, then changing your password at Hotmail and Yahoo should resolve the issue.

However, it's best we check your computer for infection before doing that, since if your problems are caused by an infection, you'll end up chasing your tail and getting nowhere.

Your HJT log shows you're using the 64 bit version of W7, and HJT was not designed to run on that OS, and therefore its results cannot be relied upon, I need you to run some other scans for me, so I can get an accurate idea of what is on your machine.

Download OTL by OldTimer to your Desktop.

If you already have a copy of OTL delete it and use this version.

  • Double click OTL.exe to launch the programme.
  • Check the following.
    • Scan all users.
    • Standard Output.
    • Lop check.
    • Purity check.
  • Under Extra Registry section, select Use SafeList
  • Click the Run Scan button and wait for the scan to finish (usually about 10-15 mins).
  • When finished it will produce two logs.
    • OTL.txt (open on your desktop).
    • Extras.txt (minimised in your taskbar)
  • Please post me both logs.

Next

Download TDSSKiller.zip and extract it to your Desktop.
  • Double click on TDSSKiller.exe to launch it.
    • If using Vista or Windows7, when prompted by UAC allow the prompt.
  • Click on Start Scan
  • The scan will run.
  • When the scan has finished, if it finds anything please click on the drop down arrow next to Cure and select Skip
  • Now click on Report to open the log file created by TDSSKiller in your root directory C:\
  • Post the contents in your next reply please.
  • DO NOT TRY TO FIX ANYTHING AT THIS POINT

Summary of the logs I need from you in your next post:
  • OTL.txt
  • Extras.txt
  • TDSSKiller log


Please post each log separately to prevent it being cut off by the forum post size limiter. Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: I have a spam problem

Unread postby shakey1991 » November 5th, 2011, 11:07 pm

running the scans now gary, thanks for the help, when we have finished this would i be able to post my hijack scans for my desktop, as i access my e-mail from both this laptop and the desktop and it may be that the problem is on the desktop
shakey1991
Active Member
 
Posts: 9
Joined: November 3rd, 2011, 3:32 am

OTL.txt

Unread postby shakey1991 » November 5th, 2011, 11:19 pm

OTL logfile created on: 11/6/2011 2:03:01 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Conor\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

1.86 Gb Total Physical Memory | 0.53 Gb Available Physical Memory | 28.82% Memory free
3.71 Gb Paging File | 1.45 Gb Available in Paging File | 39.03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74.52 Gb Total Space | 30.49 Gb Free Space | 40.92% Space Free | Partition Type: NTFS
Drive D: | 206.97 Gb Total Space | 129.63 Gb Free Space | 62.64% Space Free | Partition Type: NTFS
Drive E: | 7.80 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: CONORSLAPTOP | User Name: Conor | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/11/06 14:00:36 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Conor\Desktop\OTL.exe
PRC - [2011/11/04 21:54:42 | 003,293,784 | ---- | M] () -- C:\Users\Conor\AppData\Local\Akamai\netsession_win.exe
PRC - [2011/10/26 19:10:47 | 001,036,344 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2011/10/24 20:29:16 | 002,415,456 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
PRC - [2011/10/18 17:43:45 | 000,246,600 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe
PRC - [2011/10/18 17:43:42 | 000,218,440 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2011/10/12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/01/05 20:09:52 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010/09/02 09:22:30 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) -- C:\Windows\SysWOW64\ZoneLabs\vsmon.exe
PRC - [2010/09/02 09:21:04 | 001,043,968 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2010/04/28 03:34:53 | 003,054,136 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2010/02/06 04:05:08 | 000,182,912 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2010/02/05 08:05:32 | 007,350,912 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2010/01/06 07:59:12 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2010/01/05 11:43:36 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009/12/16 04:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009/11/25 07:45:36 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
PRC - [2009/11/03 08:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009/10/01 13:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009/10/01 13:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009/08/01 04:38:24 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2009/06/25 06:30:18 | 000,272,952 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
PRC - [2009/06/20 04:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009/06/20 04:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009/06/16 11:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/12/23 11:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2007/12/01 05:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe


========== Modules (No Company Name) ==========

MOD - [2011/11/04 21:54:42 | 003,293,784 | ---- | M] () -- C:\Users\Conor\AppData\Local\Akamai\netsession_win.exe
MOD - [2011/10/26 19:10:46 | 000,420,920 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\15.0.874.106\ppgooglenaclpluginchrome.dll
MOD - [2011/10/26 19:10:45 | 003,702,840 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\15.0.874.106\pdf.dll
MOD - [2011/10/26 19:09:09 | 000,122,952 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\15.0.874.106\avutil-51.dll
MOD - [2011/10/26 19:09:07 | 000,222,280 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\15.0.874.106\avformat-53.dll
MOD - [2011/10/26 19:09:06 | 001,745,992 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\15.0.874.106\avcodec-53.dll
MOD - [2011/10/26 16:14:43 | 008,587,936 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\15.0.874.106\gcswf32.dll
MOD - [2011/10/18 17:43:42 | 000,218,440 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2010/01/05 11:43:36 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2009/11/25 07:45:36 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
MOD - [2009/11/03 08:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009/11/03 08:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2009/09/24 05:07:14 | 000,204,800 | ---- | M] () -- C:\Program Files (x86)\ASUS\VirtualCamera\virtualCamera.ax
MOD - [2007/12/01 05:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
MOD - [2007/06/16 04:28:36 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
MOD - [2007/06/02 11:08:18 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/12/08 10:16:34 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2009/08/07 08:17:46 | 000,118,672 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009/07/14 12:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011/11/05 15:19:48 | 003,298,392 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_d71b4a3.dll -- (Akamai)
SRV - [2011/10/18 17:43:45 | 000,246,600 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe -- (vToolbarUpdater)
SRV - [2011/10/12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010/09/02 09:22:30 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Windows\SysWOW64\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2010/09/01 15:52:56 | 000,066,112 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus(R)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/12/16 04:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009/10/01 13:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009/10/01 13:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009/06/16 11:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009/06/11 08:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008/03/31 20:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/10/07 06:23:46 | 000,283,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2011/09/13 06:30:08 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011/08/31 20:53:22 | 012,306,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/08/08 06:08:58 | 000,046,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/07/11 01:14:36 | 000,375,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2011/07/11 01:14:08 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV:64bit: - [2011/07/11 01:14:06 | 000,120,400 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV:64bit: - [2011/07/11 01:14:06 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV:64bit: - [2011/03/11 17:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 17:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/01/06 18:08:58 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011/01/06 18:02:14 | 000,513,080 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/11/21 00:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 22:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 21:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010/11/20 20:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/09/28 15:44:52 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/05/15 16:30:52 | 000,458,840 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vsdatant.sys -- (Vsdatant)
DRV:64bit: - [2010/04/28 03:34:49 | 000,035,384 | ---- | M] (ASUSTek Computer Inc) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\AsDsm.sys -- (AsDsm)
DRV:64bit: - [2010/04/12 19:55:00 | 000,091,568 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2010/01/18 23:37:57 | 000,128,512 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2010/01/08 06:51:37 | 000,271,872 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2010/01/07 00:33:13 | 000,158,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/12/04 13:17:37 | 000,107,120 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\JME.sys -- (JME) JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits)
DRV:64bit: - [2009/10/30 13:50:03 | 000,704,512 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2009/10/05 12:33:59 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/09/18 06:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009/08/18 19:23:31 | 000,143,472 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2009/08/07 08:24:13 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/08/07 08:17:34 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009/07/20 20:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009/07/14 12:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 12:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 12:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/19 06:18:10 | 000,015,928 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\lullaby.sys -- (lullaby)
DRV:64bit: - [2009/06/11 07:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009/06/11 07:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 07:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 07:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 07:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/05 21:15:57 | 001,806,400 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:64bit: - [2009/05/14 03:07:20 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2008/05/24 11:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009/07/14 12:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/03 11:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1299648625-2860720963-407481380-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKU\S-1-5-21-1299648625-2860720963-407481380-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-1299648625-2860720963-407481380-1001\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-21-1299648625-2860720963-407481380-1001\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - No CLSID value found
IE - HKU\S-1-5-21-1299648625-2860720963-407481380-1001\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
IE - HKU\S-1-5-21-1299648625-2860720963-407481380-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1299648625-2860720963-407481380-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 127.0.0.1:8118

========== FireFox ==========

FF - prefs.js..keyword.URL: "http://isearch.avg.com/search?cid=%7B3a404cc4-1d31-4dea-bafd-d0ac0f251de3%7D&mid=211a45ba3f0447d6954999127f864505-b0705621741ebc4b4ee895202f118f23c81aa81a&ds=AVG&v=8.0.0.34.1&lang=en&pr=fr&d=2011-10-18%2017%3A43%3A48&sap=ku&q="

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_10_2_161.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nosltd.com/getPlus+(R),version=1.6.2.91: C:\Program Files (x86)\NOS\bin\np_gp.dll (NOS Microsystems Ltd.)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Program Files (x86)\TVUPlayer\npTVUAx.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.647: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.647: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files (x86)\AVG\AVG10\Firefox\ [2010/12/28 12:38:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2011/11/04 12:58:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\components [2011/10/15 16:33:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\plugins [2011/10/15 16:33:38 | 000,000,000 | ---D | M]

[2010/10/28 16:48:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Conor\AppData\Roaming\Mozilla\Extensions
[2011/11/05 15:20:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Conor\AppData\Roaming\Mozilla\Firefox\Profiles\51qcqimq.default\extensions
[2011/09/27 22:45:00 | 000,000,000 | ---D | M] (Vuze Remote Community Toolbar) -- C:\Users\Conor\AppData\Roaming\Mozilla\Firefox\Profiles\51qcqimq.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
[2011/10/01 00:51:16 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\Conor\AppData\Roaming\Mozilla\Firefox\Profiles\51qcqimq.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2011/10/18 17:44:01 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\Users\Conor\AppData\Roaming\Mozilla\Firefox\Profiles\51qcqimq.default\extensions\avg@toolbar
[2011/04/02 02:03:45 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Conor\AppData\Roaming\Mozilla\Firefox\Profiles\51qcqimq.default\extensions\engine@conduit.com
[2011/01/08 17:26:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Conor\AppData\Roaming\Mozilla\Firefox\Profiles\51qcqimq.default\extensions\nostmp
[2011/01/29 22:47:04 | 000,002,067 | ---- | M] () -- C:\Users\Conor\AppData\Roaming\Mozilla\Firefox\Profiles\51qcqimq.default\searchplugins\absearch-search.xml
[2011/01/03 05:29:25 | 000,002,568 | ---- | M] () -- C:\Users\Conor\AppData\Roaming\Mozilla\Firefox\Profiles\51qcqimq.default\searchplugins\askcom.xml
[2010/08/19 23:08:14 | 000,000,939 | ---- | M] () -- C:\Users\Conor\AppData\Roaming\Mozilla\Firefox\Profiles\51qcqimq.default\searchplugins\conduit.xml
[2011/01/06 18:07:10 | 000,002,059 | ---- | M] () -- C:\Users\Conor\AppData\Roaming\Mozilla\Firefox\Profiles\51qcqimq.default\searchplugins\daemon-search.xml
[2011/01/03 05:11:28 | 000,001,583 | ---- | M] () -- C:\Users\Conor\AppData\Roaming\Mozilla\Firefox\Profiles\51qcqimq.default\searchplugins\web-search.xml
[2011/06/08 00:57:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/10/21 20:09:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/11/04 12:58:07 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES (X86)\AVG\AVG2012\FIREFOX4
() (No name found) -- C:\USERS\CONOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\51QCQIMQ.DEFAULT\EXTENSIONS\{3D7EB24F-2740-49DF-8937-200B1CC08F8A}.XPI
() (No name found) -- C:\USERS\CONOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\51QCQIMQ.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\CONOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\51QCQIMQ.DEFAULT\EXTENSIONS\{DDC359D1-844A-42A7-9AA1-88A850A938A8}.XPI
() (No name found) -- C:\USERS\CONOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\51QCQIMQ.DEFAULT\EXTENSIONS\ADBLOCKPOPUPS@JESSEHAKANEN.NET.XPI
() (No name found) -- C:\USERS\CONOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\51QCQIMQ.DEFAULT\EXTENSIONS\IDABARFF@WESTBYTE.COM.XPI
() (No name found) -- C:\USERS\CONOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\51QCQIMQ.DEFAULT\EXTENSIONS\SEARCHY@SEARCHY.XPI
() (No name found) -- C:\USERS\CONOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\51QCQIMQ.DEFAULT\EXTENSIONS\TESTPILOT@LABS.MOZILLA.COM.XPI
[2010/10/21 20:08:41 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\15.0.874.106\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\plugins\nprpjplug.dll
CHR - plugin: RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\plugins\np-mswmp.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\15.0.874.106\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\15.0.874.106\pdf.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Conor\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\plugins\nprjplug.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: getPlusPlus for Adobe 16291 (Enabled) = C:\Program Files (x86)\NOS\bin\np_gp.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: AVG Safe Search = C:\Users\Conor\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1857_0\

O1 HOSTS File: ([2011/11/03 18:22:57 | 000,438,200 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123fporn.info
O1 - Hosts: 15069 more lines...
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\8.0.0.34\AVG Secure Search_toolbar.dll ()
O3:64bit: - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\8.0.0.34\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1299648625-2860720963-407481380-1001\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-1299648625-2860720963-407481380-1001\..\Toolbar\WebBrowser: (no name) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - No CLSID value found.
O3 - HKU\S-1-5-21-1299648625-2860720963-407481380-1001\..\Toolbar\WebBrowser: (no name) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No CLSID value found.
O3 - HKU\S-1-5-21-1299648625-2860720963-407481380-1001\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-1299648625-2860720963-407481380-1001\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-1299648625-2860720963-407481380-1001\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1299648625-2860720963-407481380-1001..\Run: [Akamai NetSession Interface] C:\Users\Conor\AppData\Local\Akamai\netsession_win.exe ()
O4 - HKU\S-1-5-21-1299648625-2860720963-407481380-1001..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1299648625-2860720963-407481380-1001..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Download ALL with IDA - Reg Error: Value error. File not found
O8:64bit: - Extra context menu item: Download remotely with IDA - Reg Error: Value error. File not found
O8:64bit: - Extra context menu item: Download with IDA - Reg Error: Value error. File not found
O8 - Extra context menu item: Download ALL with IDA - Reg Error: Value error. File not found
O8 - Extra context menu item: Download remotely with IDA - Reg Error: Value error. File not found
O8 - Extra context menu item: Download with IDA - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{650D8299-F65D-4400-A75E-A6DD45FA3E64}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\8.0.1\ViProtocol.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{1459cce6-1963-11e0-aa1b-485b3962acf6}\Shell - "" = AutoRun
O33 - MountPoints2\{1459cce6-1963-11e0-aa1b-485b3962acf6}\Shell\AutoRun\command - "" = H:\setup.exe
O33 - MountPoints2\{36cc6a6b-1deb-11e0-83ba-485b3962acf6}\Shell - "" = AutoRun
O33 - MountPoints2\{36cc6a6b-1deb-11e0-83ba-485b3962acf6}\Shell\AutoRun\command - "" = J:\silent.exe
O33 - MountPoints2\{ea262bda-003a-11e0-9d80-485b3962acf6}\Shell - "" = AutoRun
O33 - MountPoints2\{ea262bda-003a-11e0-9d80-485b3962acf6}\Shell\AutoRun\command - "" = G:\autorun.exe
O33 - MountPoints2\{ea262bda-003a-11e0-9d80-485b3962acf6}\Shell\directx\command - "" = G:\DirectX9\dxsetup.exe
O33 - MountPoints2\{ea262bda-003a-11e0-9d80-485b3962acf6}\Shell\setup\command - "" = G:\setup.exe
O34 - HKLM BootExecute: (dfboottime \??\C:\Windows\System32\dfboottime.cfg)
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/11/06 14:00:32 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Conor\Desktop\OTL.exe
[2011/11/06 13:56:06 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{5E2C4EEB-7265-447C-AA79-21130061F118}
[2011/11/06 13:55:54 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{AF75A77A-1431-4E89-936D-F98090A5C83F}
[2011/11/05 01:04:27 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{745AC36C-4348-423D-B798-A1C52F2E58D3}
[2011/11/05 01:04:15 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{7F59D285-A34B-4B86-8BDA-B1D207FC3C8E}
[2011/11/04 12:50:21 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\Akamai
[2011/11/03 21:20:17 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{C27BF2BA-2E62-4C7A-A530-B51DF7BE9582}
[2011/11/03 21:20:04 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{0601C911-8C73-4A03-A093-010FE691219F}
[2011/11/03 18:15:48 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Conor\Desktop\HijackThis.exe
[2011/11/02 21:03:14 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{1295D578-1A73-46DC-A34E-A403D1AEF55D}
[2011/11/02 21:03:00 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{CC5DDE75-6D83-4519-8D32-6833B922D7D1}
[2011/11/01 15:34:18 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{18502E02-50C5-4480-9EAE-56097FD0D1EA}
[2011/11/01 15:34:07 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{E2A1DF50-852D-4973-9534-F012E9E5D329}
[2011/10/31 19:57:29 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{7FCCE177-A177-4BC5-B6AE-E31DD41CC684}
[2011/10/31 19:57:16 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{20A96406-ED3D-41B9-876B-4423481910F9}
[2011/10/30 20:20:32 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{310AFFF6-88AB-43F0-AD5F-74A7808DF696}
[2011/10/30 20:20:20 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{F66D0BE2-DC85-45BC-9CD2-A889CB28516A}
[2011/10/29 02:28:18 | 000,000,000 | R--D | C] -- C:\Users\Conor\Saved Games
[2011/10/28 16:01:25 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{0981CD43-B67D-4333-966A-1CFF60F32BF5}
[2011/10/28 16:01:13 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{2F8E36CA-2E86-4DA3-9737-487E629850B0}
[2011/10/27 20:36:06 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{C7E69DC6-DEE7-41B8-BAB9-784D0027DBAC}
[2011/10/27 20:35:54 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{0940309C-46FE-4BFB-A1C1-790B406E7D2F}
[2011/10/26 21:44:42 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{3E80561F-3E01-4864-A829-79D9FDACD0CC}
[2011/10/26 21:44:30 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{A6848F3F-EE0E-4835-93FB-CB14D08D108C}
[2011/10/24 10:46:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011/10/24 10:45:58 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011/10/24 10:45:58 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011/10/24 10:45:58 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011/10/23 20:49:23 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{1A5AE91E-80D7-4B84-91A2-EB30A643659D}
[2011/10/23 20:49:11 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{4D6A326F-B1B1-45C8-A3CD-451E2AD2261A}
[2011/10/22 21:44:42 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{FA6313E4-5A55-4727-8026-6ECAA41E172E}
[2011/10/22 21:44:30 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{B9D7B339-8C6C-455F-8AC2-EE2994755175}
[2011/10/20 21:33:48 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{7B816A7A-44C2-42F6-A7A3-402F3F8DE8BC}
[2011/10/20 21:33:33 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{E7099B0C-59E6-4DD2-B627-ED45E31279C3}
[2011/10/19 21:00:30 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{02708CDD-B6DC-421E-B52B-345CD66A8ED8}
[2011/10/19 21:00:17 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{D273313B-0A21-4B08-A57E-CA50E08B9FAF}
[2011/10/18 18:47:25 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{FCFB4D9F-469F-4525-AB11-3CC0E57491B4}
[2011/10/18 18:47:14 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{B234E758-FCC8-4BC2-97A2-0A15294C5155}
[2011/10/18 17:44:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2012
[2011/10/18 17:43:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search
[2011/10/18 17:43:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG Secure Search
[2011/10/18 17:42:03 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Roaming\AVG2012
[2011/10/18 17:41:31 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2012
[2011/10/17 19:31:44 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{CA0FDEE7-BED7-4149-BD46-5D61B08D9E91}
[2011/10/17 19:31:32 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{DD444E36-EA99-467B-9C50-D14426575D15}
[2011/10/16 14:39:53 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{FF62F229-D9CA-4070-9580-A226BB4536A7}
[2011/10/16 14:39:29 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{25E3D1FE-7A20-4E8F-AEC8-FA1484E86DB3}
[2011/10/16 13:05:41 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2011/10/15 21:27:14 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{14A3BD69-865D-48A5-853A-AFF7F8EE3CFB}
[2011/10/15 21:27:00 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{5B7BDF38-120F-451C-BA78-9756CD1538A3}
[2011/10/15 16:28:56 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\Seven Zip
[2011/10/14 20:14:32 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{A90E646E-1093-4D07-A6F3-7A5E09D962E4}
[2011/10/14 20:14:19 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{12BF2572-F1F2-46CE-B289-214082698088}
[2011/10/13 07:37:41 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011/10/13 07:37:40 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/10/13 07:37:40 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/10/13 07:37:39 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011/10/13 07:37:39 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011/10/13 07:37:39 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/10/13 07:37:39 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/10/13 07:37:11 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2011/10/13 07:37:11 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2011/10/13 07:37:11 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2011/10/13 07:37:11 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2011/10/13 07:37:09 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2011/10/13 07:37:08 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2011/10/13 07:30:15 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{059077C1-B18A-46BA-A28D-DF771C5ECAE2}
[2011/10/13 07:30:00 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{7C3CC3A0-52CA-4627-9EA3-5D3BC7690F4C}
[2011/10/12 18:29:38 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{66783162-B2DD-4D40-8F02-EBC8B35DB1CF}
[2011/10/12 18:29:18 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{3E03B0A2-8613-4E9A-BCF9-D26F87EDEBD8}
[2011/10/11 19:06:45 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{9C59225F-6EA2-4962-BE82-646AF0B3157C}
[2011/10/11 19:06:31 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{8D0EB217-E5AD-48FA-A02E-B033ED54DBE2}
[2011/10/10 11:52:19 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{5329DC93-4BA5-4B1E-81C7-7DAD662BCA1D}
[2011/10/10 11:52:07 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{F1FF5A71-7BEF-4787-A27D-68C8F2968595}
[2011/10/10 11:38:22 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{2F36AE1C-F6A7-45C0-B103-6964D7BBC263}
[2011/10/09 23:15:16 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{5CE8D47A-7E64-412D-929A-B136FF6514C6}
[2011/10/09 23:15:04 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{B859953E-CB00-46F1-886F-DB41E6246C5D}
[2011/10/09 11:14:11 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{33D215C4-C30F-49E9-978D-83E02C9BC2AC}
[2011/10/09 11:13:38 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{C96838A3-BBDE-47E2-8831-F181F615F408}
[2011/10/08 15:20:34 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{F401CA01-79EA-4A2B-B94B-647BFC48F5EE}
[2011/10/08 15:20:22 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{9E2F6361-B501-4E32-9E7F-0B6834AE33E6}
[2011/10/07 23:10:59 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{D5E4FEBE-ECAF-4298-8903-6BC724187794}
[2011/10/07 23:10:46 | 000,000,000 | ---D | C] -- C:\Users\Conor\AppData\Local\{36A533DA-DAC6-49F4-A4AF-505A001A118F}
[2008/08/12 15:45:20 | 000,155,648 | ---- | C] (ASUS) -- C:\Program Files (x86)\Common Files\MSIactionall.dll
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/11/06 14:00:36 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Conor\Desktop\OTL.exe
[2011/11/06 13:59:08 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/11/06 13:58:59 | 108,876,448 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2011/11/06 13:53:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/11/05 22:59:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/11/05 17:40:26 | 000,000,374 | ---- | M] () -- C:\Windows\tasks\At1.job
[2011/11/04 17:04:56 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/11/04 17:04:56 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/04 12:58:11 | 000,000,967 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2011/11/03 18:24:13 | 000,001,290 | ---- | M] () -- C:\Users\Conor\Desktop\Spybot - Search & Destroy.lnk
[2011/11/03 18:22:57 | 000,438,200 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011/11/03 18:15:50 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Conor\Desktop\HijackThis.exe
[2011/11/02 20:13:18 | 000,316,319 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2011/11/02 11:58:06 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/11/01 20:41:47 | 048,213,485 | ---- | M] () -- C:\Users\Conor\Desktop\mediawatch_2011_ep38.mp4
[2011/10/30 16:06:48 | 000,002,342 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/10/25 21:04:46 | 000,438,080 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20111103-182257.backup
[2011/10/18 18:06:25 | 000,002,114 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2011/10/18 18:06:19 | 000,001,321 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2011/10/16 04:20:23 | 000,001,085 | ---- | M] () -- C:\Users\Conor\Documents - Shortcut.lnk
[2011/10/15 16:42:09 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011/10/14 12:15:01 | 000,783,270 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/10/14 12:15:01 | 000,667,896 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/10/14 12:15:01 | 000,126,540 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/10/13 11:19:48 | 000,482,496 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/10/10 23:44:33 | 000,437,925 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20111025-210446.backup
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/11/01 20:27:25 | 048,213,485 | ---- | C] () -- C:\Users\Conor\Desktop\mediawatch_2011_ep38.mp4
[2011/10/18 17:44:12 | 000,000,967 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2011/10/16 04:20:23 | 000,001,085 | ---- | C] () -- C:\Users\Conor\Documents - Shortcut.lnk
[2011/09/29 19:59:58 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011/09/29 19:59:57 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011/08/31 20:51:16 | 000,867,020 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2011/08/31 20:51:16 | 000,128,204 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2011/08/31 20:51:16 | 000,105,608 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2011/08/31 20:26:20 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011/04/23 17:03:05 | 000,000,255 | ---- | C] () -- C:\Windows\PowerReg.dat
[2011/04/06 00:55:36 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011/02/19 18:46:56 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2011/02/19 18:46:56 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2011/02/19 18:46:56 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2011/02/19 18:41:15 | 000,036,551 | ---- | C] () -- C:\Windows\DIIUnin.dat
[2010/11/11 00:19:56 | 000,005,632 | ---- | C] () -- C:\Users\Conor\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/24 20:54:59 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2010/10/21 00:38:32 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/10/19 10:46:09 | 000,769,182 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/10/19 00:30:35 | 000,692,224 | ---- | C] () -- C:\Windows\SysWow64\bsrmgcv.dll
[2010/10/19 00:30:35 | 000,192,512 | ---- | C] () -- C:\Windows\SysWow64\bsrmgps.dll
[2010/10/19 00:30:35 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\bsrgvas.dll
[2010/10/19 00:29:21 | 000,585,728 | ---- | C] () -- C:\Windows\SysWow64\bsratswf.dll
[2010/10/19 00:29:21 | 000,147,456 | ---- | C] () -- C:\Windows\SysWow64\bsratwmv.dll
[2010/04/28 03:34:36 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\LogonStart.dll
[2010/04/28 03:12:10 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2009/10/26 14:38:22 | 000,000,176 | ---- | C] () -- C:\Windows\explorer.exe.config
[2009/08/19 19:33:09 | 000,000,232 | ---- | C] () -- C:\Windows\OOBEPlayer.ini
[2009/07/29 16:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009/07/14 16:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 13:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 13:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 11:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 10:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/14 08:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/11 08:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009/04/09 04:31:56 | 000,106,496 | ---- | C] () -- C:\Program Files (x86)\Common Files\CPInstallAction.dll
[2008/05/23 02:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files (x86)\Common Files\banner.jpg

========== LOP Check ==========

[2010/10/28 16:52:30 | 000,000,000 | ---D | M] -- C:\Users\Conor\AppData\Roaming\Asus WebStorage
[2011/04/27 00:26:42 | 000,000,000 | ---D | M] -- C:\Users\Conor\AppData\Roaming\Audacity
[2011/10/18 17:42:03 | 000,000,000 | ---D | M] -- C:\Users\Conor\AppData\Roaming\AVG2012
[2011/10/03 18:32:21 | 000,000,000 | ---D | M] -- C:\Users\Conor\AppData\Roaming\Azureus
[2010/10/28 17:30:27 | 000,000,000 | ---D | M] -- C:\Users\Conor\AppData\Roaming\CheckPoint
[2010/12/13 14:12:30 | 000,000,000 | ---D | M] -- C:\Users\Conor\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/11/30 19:40:32 | 000,000,000 | ---D | M] -- C:\Users\Conor\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2010/12/04 00:11:01 | 000,000,000 | ---D | M] -- C:\Users\Conor\AppData\Roaming\DAEMON Tools
[2011/08/01 01:26:45 | 000,000,000 | ---D | M] -- C:\Users\Conor\AppData\Roaming\DAEMON Tools Lite
[2011/07/20 21:07:23 | 000,000,000 | ---D | M] -- C:\Users\Conor\AppData\Roaming\DAEMON Tools Pro
[2011/10/15 16:35:32 | 000,000,000 | ---D | M] -- C:\Users\Conor\AppData\Roaming\DVDVideoSoft
[2011/03/16 18:19:03 | 000,000,000 | ---D | M] -- C:\Users\Conor\AppData\Roaming\DVDVideoSoftIEHelpers
[2011/03/14 22:52:15 | 000,000,000 | ---D | M] -- C:\Users\Conor\AppData\Roaming\Easeware
[2011/04/17 23:01:53 | 000,000,000 | ---D | M] -- C:\Users\Conor\AppData\Roaming\GetRightToGo
[2011/05/18 19:46:55 | 000,000,000 | ---D | M] -- C:\Users\Conor\AppData\Roaming\GHISLER
[2011/07/01 15:11:36 | 000,000,000 | ---D | M] -- C:\Users\Conor\AppData\Roaming\go
[2011/04/02 02:06:11 | 000,000,000 | ---D | M] -- C:\Users\Conor\AppData\Roaming\GrabPro
[2011/06/19 05:38:38 | 000,000,000 | ---D | M] -- C:\Users\Conor\AppData\Roaming\gtk-2.0
[2010/10/24 22:25:45 | 000,000,000 | ---D | M] -- C:\Users\Conor\AppData\Roaming\Guitar Pro 6
[2011/03/14 00:17:20 | 000,000,000 | ---D | M] -- C:\Users\Conor\AppData\Roaming\Internet Download Accelerator
[2010/10/18 16:55:01 | 000,000,000 | ---D | M] -- C:\Users\Conor\AppData\Roaming\Luxand
[2011/04/05 00:18:25 | 000,000,000 | ---D | M] -- C:\Users\Conor\AppData\Roaming\Orbit
[2011/07/16 23:23:36 | 000,000,000 | ---D | M] -- C:\Users\Conor\AppData\Roaming\PC Suite
[2011/04/01 15:25:19 | 000,000,000 | ---D | M] -- C:\Users\Conor\AppData\Roaming\ProgSense
[2010/12/01 14:37:19 | 000,000,000 | ---D | M] -- C:\Users\Conor\AppData\Roaming\Raptr
[2011/01/03 05:36:12 | 000,000,000 | ---D | M] -- C:\Users\Conor\AppData\Roaming\StreamTorrent
[2011/04/27 00:38:20 | 000,000,000 | ---D | M] -- C:\Users\Conor\AppData\Roaming\Trillian
[2011/10/25 21:01:32 | 000,000,000 | ---D | M] -- C:\Users\Conor\AppData\Roaming\uTorrent
[2011/11/05 17:40:26 | 000,000,374 | ---- | M] () -- C:\Windows\Tasks\At1.job
[2011/09/05 18:29:30 | 000,000,400 | ---- | M] () -- C:\Windows\Tasks\Defraggler Volume C Task.job
[2011/09/05 18:29:30 | 000,000,420 | ---- | M] () -- C:\Windows\Tasks\Defraggler Volume D Task.job
[2011/10/10 00:26:19 | 000,032,532 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
shakey1991
Active Member
 
Posts: 9
Joined: November 3rd, 2011, 3:32 am

Extras.txt

Unread postby shakey1991 » November 5th, 2011, 11:21 pm

OTL Extras logfile created on: 11/6/2011 2:03:01 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Conor\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

1.86 Gb Total Physical Memory | 0.53 Gb Available Physical Memory | 28.82% Memory free
3.71 Gb Paging File | 1.45 Gb Available in Paging File | 39.03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74.52 Gb Total Space | 30.49 Gb Free Space | 40.92% Space Free | Partition Type: NTFS
Drive D: | 206.97 Gb Total Space | 129.63 Gb Free Space | 62.64% Space Free | Partition Type: NTFS
Drive E: | 7.80 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: CONORSLAPTOP | User Name: Conor | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-1299648625-2860720963-407481380-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00BCC0AD-0699-48B6-9900-3C53BBCD4DAC}" = AVG 2011
"{0B7465E2-1A7E-4D21-8670-94D9C11449B8}" = AVG 2012
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{17118574-A5FD-4323-B005-311326F748B3}" = AVG 2011
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1FB31F44-D4D0-4D76-944A-A1A5D79FD321}" = Windows Live Family Safety
"{23170F69-40C1-2702-0465-000001000000}" = 7-Zip 4.65 (x64 edition)
"{2393F144-F88F-4FB3-8B57-9D6F8B4E8F9E}" = AVG 2011
"{34C5BC15-2401-4980-9D95-ABD2CE8DD08A}" = AVG 2011
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Intel(R) Turbo Boost Technology Monitor
"{42B40185-E134-43FD-9381-69F92B317417}" = AVG 2012
"{479AED4D-ADBF-4CA6-8D59-A010E8A43A9C}" = AVG 2011
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{5349A735-7482-406F-9FE4-3BB24608479D}" = AVG 2012
"{544974E3-D015-401C-900C-E5D137BC930E}" = AVG 2011
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{78DC83C7-7E9D-4518-8DFE-C8BBF69173D9}" = AVG 2011
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{82D8F93E-8A8C-4CCE-B88F-A99E4F3DECA7}" = AVG 2011
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{88381CA0-AB27-45B5-8BB8-E68987822AF8}" = AVG 2012
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-0028-0404-1000-0000000FF1CE}" = Microsoft Office IME (Chinese (Traditional)) 2007
"{90120000-0028-0804-1000-0000000FF1CE}" = Microsoft Office IME (Chinese (Simplified)) 2007
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0401-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Arabic) 2007
"{90120000-002A-0404-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Chinese (Traditional)) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-002A-040C-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (French) 2007
"{90120000-002A-0416-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Portuguese (Brazil)) 2007
"{90120000-002A-041E-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Thai) 2007
"{90120000-002A-041F-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Turkish) 2007
"{90120000-002A-0804-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Chinese (Simplified)) 2007
"{90120000-002A-0816-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Portuguese (Portugal)) 2007
"{90120000-002A-0C04-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Chinese (Traditional)) 2007
"{90120000-002A-0C0A-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Spanish) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}" = ASUS Power4Gear Hybrid
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{BB4F0BE4-3DCB-4C5C-8B2B-C07CC916A6B5}" = AVG 2011
"{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}" = Windows Live Family Safety
"{D49110AD-34A7-485C-901D-DFBBFF70D3EC}" = AVG 2011
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DC7333D1-596A-404D-876D-446E6D27BA20}" = AVG 2011
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E4C703FE-7F5C-475D-9458-8E2FD7110790}" = AVG 2011
"{E92F43E9-D190-474E-8EAC-769E804D36C7}" = AVG 2011
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FA109F0F-122E-4D48-9DBF-14DC02EE85E4}" = AVG 2011
"Adobe Flash Player Plugin 64" = Adobe Flash Player 10 Plugin 64-bit
"ASUS WebStorage" = ASUS WebStorage
"AVG" = AVG 2012
"CCleaner" = CCleaner
"CNXT_AUDIO_HDA" = Conexant HD Audio
"Defraggler" = Defraggler
"Elantech" = ETDWare PS/2-x64 7.0.5.10_WHQL
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Speccy" = Speccy
"USB 2.0 VGA UVC WebCam" = USB 2.0 VGA UVC WebCam
"WinRAR archiver" = WinRAR archiver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}" = ASUS AI Recovery
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 3.3
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 29
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2B81872B-A054-48DA-BE3B-FA5C164C303A}" = ASUS FancyStart
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5B65EF64-1DFA-414A-8C94-7BB726158E21}" = ControlDeck
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DC069E7-893C-41E1-9442-DE89FEC33371}" = Xobni Core
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{90120000-0015-0401-0000-0000000FF1CE}" = Microsoft Office Access MUI (Arabic) 2007
"{90120000-0015-0404-0000-0000000FF1CE}" = Microsoft Office Access MUI (Chinese (Traditional)) 2007
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0015-0416-0000-0000000FF1CE}" = Microsoft Office Access MUI (Portuguese (Brazil)) 2007
"{90120000-0015-041E-0000-0000000FF1CE}" = Microsoft Office Access MUI (Thai) 2007
"{90120000-0015-041F-0000-0000000FF1CE}" = Microsoft Office Access MUI (Turkish) 2007
"{90120000-0015-0804-0000-0000000FF1CE}" = Microsoft Office Access MUI (Chinese (Simplified)) 2007
"{90120000-0015-0816-0000-0000000FF1CE}" = Microsoft Office Access MUI (Portuguese (Portugal)) 2007
"{90120000-0015-0C04-0000-0000000FF1CE}" = Microsoft Office Access MUI (Chinese (Traditional)) 2007
"{90120000-0015-0C0A-0000-0000000FF1CE}" = Microsoft Office Access MUI (Spanish) 2007
"{90120000-0016-0401-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Arabic) 2007
"{90120000-0016-0404-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Chinese (Traditional)) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-0416-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Portuguese (Brazil)) 2007
"{90120000-0016-041E-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Thai) 2007
"{90120000-0016-041F-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Turkish) 2007
"{90120000-0016-0804-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Chinese (Simplified)) 2007
"{90120000-0016-0816-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Portuguese (Portugal)) 2007
"{90120000-0016-0C04-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Chinese (Traditional)) 2007
"{90120000-0016-0C0A-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Spanish) 2007
"{90120000-0018-0401-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Arabic) 2007
"{90120000-0018-0404-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Chinese (Traditional)) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-0416-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007
"{90120000-0018-041E-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Thai) 2007
"{90120000-0018-041F-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Turkish) 2007
"{90120000-0018-0804-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Chinese (Simplified)) 2007
"{90120000-0018-0816-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Portuguese (Portugal)) 2007
"{90120000-0018-0C04-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Chinese (Traditional)) 2007
"{90120000-0018-0C0A-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Spanish) 2007
"{90120000-0019-0401-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Arabic) 2007
"{90120000-0019-0404-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Chinese (Traditional)) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-0416-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007
"{90120000-0019-041E-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Thai) 2007
"{90120000-0019-041F-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Turkish) 2007
"{90120000-0019-0804-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Chinese (Simplified)) 2007
"{90120000-0019-0816-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Portuguese (Portugal)) 2007
"{90120000-0019-0C04-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Chinese (Traditional)) 2007
"{90120000-0019-0C0A-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Spanish) 2007
"{90120000-001A-0401-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Arabic) 2007
"{90120000-001A-0404-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Chinese (Traditional)) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-0416-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007
"{90120000-001A-041E-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Thai) 2007
"{90120000-001A-041F-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Turkish) 2007
"{90120000-001A-0804-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Chinese (Simplified)) 2007
"{90120000-001A-0816-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Portuguese (Portugal)) 2007
"{90120000-001A-0C04-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Chinese (Traditional)) 2007
"{90120000-001A-0C0A-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Spanish) 2007
"{90120000-001B-0401-0000-0000000FF1CE}" = Microsoft Office Word MUI (Arabic) 2007
"{90120000-001B-0404-0000-0000000FF1CE}" = Microsoft Office Word MUI (Chinese (Traditional)) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-0416-0000-0000000FF1CE}" = Microsoft Office Word MUI (Portuguese (Brazil)) 2007
"{90120000-001B-041E-0000-0000000FF1CE}" = Microsoft Office Word MUI (Thai) 2007
"{90120000-001B-041F-0000-0000000FF1CE}" = Microsoft Office Word MUI (Turkish) 2007
"{90120000-001B-0804-0000-0000000FF1CE}" = Microsoft Office Word MUI (Chinese (Simplified)) 2007
"{90120000-001B-0816-0000-0000000FF1CE}" = Microsoft Office Word MUI (Portuguese (Portugal)) 2007
"{90120000-001B-0C04-0000-0000000FF1CE}" = Microsoft Office Word MUI (Chinese (Traditional)) 2007
"{90120000-001B-0C0A-0000-0000000FF1CE}" = Microsoft Office Word MUI (Spanish) 2007
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0403-0000-0000000FF1CE}" = Microsoft Office Proof (Catalan) 2007
"{90120000-001F-0404-0000-0000000FF1CE}" = Microsoft Office Proof (Chinese (Traditional)) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007
"{90120000-001F-041E-0000-0000000FF1CE}" = Microsoft Office Proof (Thai) 2007
"{90120000-001F-041F-0000-0000000FF1CE}" = Microsoft Office Proof (Turkish) 2007
"{90120000-001F-042D-0000-0000000FF1CE}" = Microsoft Office Proof (Basque) 2007
"{90120000-001F-0456-0000-0000000FF1CE}" = Microsoft Office Proof (Galician) 2007
"{90120000-001F-0804-0000-0000000FF1CE}" = Microsoft Office Proof (Chinese (Simplified)) 2007
"{90120000-001F-0816-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Portugal)) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-0028-0404-0000-0000000FF1CE}" = Microsoft Office IME (Chinese (Traditional)) 2007
"{90120000-0028-0804-0000-0000000FF1CE}" = Microsoft Office IME (Chinese (Simplified)) 2007
"{90120000-002C-0401-0000-0000000FF1CE}" = Microsoft Office Proofing (Arabic) 2007
"{90120000-002C-0404-0000-0000000FF1CE}" = Microsoft Office Proofing (Chinese (Traditional)) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-002C-0416-0000-0000000FF1CE}" = Microsoft Office Proofing (Portuguese (Brazil)) 2007
"{90120000-002C-041E-0000-0000000FF1CE}" = Microsoft Office Proofing (Thai) 2007
"{90120000-002C-041F-0000-0000000FF1CE}" = Microsoft Office Proofing (Turkish) 2007
"{90120000-002C-0804-0000-0000000FF1CE}" = Microsoft Office Proofing (Chinese (Simplified)) 2007
"{90120000-002C-0816-0000-0000000FF1CE}" = Microsoft Office Proofing (Portuguese (Portugal)) 2007
"{90120000-002C-0C04-0000-0000000FF1CE}" = Microsoft Office Proofing (Chinese (Traditional)) 2007
"{90120000-002C-0C0A-0000-0000000FF1CE}" = Microsoft Office Proofing (Spanish) 2007
"{90120000-006E-0401-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Arabic) 2007
"{90120000-006E-0404-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Chinese (Traditional)) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-0416-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Portuguese (Brazil)) 2007
"{90120000-006E-041E-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Thai) 2007
"{90120000-006E-041F-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Turkish) 2007
"{90120000-006E-0804-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Chinese (Simplified)) 2007
"{90120000-006E-0816-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Portuguese (Portugal)) 2007
"{90120000-006E-0C04-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Chinese (Traditional)) 2007
"{90120000-006E-0C0A-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Spanish) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}" = JMicron Ethernet Adapter NDIS Driver
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1)
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DF2035BE-5820-4965-BD97-7FAF8D4A7879}" = Microsoft_VC90_CRT_x86
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FA2092C5-7979-412D-A962-6485274AE1EE}" = ASUS Data Security Manager
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Akamai" = Akamai NetSession Interface
"ASUS AP Bank_is1" = ASUS AP Bank
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.12 (Unicode)
"BulentsScreenRecorder4" = BSR Screen Recorder 4
"DAEMON Tools Lite" = DAEMON Tools Lite
"Diablo II" = Diablo II
"Google Chrome" = Google Chrome
"Guitar Pro 5_is1" = Guitar Pro 5.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"K_Series_ScreenSaver_EN" = K_Series_ScreenSaver_EN
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 7.7.0
"LAME for Audacity_is1" = LAME v3.98.3 for Audacity
"Mozilla Firefox 7.0.1 (x86 en-US)" = Mozilla Firefox 7.0.1 (x86 en-US)
"PowerISO" = PowerISO
"PROHYBRIDR" = 2007 Microsoft Office system
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.11
"WinLiveSuite" = Windows Live Essentials
"ZoneAlarm" = ZoneAlarm

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1299648625-2860720963-407481380-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10/13/2011 8:05:47 PM | Computer Name = ConorsLaptop | Source = MsiInstaller | ID = 1013
Description =

Error - 10/13/2011 8:05:47 PM | Computer Name = ConorsLaptop | Source = MsiInstaller | ID = 1013
Description =

Error - 10/13/2011 8:05:48 PM | Computer Name = ConorsLaptop | Source = MsiInstaller | ID = 1013
Description =

Error - 10/13/2011 8:05:49 PM | Computer Name = ConorsLaptop | Source = MsiInstaller | ID = 1013
Description =

Error - 10/13/2011 8:05:50 PM | Computer Name = ConorsLaptop | Source = MsiInstaller | ID = 1013
Description =

Error - 10/13/2011 8:05:51 PM | Computer Name = ConorsLaptop | Source = MsiInstaller | ID = 1013
Description =

Error - 10/13/2011 8:05:52 PM | Computer Name = ConorsLaptop | Source = MsiInstaller | ID = 1013
Description =

Error - 10/13/2011 8:05:53 PM | Computer Name = ConorsLaptop | Source = MsiInstaller | ID = 1013
Description =

Error - 10/13/2011 8:05:54 PM | Computer Name = ConorsLaptop | Source = MsiInstaller | ID = 1013
Description =

Error - 10/13/2011 9:46:09 PM | Computer Name = ConorsLaptop | Source = Application Error | ID = 1000
Description = Faulting application name: OfficeLiveSignIn.exe, version: 2.0.2313.0,
time stamp: 0x491c0a79 Faulting module name: OfficeLiveSignIn.exe, version: 2.0.2313.0,
time stamp: 0x491c0a79 Exception code: 0xc0000005 Fault offset: 0x00003ce7 Faulting
process id: 0xcac Faulting application start time: 0x01cc8a0672c63485 Faulting application
path: C:\Program Files (x86)\Microsoft\Office Live\OfficeLiveSignIn.exe Faulting
module path: C:\Program Files (x86)\Microsoft\Office Live\OfficeLiveSignIn.exe Report
Id: 493d13ee-f606-11e0-8f60-485b3962acf6

[ System Events ]
Error - 11/1/2011 8:37:12 PM | Computer Name = ConorsLaptop | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!

Error - 11/2/2011 2:10:11 AM | Computer Name = ConorsLaptop | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!

Error - 11/2/2011 2:10:25 AM | Computer Name = ConorsLaptop | Source = EventLog | ID = 6008
Description = The previous system shutdown at 2:17:43 PM on ?2/?11/?2011 was unexpected.

Error - 11/2/2011 2:10:23 AM | Computer Name = ConorsLaptop | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!

Error - 11/2/2011 10:51:52 AM | Computer Name = ConorsLaptop | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!

Error - 11/2/2011 10:52:03 AM | Computer Name = ConorsLaptop | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!

Error - 11/3/2011 9:25:50 AM | Computer Name = ConorsLaptop | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!

Error - 11/3/2011 9:26:01 AM | Computer Name = ConorsLaptop | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!

Error - 11/5/2011 10:57:29 PM | Computer Name = ConorsLaptop | Source = VDS Basic Provider | ID = 33554433
Description =

Error - 11/5/2011 10:57:29 PM | Computer Name = ConorsLaptop | Source = VDS Basic Provider | ID = 33554433
Description =


< End of report >
shakey1991
Active Member
 
Posts: 9
Joined: November 3rd, 2011, 3:32 am

TDSS Killer log

Unread postby shakey1991 » November 5th, 2011, 11:22 pm

14:16:30.0337 1992 TDSS rootkit removing tool 2.6.15.0 Nov 3 2011 17:15:49
14:16:32.0350 1992 ============================================================
14:16:32.0350 1992 Current date / time: 2011/11/06 14:16:32.0350
14:16:32.0350 1992 SystemInfo:
14:16:32.0350 1992
14:16:32.0350 1992 OS Version: 6.1.7601 ServicePack: 1.0
14:16:32.0350 1992 Product type: Workstation
14:16:32.0350 1992 ComputerName: CONORSLAPTOP
14:16:32.0350 1992 UserName: Conor
14:16:32.0350 1992 Windows directory: C:\Windows
14:16:32.0350 1992 System windows directory: C:\Windows
14:16:32.0350 1992 Running under WOW64
14:16:32.0350 1992 Processor architecture: Intel x64
14:16:32.0350 1992 Number of processors: 4
14:16:32.0350 1992 Page size: 0x1000
14:16:32.0350 1992 Boot type: Normal boot
14:16:32.0350 1992 ============================================================
14:16:34.0128 1992 Initialize success
14:16:36.0920 0744 ============================================================
14:16:36.0920 0744 Scan started
14:16:36.0920 0744 Mode: Manual;
14:16:36.0920 0744 ============================================================
14:16:37.0888 0744 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
14:16:37.0903 0744 1394ohci - ok
14:16:37.0950 0744 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
14:16:37.0966 0744 ACPI - ok
14:16:38.0044 0744 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
14:16:38.0044 0744 AcpiPmi - ok
14:16:38.0215 0744 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
14:16:38.0231 0744 adp94xx - ok
14:16:38.0293 0744 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
14:16:38.0309 0744 adpahci - ok
14:16:38.0402 0744 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
14:16:38.0402 0744 adpu320 - ok
14:16:38.0574 0744 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
14:16:38.0590 0744 AFD - ok
14:16:38.0683 0744 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
14:16:38.0683 0744 agp440 - ok
14:16:38.0808 0744 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
14:16:38.0824 0744 aliide - ok
14:16:38.0839 0744 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
14:16:38.0839 0744 amdide - ok
14:16:38.0933 0744 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
14:16:38.0933 0744 AmdK8 - ok
14:16:39.0089 0744 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
14:16:39.0089 0744 AmdPPM - ok
14:16:39.0198 0744 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
14:16:39.0198 0744 amdsata - ok
14:16:39.0245 0744 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
14:16:39.0260 0744 amdsbs - ok
14:16:39.0354 0744 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
14:16:39.0354 0744 amdxata - ok
14:16:39.0463 0744 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
14:16:39.0479 0744 AppID - ok
14:16:39.0588 0744 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
14:16:39.0588 0744 arc - ok
14:16:39.0713 0744 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
14:16:39.0713 0744 arcsas - ok
14:16:39.0744 0744 AsDsm (88fbc8bebfd38566235eaa5e4dbc4e05) C:\Windows\system32\drivers\AsDsm.sys
14:16:39.0744 0744 AsDsm - ok
14:16:39.0838 0744 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
14:16:39.0838 0744 ASMMAP64 - ok
14:16:39.0962 0744 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
14:16:39.0978 0744 AsyncMac - ok
14:16:40.0087 0744 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
14:16:40.0087 0744 atapi - ok
14:16:40.0212 0744 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys
14:16:40.0274 0744 athr - ok
14:16:40.0384 0744 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
14:16:40.0399 0744 AVGIDSDriver - ok
14:16:40.0555 0744 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
14:16:40.0555 0744 AVGIDSEH - ok
14:16:40.0618 0744 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
14:16:40.0618 0744 AVGIDSFilter - ok
14:16:40.0696 0744 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys
14:16:40.0696 0744 Avgldx64 - ok
14:16:40.0727 0744 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys
14:16:40.0742 0744 Avgmfx64 - ok
14:16:40.0789 0744 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys
14:16:40.0789 0744 Avgrkx64 - ok
14:16:40.0836 0744 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys
14:16:40.0852 0744 Avgtdia - ok
14:16:40.0976 0744 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
14:16:40.0992 0744 b06bdrv - ok
14:16:41.0054 0744 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
14:16:41.0054 0744 b57nd60a - ok
14:16:41.0086 0744 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
14:16:41.0101 0744 Beep - ok
14:16:41.0148 0744 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
14:16:41.0148 0744 blbdrive - ok
14:16:41.0179 0744 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
14:16:41.0195 0744 bowser - ok
14:16:41.0226 0744 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:16:41.0226 0744 BrFiltLo - ok
14:16:41.0242 0744 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:16:41.0242 0744 BrFiltUp - ok
14:16:41.0288 0744 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
14:16:41.0304 0744 Brserid - ok
14:16:41.0320 0744 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
14:16:41.0320 0744 BrSerWdm - ok
14:16:41.0366 0744 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
14:16:41.0366 0744 BrUsbMdm - ok
14:16:41.0413 0744 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
14:16:41.0413 0744 BrUsbSer - ok
14:16:41.0444 0744 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
14:16:41.0444 0744 BTHMODEM - ok
14:16:41.0538 0744 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
14:16:41.0554 0744 cdfs - ok
14:16:41.0616 0744 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
14:16:41.0616 0744 cdrom - ok
14:16:41.0725 0744 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
14:16:41.0725 0744 circlass - ok
14:16:41.0772 0744 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
14:16:41.0788 0744 CLFS - ok
14:16:41.0944 0744 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
14:16:41.0944 0744 CmBatt - ok
14:16:41.0975 0744 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
14:16:41.0975 0744 cmdide - ok
14:16:42.0022 0744 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
14:16:42.0037 0744 CNG - ok
14:16:42.0146 0744 CnxtHdAudService (f7ca3accf5aa0e2182546c5be42b2e96) C:\Windows\system32\drivers\CHDRT64.sys
14:16:42.0178 0744 CnxtHdAudService - ok
14:16:42.0287 0744 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
14:16:42.0287 0744 Compbatt - ok
14:16:42.0334 0744 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
14:16:42.0349 0744 CompositeBus - ok
14:16:42.0396 0744 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
14:16:42.0396 0744 crcdisk - ok
14:16:42.0521 0744 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
14:16:42.0536 0744 DfsC - ok
14:16:42.0568 0744 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
14:16:42.0568 0744 discache - ok
14:16:42.0614 0744 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
14:16:42.0614 0744 Disk - ok
14:16:42.0661 0744 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
14:16:42.0661 0744 drmkaud - ok
14:16:42.0708 0744 dtsoftbus01 (9f98d7afa293947a0dfc6ffd4671fe70) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
14:16:42.0724 0744 dtsoftbus01 - ok
14:16:42.0770 0744 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
14:16:42.0817 0744 DXGKrnl - ok
14:16:42.0942 0744 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
14:16:43.0036 0744 ebdrv - ok
14:16:43.0192 0744 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
14:16:43.0207 0744 elxstor - ok
14:16:43.0238 0744 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
14:16:43.0238 0744 ErrDev - ok
14:16:43.0301 0744 ETD (06c94be9d9e1e6411429433a64a76936) C:\Windows\system32\DRIVERS\ETD.sys
14:16:43.0301 0744 ETD - ok
14:16:43.0348 0744 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
14:16:43.0363 0744 exfat - ok
14:16:43.0394 0744 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
14:16:43.0394 0744 fastfat - ok
14:16:43.0426 0744 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
14:16:43.0426 0744 fdc - ok
14:16:43.0472 0744 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
14:16:43.0472 0744 FileInfo - ok
14:16:43.0504 0744 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
14:16:43.0504 0744 Filetrace - ok
14:16:43.0535 0744 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
14:16:43.0550 0744 flpydisk - ok
14:16:43.0597 0744 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
14:16:43.0597 0744 FltMgr - ok
14:16:43.0644 0744 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
14:16:43.0644 0744 FsDepends - ok
14:16:43.0675 0744 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
14:16:43.0691 0744 fssfltr - ok
14:16:43.0722 0744 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
14:16:43.0722 0744 Fs_Rec - ok
14:16:43.0784 0744 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
14:16:43.0784 0744 fvevol - ok
14:16:43.0831 0744 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
14:16:43.0831 0744 gagp30kx - ok
14:16:44.0003 0744 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
14:16:44.0003 0744 hcw85cir - ok
14:16:44.0034 0744 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
14:16:44.0050 0744 HdAudAddService - ok
14:16:44.0096 0744 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
14:16:44.0096 0744 HDAudBus - ok
14:16:44.0159 0744 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
14:16:44.0159 0744 HECIx64 - ok
14:16:44.0190 0744 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
14:16:44.0190 0744 HidBatt - ok
14:16:44.0237 0744 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
14:16:44.0237 0744 HidBth - ok
14:16:44.0284 0744 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
14:16:44.0284 0744 HidIr - ok
14:16:44.0330 0744 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
14:16:44.0330 0744 HidUsb - ok
14:16:44.0393 0744 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
14:16:44.0393 0744 HpSAMD - ok
14:16:44.0471 0744 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
14:16:44.0486 0744 HTTP - ok
14:16:44.0580 0744 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
14:16:44.0580 0744 hwpolicy - ok
14:16:44.0611 0744 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
14:16:44.0627 0744 i8042prt - ok
14:16:44.0674 0744 iaStor (bbb3b6df1abb0fe35802ede85cc1c011) C:\Windows\system32\DRIVERS\iaStor.sys
14:16:44.0689 0744 iaStor - ok
14:16:44.0783 0744 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
14:16:44.0783 0744 iaStorV - ok
14:16:45.0204 0744 igfx (0d1b8c64bdf0e5cdc523a1409ffb5ef0) C:\Windows\system32\DRIVERS\igdkmd64.sys
14:16:45.0469 0744 igfx - ok
14:16:45.0516 0744 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
14:16:45.0516 0744 iirsp - ok
14:16:45.0563 0744 Impcd (c48567d80ad357613cd0eeade18780ae) C:\Windows\system32\DRIVERS\Impcd.sys
14:16:45.0578 0744 Impcd - ok
14:16:45.0672 0744 IntcDAud (da24c1f66ee1b5a92e045376d7a44b58) C:\Windows\system32\DRIVERS\IntcDAud.sys
14:16:45.0672 0744 IntcDAud - ok
14:16:45.0734 0744 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
14:16:45.0734 0744 intelide - ok
14:16:45.0797 0744 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
14:16:45.0797 0744 intelppm - ok
14:16:45.0859 0744 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:16:45.0859 0744 IpFilterDriver - ok
14:16:45.0937 0744 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
14:16:45.0953 0744 IPMIDRV - ok
14:16:45.0984 0744 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
14:16:45.0984 0744 IPNAT - ok
14:16:46.0031 0744 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
14:16:46.0046 0744 IRENUM - ok
14:16:46.0093 0744 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
14:16:46.0093 0744 isapnp - ok
14:16:46.0124 0744 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
14:16:46.0124 0744 iScsiPrt - ok
14:16:46.0171 0744 JMCR (db917b998cbc15a153c00dd6efc34c13) C:\Windows\system32\DRIVERS\jmcr.sys
14:16:46.0187 0744 JMCR - ok
14:16:46.0218 0744 JME (ab42aef22595a46941bff76c210c942b) C:\Windows\system32\DRIVERS\JME.sys
14:16:46.0218 0744 JME - ok
14:16:46.0265 0744 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
14:16:46.0265 0744 kbdclass - ok
14:16:46.0296 0744 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
14:16:46.0296 0744 kbdhid - ok
14:16:46.0343 0744 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys
14:16:46.0343 0744 kbfiltr - ok
14:16:46.0374 0744 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
14:16:46.0390 0744 KSecDD - ok
14:16:46.0421 0744 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
14:16:46.0436 0744 KSecPkg - ok
14:16:46.0468 0744 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
14:16:46.0483 0744 ksthunk - ok
14:16:46.0530 0744 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
14:16:46.0530 0744 lltdio - ok
14:16:46.0670 0744 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
14:16:46.0686 0744 LSI_FC - ok
14:16:46.0702 0744 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
14:16:46.0702 0744 LSI_SAS - ok
14:16:46.0733 0744 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:16:46.0733 0744 LSI_SAS2 - ok
14:16:46.0748 0744 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:16:46.0764 0744 LSI_SCSI - ok
14:16:46.0795 0744 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
14:16:46.0811 0744 luafv - ok
14:16:46.0842 0744 lullaby (085435ae1a124361304044029b5cc644) C:\Windows\system32\DRIVERS\lullaby.sys
14:16:46.0842 0744 lullaby - ok
14:16:46.0889 0744 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
14:16:46.0904 0744 megasas - ok
14:16:46.0936 0744 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
14:16:46.0951 0744 MegaSR - ok
14:16:47.0060 0744 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
14:16:47.0060 0744 Modem - ok
14:16:47.0107 0744 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
14:16:47.0107 0744 monitor - ok
14:16:47.0170 0744 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
14:16:47.0170 0744 mouclass - ok
14:16:47.0263 0744 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
14:16:47.0263 0744 mouhid - ok
14:16:47.0310 0744 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
14:16:47.0326 0744 mountmgr - ok
14:16:47.0357 0744 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
14:16:47.0357 0744 mpio - ok
14:16:47.0404 0744 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
14:16:47.0419 0744 mpsdrv - ok
14:16:47.0450 0744 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
14:16:47.0450 0744 MRxDAV - ok
14:16:47.0482 0744 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:16:47.0497 0744 mrxsmb - ok
14:16:47.0528 0744 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:16:47.0544 0744 mrxsmb10 - ok
14:16:47.0575 0744 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:16:47.0575 0744 mrxsmb20 - ok
14:16:47.0622 0744 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
14:16:47.0622 0744 msahci - ok
14:16:47.0653 0744 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
14:16:47.0653 0744 msdsm - ok
14:16:47.0700 0744 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
14:16:47.0700 0744 Msfs - ok
14:16:47.0731 0744 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
14:16:47.0731 0744 mshidkmdf - ok
14:16:47.0762 0744 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
14:16:47.0778 0744 msisadrv - ok
14:16:47.0825 0744 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
14:16:47.0840 0744 MSKSSRV - ok
14:16:47.0856 0744 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
14:16:47.0856 0744 MSPCLOCK - ok
14:16:47.0887 0744 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
14:16:47.0887 0744 MSPQM - ok
14:16:47.0950 0744 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
14:16:47.0950 0744 MsRPC - ok
14:16:47.0996 0744 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
14:16:47.0996 0744 mssmbios - ok
14:16:48.0043 0744 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
14:16:48.0043 0744 MSTEE - ok
14:16:48.0090 0744 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
14:16:48.0090 0744 MTConfig - ok
14:16:48.0106 0744 MTsensor (032d35c996f21d19a205a7c8f0b76f3c) C:\Windows\system32\DRIVERS\ATK64AMD.sys
14:16:48.0106 0744 MTsensor - ok
14:16:48.0137 0744 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
14:16:48.0137 0744 Mup - ok
14:16:48.0246 0744 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
14:16:48.0246 0744 NativeWifiP - ok
14:16:48.0308 0744 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
14:16:48.0355 0744 NDIS - ok
14:16:48.0480 0744 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
14:16:48.0480 0744 NdisCap - ok
14:16:48.0511 0744 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
14:16:48.0511 0744 NdisTapi - ok
14:16:48.0558 0744 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
14:16:48.0558 0744 Ndisuio - ok
14:16:48.0589 0744 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
14:16:48.0589 0744 NdisWan - ok
14:16:48.0636 0744 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
14:16:48.0636 0744 NDProxy - ok
14:16:48.0683 0744 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
14:16:48.0683 0744 NetBIOS - ok
14:16:48.0714 0744 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
14:16:48.0714 0744 NetBT - ok
14:16:48.0854 0744 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
14:16:48.0854 0744 nfrd960 - ok
14:16:48.0979 0744 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
14:16:48.0979 0744 Npfs - ok
14:16:49.0026 0744 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
14:16:49.0026 0744 nsiproxy - ok
14:16:49.0104 0744 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
14:16:49.0166 0744 Ntfs - ok
14:16:49.0198 0744 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
14:16:49.0198 0744 Null - ok
14:16:49.0229 0744 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
14:16:49.0244 0744 nvraid - ok
14:16:49.0260 0744 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
14:16:49.0276 0744 nvstor - ok
14:16:49.0322 0744 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
14:16:49.0322 0744 nv_agp - ok
14:16:49.0369 0744 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
14:16:49.0369 0744 ohci1394 - ok
14:16:49.0463 0744 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
14:16:49.0463 0744 Parport - ok
14:16:49.0494 0744 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
14:16:49.0494 0744 partmgr - ok
14:16:49.0541 0744 pccsmcfd - ok
14:16:49.0588 0744 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
14:16:49.0588 0744 pci - ok
14:16:49.0650 0744 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
14:16:49.0650 0744 pciide - ok
14:16:49.0697 0744 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
14:16:49.0712 0744 pcmcia - ok
14:16:49.0728 0744 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
14:16:49.0728 0744 pcw - ok
14:16:49.0775 0744 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
14:16:49.0790 0744 PEAUTH - ok
14:16:49.0978 0744 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
14:16:49.0978 0744 PptpMiniport - ok
14:16:50.0024 0744 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
14:16:50.0024 0744 Processor - ok
14:16:50.0134 0744 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
14:16:50.0134 0744 Psched - ok
14:16:50.0196 0744 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
14:16:50.0243 0744 ql2300 - ok
14:16:50.0274 0744 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
14:16:50.0274 0744 ql40xx - ok
14:16:50.0305 0744 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
14:16:50.0305 0744 QWAVEdrv - ok
14:16:50.0321 0744 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
14:16:50.0321 0744 RasAcd - ok
14:16:50.0368 0744 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
14:16:50.0368 0744 RasAgileVpn - ok
14:16:50.0414 0744 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:16:50.0414 0744 Rasl2tp - ok
14:16:50.0461 0744 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
14:16:50.0461 0744 RasPppoe - ok
14:16:50.0555 0744 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
14:16:50.0555 0744 RasSstp - ok
14:16:50.0586 0744 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
14:16:50.0602 0744 rdbss - ok
14:16:50.0633 0744 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
14:16:50.0633 0744 rdpbus - ok
14:16:50.0664 0744 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:16:50.0664 0744 RDPCDD - ok
14:16:50.0680 0744 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
14:16:50.0695 0744 RDPENCDD - ok
14:16:50.0726 0744 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
14:16:50.0726 0744 RDPREFMP - ok
14:16:50.0758 0744 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
14:16:50.0758 0744 RDPWD - ok
14:16:50.0820 0744 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
14:16:50.0820 0744 rdyboost - ok
14:16:50.0929 0744 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
14:16:50.0929 0744 rspndr - ok
14:16:50.0976 0744 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
14:16:50.0976 0744 sbp2port - ok
14:16:51.0085 0744 SCDEmu (6ce6f98ea3d07a9c2ce3cd0a5a86352d) C:\Windows\system32\drivers\SCDEmu.sys
14:16:51.0085 0744 SCDEmu - ok
14:16:51.0116 0744 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
14:16:51.0116 0744 scfilter - ok
14:16:51.0179 0744 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
14:16:51.0179 0744 sdbus - ok
14:16:51.0319 0744 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
14:16:51.0319 0744 secdrv - ok
14:16:51.0366 0744 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
14:16:51.0366 0744 Serenum - ok
14:16:51.0413 0744 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
14:16:51.0428 0744 Serial - ok
14:16:51.0506 0744 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
14:16:51.0506 0744 sermouse - ok
14:16:51.0584 0744 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
14:16:51.0584 0744 sffdisk - ok
14:16:51.0616 0744 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
14:16:51.0616 0744 sffp_mmc - ok
14:16:51.0631 0744 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
14:16:51.0647 0744 sffp_sd - ok
14:16:51.0694 0744 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
14:16:51.0694 0744 sfloppy - ok
14:16:51.0740 0744 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys
14:16:51.0740 0744 SiSGbeLH - ok
14:16:51.0772 0744 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:16:51.0772 0744 SiSRaid2 - ok
14:16:51.0818 0744 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
14:16:51.0818 0744 SiSRaid4 - ok
14:16:51.0865 0744 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
14:16:51.0865 0744 Smb - ok
14:16:52.0006 0744 SNP2UVC (1d8474722cdffbb8fca5fa12c50a05a2) C:\Windows\system32\DRIVERS\snp2uvc.sys
14:16:52.0068 0744 SNP2UVC - ok
14:16:52.0084 0744 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
14:16:52.0099 0744 spldr - ok
14:16:52.0177 0744 sptd (4b3f898dc1378ced2f35d04e5b0ce0df) C:\Windows\System32\Drivers\sptd.sys
14:16:52.0177 0744 Suspicious file (NoAccess): C:\Windows\System32\Drivers\sptd.sys. md5: 4b3f898dc1378ced2f35d04e5b0ce0df
14:16:52.0177 0744 sptd ( LockedFile.Multi.Generic ) - warning
14:16:52.0177 0744 sptd - detected LockedFile.Multi.Generic (1)
14:16:52.0224 0744 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
14:16:52.0240 0744 srv - ok
14:16:52.0286 0744 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
14:16:52.0302 0744 srv2 - ok
14:16:52.0349 0744 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
14:16:52.0349 0744 srvnet - ok
14:16:52.0396 0744 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
14:16:52.0396 0744 stexstor - ok
14:16:52.0442 0744 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
14:16:52.0442 0744 swenum - ok
14:16:52.0552 0744 Tcpip (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\drivers\tcpip.sys
14:16:52.0614 0744 Tcpip - ok
14:16:52.0692 0744 TCPIP6 (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\DRIVERS\tcpip.sys
14:16:52.0708 0744 TCPIP6 - ok
14:16:52.0754 0744 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
14:16:52.0754 0744 tcpipreg - ok
14:16:52.0786 0744 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
14:16:52.0801 0744 TDPIPE - ok
14:16:52.0817 0744 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
14:16:52.0817 0744 TDTCP - ok
14:16:52.0864 0744 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
14:16:52.0879 0744 tdx - ok
14:16:52.0926 0744 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
14:16:52.0926 0744 TermDD - ok
14:16:53.0004 0744 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:16:53.0004 0744 tssecsrv - ok
14:16:53.0082 0744 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
14:16:53.0082 0744 TsUsbFlt - ok
14:16:53.0144 0744 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
14:16:53.0144 0744 tunnel - ok
14:16:53.0269 0744 TurboB (c45a3e051c65106a28982caed125f855) C:\Windows\system32\DRIVERS\TurboB.sys
14:16:53.0269 0744 TurboB - ok
14:16:53.0347 0744 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
14:16:53.0347 0744 uagp35 - ok
14:16:53.0410 0744 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
14:16:53.0410 0744 udfs - ok
14:16:53.0488 0744 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
14:16:53.0488 0744 uliagpkx - ok
14:16:53.0519 0744 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
14:16:53.0519 0744 umbus - ok
14:16:53.0566 0744 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
14:16:53.0581 0744 UmPass - ok
14:16:53.0722 0744 USBAAPL64 (f724b03c3dfaacf08d17d38bf3333583) C:\Windows\system32\Drivers\usbaapl64.sys
14:16:53.0722 0744 USBAAPL64 - ok
14:16:53.0768 0744 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
14:16:53.0768 0744 usbccgp - ok
14:16:53.0815 0744 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
14:16:53.0831 0744 usbcir - ok
14:16:53.0878 0744 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
14:16:53.0878 0744 usbehci - ok
14:16:53.0924 0744 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
14:16:53.0940 0744 usbhub - ok
14:16:53.0971 0744 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
14:16:53.0971 0744 usbohci - ok
14:16:54.0002 0744 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
14:16:54.0002 0744 usbprint - ok
14:16:54.0065 0744 usbser (4acee387fa8fd39f83564fcd2fc234f2) C:\Windows\system32\drivers\usbser.sys
14:16:54.0065 0744 usbser - ok
14:16:54.0127 0744 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:16:54.0127 0744 USBSTOR - ok
14:16:54.0190 0744 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
14:16:54.0190 0744 usbuhci - ok
14:16:54.0299 0744 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
14:16:54.0299 0744 usbvideo - ok
14:16:54.0377 0744 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
14:16:54.0377 0744 vdrvroot - ok
14:16:54.0408 0744 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
14:16:54.0424 0744 vga - ok
14:16:54.0439 0744 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
14:16:54.0439 0744 VgaSave - ok
14:16:54.0486 0744 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
14:16:54.0486 0744 vhdmp - ok
14:16:54.0533 0744 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
14:16:54.0533 0744 viaide - ok
14:16:54.0564 0744 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
14:16:54.0580 0744 volmgr - ok
14:16:54.0611 0744 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
14:16:54.0611 0744 volmgrx - ok
14:16:54.0642 0744 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
14:16:54.0642 0744 volsnap - ok
14:16:54.0704 0744 Vsdatant (48bfa6276bcc0535f5f8898107ed489a) C:\Windows\system32\DRIVERS\vsdatant.sys
14:16:54.0720 0744 Vsdatant - ok
14:16:54.0767 0744 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
14:16:54.0767 0744 vsmraid - ok
14:16:54.0829 0744 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
14:16:54.0829 0744 vwifibus - ok
14:16:54.0876 0744 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
14:16:54.0876 0744 vwififlt - ok
14:16:54.0923 0744 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
14:16:54.0923 0744 WacomPen - ok
14:16:54.0970 0744 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
14:16:54.0985 0744 WANARP - ok
14:16:54.0985 0744 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
14:16:54.0985 0744 Wanarpv6 - ok
14:16:55.0063 0744 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
14:16:55.0063 0744 Wd - ok
14:16:55.0110 0744 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
14:16:55.0126 0744 Wdf01000 - ok
14:16:55.0188 0744 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
14:16:55.0188 0744 WfpLwf - ok
14:16:55.0235 0744 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
14:16:55.0235 0744 WimFltr - ok
14:16:55.0250 0744 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
14:16:55.0250 0744 WIMMount - ok
14:16:55.0360 0744 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
14:16:55.0375 0744 WinUsb - ok
14:16:55.0438 0744 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
14:16:55.0453 0744 WmiAcpi - ok
14:16:55.0547 0744 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
14:16:55.0562 0744 ws2ifsl - ok
14:16:55.0625 0744 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
14:16:55.0625 0744 WudfPf - ok
14:16:55.0687 0744 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:16:55.0687 0744 WUDFRd - ok
14:16:55.0765 0744 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
14:16:55.0796 0744 \Device\Harddisk0\DR0 - ok
14:16:55.0812 0744 Boot (0x1200) (7011d49f6a4c5b1db836e09e062304ec) \Device\Harddisk0\DR0\Partition0
14:16:55.0812 0744 \Device\Harddisk0\DR0\Partition0 - ok
14:16:55.0828 0744 Boot (0x1200) (580cb32c3febd213363568f3e4f1ba5c) \Device\Harddisk0\DR0\Partition1
14:16:55.0843 0744 \Device\Harddisk0\DR0\Partition1 - ok
14:16:55.0843 0744 ============================================================
14:16:55.0843 0744 Scan finished
14:16:55.0843 0744 ============================================================
14:16:55.0859 5912 Detected object count: 1
14:16:55.0859 5912 Actual detected object count: 1
14:17:07.0512 5912 sptd ( LockedFile.Multi.Generic ) - skipped by user
14:17:07.0512 5912 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
shakey1991
Active Member
 
Posts: 9
Joined: November 3rd, 2011, 3:32 am

Re: I have a spam problem

Unread postby Gary R » November 6th, 2011, 6:22 am

We'll look at your Desktop once we've finished looking over your laptop.

No signs yet of any active Malware on your computer, however there are a few things that need addressing.

First

Please go to Control Panel > Programs > Uninstall a program and Uninstall the following:

Akamai NetSession Interface
µTorrent


P2P use is the surest way to contracting an infection that I know, and unless configured correctly (most people do not do so) then you may be "sharing" more than you realise. To receive help at this forum we insist on the removal of P2P programs.

Reboot your computer when finished.

Next

  • Double click OTL.exe to launch the programme.
  • Copy/Paste the contents of the code box below into the Custom Scans/Fixes box.
Code: Select all
:OTL
SRV - [2011/11/05 15:19:48 | 003,298,392 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_d71b4a3.dll -- (Akamai)
IE - HKU\S-1-5-21-1299648625-2860720963-407481380-1001\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-21-1299648625-2860720963-407481380-1001\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - No CLSID value found
IE - HKU\S-1-5-21-1299648625-2860720963-407481380-1001\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
[2011/09/27 22:45:00 | 000,000,000 | ---D | M] (Vuze Remote Community Toolbar) -- C:\Users\Conor\AppData\Roaming\Mozilla\Firefox\Profiles\51qcqimq.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
[2011/10/01 00:51:16 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\Conor\AppData\Roaming\Mozilla\Firefox\Profiles\51qcqimq.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2011/04/02 02:03:45 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Conor\AppData\Roaming\Mozilla\Firefox\Profiles\51qcqimq.default\extensions\engine@conduit.com
[2011/01/29 22:47:04 | 000,002,067 | ---- | M] () -- C:\Users\Conor\AppData\Roaming\Mozilla\Firefox\Profiles\51qcqimq.default\searchplugins\absearch-search.xml
[2011/01/03 05:29:25 | 000,002,568 | ---- | M] () -- C:\Users\Conor\AppData\Roaming\Mozilla\Firefox\Profiles\51qcqimq.default\searchplugins\askcom.xml
[2010/08/19 23:08:14 | 000,000,939 | ---- | M] () -- C:\Users\Conor\AppData\Roaming\Mozilla\Firefox\Profiles\51qcqimq.default\searchplugins\conduit.xml
[2011/01/06 18:07:10 | 000,002,059 | ---- | M] () -- C:\Users\Conor\AppData\Roaming\Mozilla\Firefox\Profiles\51qcqimq.default\searchplugins\daemon-search.xml
[2011/01/03 05:11:28 | 000,001,583 | ---- | M] () -- C:\Users\Conor\AppData\Roaming\Mozilla\Firefox\Profiles\51qcqimq.default\searchplugins\web-search.xml
O3:64bit: - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1299648625-2860720963-407481380-1001\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-1299648625-2860720963-407481380-1001\..\Toolbar\WebBrowser: (no name) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - No CLSID value found.
O3 - HKU\S-1-5-21-1299648625-2860720963-407481380-1001\..\Toolbar\WebBrowser: (no name) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No CLSID value found.
O3 - HKU\S-1-5-21-1299648625-2860720963-407481380-1001\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-1299648625-2860720963-407481380-1001\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-1299648625-2860720963-407481380-1001\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O4 - HKU\S-1-5-21-1299648625-2860720963-407481380-1001..\Run: [Akamai NetSession Interface] C:\Users\Conor\AppData\Local\Akamai\netsession_win.exe ()
O33 - MountPoints2\{1459cce6-1963-11e0-aa1b-485b3962acf6}\Shell - "" = AutoRun
O33 - MountPoints2\{1459cce6-1963-11e0-aa1b-485b3962acf6}\Shell\AutoRun\command - "" = H:\setup.exe
O33 - MountPoints2\{36cc6a6b-1deb-11e0-83ba-485b3962acf6}\Shell - "" = AutoRun
O33 - MountPoints2\{36cc6a6b-1deb-11e0-83ba-485b3962acf6}\Shell\AutoRun\command - "" = J:\silent.exe
O33 - MountPoints2\{ea262bda-003a-11e0-9d80-485b3962acf6}\Shell - "" = AutoRun
O33 - MountPoints2\{ea262bda-003a-11e0-9d80-485b3962acf6}\Shell\AutoRun\command - "" = G:\autorun.exe
O33 - MountPoints2\{ea262bda-003a-11e0-9d80-485b3962acf6}\Shell\directx\command - "" = G:\DirectX9\dxsetup.exe
O33 - MountPoints2\{ea262bda-003a-11e0-9d80-485b3962acf6}\Shell\setup\command - "" = G:\setup.exe
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

:Files
C:\Users\Conor\AppData\Local\{5E2C4EEB-7265-447C-AA79-21130061F118}
C:\Users\Conor\AppData\Local\{AF75A77A-1431-4E89-936D-F98090A5C83F}
C:\Users\Conor\AppData\Local\{745AC36C-4348-423D-B798-A1C52F2E58D3}
C:\Users\Conor\AppData\Local\{7F59D285-A34B-4B86-8BDA-B1D207FC3C8E}
C:\Users\Conor\AppData\Local\{C27BF2BA-2E62-4C7A-A530-B51DF7BE9582}
C:\Users\Conor\AppData\Local\{0601C911-8C73-4A03-A093-010FE691219F}
C:\Users\Conor\AppData\Local\{1295D578-1A73-46DC-A34E-A403D1AEF55D}
C:\Users\Conor\AppData\Local\{CC5DDE75-6D83-4519-8D32-6833B922D7D1}
C:\Users\Conor\AppData\Local\{18502E02-50C5-4480-9EAE-56097FD0D1EA}
C:\Users\Conor\AppData\Local\{E2A1DF50-852D-4973-9534-F012E9E5D329}
C:\Users\Conor\AppData\Local\{7FCCE177-A177-4BC5-B6AE-E31DD41CC684}
C:\Users\Conor\AppData\Local\{20A96406-ED3D-41B9-876B-4423481910F9}
C:\Users\Conor\AppData\Local\{310AFFF6-88AB-43F0-AD5F-74A7808DF696}
C:\Users\Conor\AppData\Local\{F66D0BE2-DC85-45BC-9CD2-A889CB28516A}
C:\Users\Conor\AppData\Local\{0981CD43-B67D-4333-966A-1CFF60F32BF5}
C:\Users\Conor\AppData\Local\{2F8E36CA-2E86-4DA3-9737-487E629850B0}
C:\Users\Conor\AppData\Local\{C7E69DC6-DEE7-41B8-BAB9-784D0027DBAC}
C:\Users\Conor\AppData\Local\{0940309C-46FE-4BFB-A1C1-790B406E7D2F}
C:\Users\Conor\AppData\Local\{3E80561F-3E01-4864-A829-79D9FDACD0CC}
C:\Users\Conor\AppData\Local\{A6848F3F-EE0E-4835-93FB-CB14D08D108C}
C:\Users\Conor\AppData\Local\{1A5AE91E-80D7-4B84-91A2-EB30A643659D}
C:\Users\Conor\AppData\Local\{4D6A326F-B1B1-45C8-A3CD-451E2AD2261A}
C:\Users\Conor\AppData\Local\{FA6313E4-5A55-4727-8026-6ECAA41E172E}
C:\Users\Conor\AppData\Local\{B9D7B339-8C6C-455F-8AC2-EE2994755175}
C:\Users\Conor\AppData\Local\{7B816A7A-44C2-42F6-A7A3-402F3F8DE8BC}
C:\Users\Conor\AppData\Local\{E7099B0C-59E6-4DD2-B627-ED45E31279C3}
C:\Users\Conor\AppData\Local\{02708CDD-B6DC-421E-B52B-345CD66A8ED8}
C:\Users\Conor\AppData\Local\{D273313B-0A21-4B08-A57E-CA50E08B9FAF}
C:\Users\Conor\AppData\Local\{FCFB4D9F-469F-4525-AB11-3CC0E57491B4}
C:\Users\Conor\AppData\Local\{B234E758-FCC8-4BC2-97A2-0A15294C5155}
C:\Users\Conor\AppData\Local\{CA0FDEE7-BED7-4149-BD46-5D61B08D9E91}
C:\Users\Conor\AppData\Local\{DD444E36-EA99-467B-9C50-D14426575D15}
C:\Users\Conor\AppData\Local\{FF62F229-D9CA-4070-9580-A226BB4536A7}
C:\Users\Conor\AppData\Local\{25E3D1FE-7A20-4E8F-AEC8-FA1484E86DB3}
C:\Users\Conor\AppData\Local\{14A3BD69-865D-48A5-853A-AFF7F8EE3CFB}
C:\Users\Conor\AppData\Local\{5B7BDF38-120F-451C-BA78-9756CD1538A3}
C:\Users\Conor\AppData\Local\{A90E646E-1093-4D07-A6F3-7A5E09D962E4}
C:\Users\Conor\AppData\Local\{12BF2572-F1F2-46CE-B289-214082698088}
C:\Users\Conor\AppData\Local\{059077C1-B18A-46BA-A28D-DF771C5ECAE2}
C:\Users\Conor\AppData\Local\{7C3CC3A0-52CA-4627-9EA3-5D3BC7690F4C}
C:\Users\Conor\AppData\Local\{66783162-B2DD-4D40-8F02-EBC8B35DB1CF}
C:\Users\Conor\AppData\Local\{3E03B0A2-8613-4E9A-BCF9-D26F87EDEBD8}
C:\Users\Conor\AppData\Local\{9C59225F-6EA2-4962-BE82-646AF0B3157C}
C:\Users\Conor\AppData\Local\{8D0EB217-E5AD-48FA-A02E-B033ED54DBE2}
C:\Users\Conor\AppData\Local\{5329DC93-4BA5-4B1E-81C7-7DAD662BCA1D}
C:\Users\Conor\AppData\Local\{F1FF5A71-7BEF-4787-A27D-68C8F2968595}
C:\Users\Conor\AppData\Local\{2F36AE1C-F6A7-45C0-B103-6964D7BBC263}
C:\Users\Conor\AppData\Local\{5CE8D47A-7E64-412D-929A-B136FF6514C6}
C:\Users\Conor\AppData\Local\{B859953E-CB00-46F1-886F-DB41E6246C5D}
C:\Users\Conor\AppData\Local\{33D215C4-C30F-49E9-978D-83E02C9BC2AC}
C:\Users\Conor\AppData\Local\{C96838A3-BBDE-47E2-8831-F181F615F408}
C:\Users\Conor\AppData\Local\{F401CA01-79EA-4A2B-B94B-647BFC48F5EE}
C:\Users\Conor\AppData\Local\{9E2F6361-B501-4E32-9E7F-0B6834AE33E6}
C:\Users\Conor\AppData\Local\{D5E4FEBE-ECAF-4298-8903-6BC724187794}
C:\Users\Conor\AppData\Local\{36A533DA-DAC6-49F4-A4AF-505A001A118F}
C:\Users\Conor\AppData\Roaming\Azureus
C:\Users\Conor\AppData\Roaming\StreamTorrent
C:\Users\Conor\AppData\Roaming\uTorrent
c:\program files (x86)\common files\akamai
C:\Users\Conor\AppData\Local\Akamai

:Commands
[CreateRestorePoint]
[EmptyTemp]
[Reboot]

  • Click the Run Fix button.
  • OTL will now process the instructions.
  • When finished a box will open asking you to open the fix log, click OK.
  • The fix log will open.
  • Copy/Paste the log in your next reply please.

Note: OTL will re-boot your computer. A log will be produced upon re-boot.

Next

Please run a scan with ESET Online Scanner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.
  • Please go HERE then click on: Image
Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

  • Select the option YES, I accept the Terms of Use then click on: Image
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed make sure you first copy the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt
  • Copy and paste that log in your next reply please.
  • Now click on: Image (Selecting Uninstall application on close if you so wish)

Summary of the logs I need from you in your next post:
  • OTL fix log
  • E-Set log


Please post each log separately to prevent it being cut off by the forum post size limiter. Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

OTL fix

Unread postby shakey1991 » November 6th, 2011, 8:52 am

All processes killed
========== OTL ==========
Error: No service named Akamai was found to stop!
Service\Driver key Akamai not found.
File c:\program files (x86)\common files\akamai/netsession_win_d71b4a3.dll not found.
Registry value HKEY_USERS\S-1-5-21-1299648625-2860720963-407481380-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found.
Registry value HKEY_USERS\S-1-5-21-1299648625-2860720963-407481380-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc}\ not found.
Registry value HKEY_USERS\S-1-5-21-1299648625-2860720963-407481380-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ not found.
C:\Users\Conor\AppData\Roaming\Mozilla\Firefox\Profiles\51qcqimq.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\searchplugin folder moved successfully.
C:\Users\Conor\AppData\Roaming\Mozilla\Firefox\Profiles\51qcqimq.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\modules folder moved successfully.
C:\Users\Conor\AppData\Roaming\Mozilla\Firefox\Profiles\51qcqimq.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\META-INF folder moved successfully.
C:\Users\Conor\AppData\Roaming\Mozilla\Firefox\Profiles\51qcqimq.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\defaults folder moved successfully.
C:\Users\Conor\AppData\Roaming\Mozilla\Firefox\Profiles\51qcqimq.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components folder moved successfully.
C:\Users\Conor\AppData\Roaming\Mozilla\Firefox\Profiles\51qcqimq.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\chrome folder moved successfully.
C:\Users\Conor\AppData\Roaming\Mozilla\Firefox\Profiles\51qcqimq.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} folder moved successfully.
C:\Users\Conor\AppData\Roaming\Mozilla\Firefox\Profiles\51qcqimq.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\searchplugin folder moved successfully.
C:\Users\Conor\AppData\Roaming\Mozilla\Firefox\Profiles\51qcqimq.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\modules folder moved successfully.
C:\Users\Conor\AppData\Roaming\Mozilla\Firefox\Profiles\51qcqimq.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\META-INF folder moved successfully.
C:\Users\Conor\AppData\Roaming\Mozilla\Firefox\Profiles\51qcqimq.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\defaults folder moved successfully.
C:\Users\Conor\AppData\Roaming\Mozilla\Firefox\Profiles\51qcqimq.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components folder moved successfully.
C:\Users\Conor\AppData\Roaming\Mozilla\Firefox\Profiles\51qcqimq.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\chrome folder moved successfully.
C:\Users\Conor\AppData\Roaming\Mozilla\Firefox\Profiles\51qcqimq.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} folder moved successfully.
C:\Users\Conor\AppData\Roaming\Mozilla\Firefox\Profiles\51qcqimq.default\extensions\engine@conduit.com\searchplugin folder moved successfully.
C:\Users\Conor\AppData\Roaming\Mozilla\Firefox\Profiles\51qcqimq.default\extensions\engine@conduit.com\META-INF folder moved successfully.
C:\Users\Conor\AppData\Roaming\Mozilla\Firefox\Profiles\51qcqimq.default\extensions\engine@conduit.com\lib folder moved successfully.
C:\Users\Conor\AppData\Roaming\Mozilla\Firefox\Profiles\51qcqimq.default\extensions\engine@conduit.com\DualPackage folder moved successfully.
C:\Users\Conor\AppData\Roaming\Mozilla\Firefox\Profiles\51qcqimq.default\extensions\engine@conduit.com\defaults folder moved successfully.
C:\Users\Conor\AppData\Roaming\Mozilla\Firefox\Profiles\51qcqimq.default\extensions\engine@conduit.com\components folder moved successfully.
C:\Users\Conor\AppData\Roaming\Mozilla\Firefox\Profiles\51qcqimq.default\extensions\engine@conduit.com\chrome folder moved successfully.
C:\Users\Conor\AppData\Roaming\Mozilla\Firefox\Profiles\51qcqimq.default\extensions\engine@conduit.com folder moved successfully.
C:\Users\Conor\AppData\Roaming\Mozilla\Firefox\Profiles\51qcqimq.default\searchplugins\absearch-search.xml moved successfully.
C:\Users\Conor\AppData\Roaming\Mozilla\Firefox\Profiles\51qcqimq.default\searchplugins\askcom.xml moved successfully.
C:\Users\Conor\AppData\Roaming\Mozilla\Firefox\Profiles\51qcqimq.default\searchplugins\conduit.xml moved successfully.
C:\Users\Conor\AppData\Roaming\Mozilla\Firefox\Profiles\51qcqimq.default\searchplugins\daemon-search.xml moved successfully.
C:\Users\Conor\AppData\Roaming\Mozilla\Firefox\Profiles\51qcqimq.default\searchplugins\web-search.xml moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1299648625-2860720963-407481380-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_USERS\S-1-5-21-1299648625-2860720963-407481380-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BA14329E-9550-4989-B3F2-9732E92D17CC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BA14329E-9550-4989-B3F2-9732E92D17CC}\ not found.
Registry value HKEY_USERS\S-1-5-21-1299648625-2860720963-407481380-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}\ not found.
Registry value HKEY_USERS\S-1-5-21-1299648625-2860720963-407481380-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
Registry value HKEY_USERS\S-1-5-21-1299648625-2860720963-407481380-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_USERS\S-1-5-21-1299648625-2860720963-407481380-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107}\ not found.
Registry value HKEY_USERS\S-1-5-21-1299648625-2860720963-407481380-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface deleted successfully.
File C:\Users\Conor\AppData\Local\Akamai\netsession_win.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1459cce6-1963-11e0-aa1b-485b3962acf6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1459cce6-1963-11e0-aa1b-485b3962acf6}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1459cce6-1963-11e0-aa1b-485b3962acf6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1459cce6-1963-11e0-aa1b-485b3962acf6}\ not found.
File H:\setup.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{36cc6a6b-1deb-11e0-83ba-485b3962acf6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{36cc6a6b-1deb-11e0-83ba-485b3962acf6}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{36cc6a6b-1deb-11e0-83ba-485b3962acf6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{36cc6a6b-1deb-11e0-83ba-485b3962acf6}\ not found.
File J:\silent.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ea262bda-003a-11e0-9d80-485b3962acf6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ea262bda-003a-11e0-9d80-485b3962acf6}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ea262bda-003a-11e0-9d80-485b3962acf6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ea262bda-003a-11e0-9d80-485b3962acf6}\ not found.
File G:\autorun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ea262bda-003a-11e0-9d80-485b3962acf6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ea262bda-003a-11e0-9d80-485b3962acf6}\ not found.
File G:\DirectX9\dxsetup.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ea262bda-003a-11e0-9d80-485b3962acf6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ea262bda-003a-11e0-9d80-485b3962acf6}\ not found.
File G:\setup.exe not found.
C:\Windows\SysWow64\ConduitEngine.tmp deleted successfully.
C:\Windows\SysNative\drivers\~GLH0023.TMP deleted successfully.
========== FILES ==========
C:\Users\Conor\AppData\Local\{5E2C4EEB-7265-447C-AA79-21130061F118} folder moved successfully.
C:\Users\Conor\AppData\Local\{AF75A77A-1431-4E89-936D-F98090A5C83F} folder moved successfully.
C:\Users\Conor\AppData\Local\{745AC36C-4348-423D-B798-A1C52F2E58D3} folder moved successfully.
C:\Users\Conor\AppData\Local\{7F59D285-A34B-4B86-8BDA-B1D207FC3C8E} folder moved successfully.
C:\Users\Conor\AppData\Local\{C27BF2BA-2E62-4C7A-A530-B51DF7BE9582} folder moved successfully.
C:\Users\Conor\AppData\Local\{0601C911-8C73-4A03-A093-010FE691219F} folder moved successfully.
C:\Users\Conor\AppData\Local\{1295D578-1A73-46DC-A34E-A403D1AEF55D} folder moved successfully.
C:\Users\Conor\AppData\Local\{CC5DDE75-6D83-4519-8D32-6833B922D7D1} folder moved successfully.
C:\Users\Conor\AppData\Local\{18502E02-50C5-4480-9EAE-56097FD0D1EA} folder moved successfully.
C:\Users\Conor\AppData\Local\{E2A1DF50-852D-4973-9534-F012E9E5D329} folder moved successfully.
C:\Users\Conor\AppData\Local\{7FCCE177-A177-4BC5-B6AE-E31DD41CC684} folder moved successfully.
C:\Users\Conor\AppData\Local\{20A96406-ED3D-41B9-876B-4423481910F9} folder moved successfully.
C:\Users\Conor\AppData\Local\{310AFFF6-88AB-43F0-AD5F-74A7808DF696} folder moved successfully.
C:\Users\Conor\AppData\Local\{F66D0BE2-DC85-45BC-9CD2-A889CB28516A} folder moved successfully.
C:\Users\Conor\AppData\Local\{0981CD43-B67D-4333-966A-1CFF60F32BF5} folder moved successfully.
C:\Users\Conor\AppData\Local\{2F8E36CA-2E86-4DA3-9737-487E629850B0} folder moved successfully.
C:\Users\Conor\AppData\Local\{C7E69DC6-DEE7-41B8-BAB9-784D0027DBAC} folder moved successfully.
C:\Users\Conor\AppData\Local\{0940309C-46FE-4BFB-A1C1-790B406E7D2F} folder moved successfully.
C:\Users\Conor\AppData\Local\{3E80561F-3E01-4864-A829-79D9FDACD0CC} folder moved successfully.
C:\Users\Conor\AppData\Local\{A6848F3F-EE0E-4835-93FB-CB14D08D108C} folder moved successfully.
C:\Users\Conor\AppData\Local\{1A5AE91E-80D7-4B84-91A2-EB30A643659D} folder moved successfully.
C:\Users\Conor\AppData\Local\{4D6A326F-B1B1-45C8-A3CD-451E2AD2261A} folder moved successfully.
C:\Users\Conor\AppData\Local\{FA6313E4-5A55-4727-8026-6ECAA41E172E} folder moved successfully.
C:\Users\Conor\AppData\Local\{B9D7B339-8C6C-455F-8AC2-EE2994755175} folder moved successfully.
C:\Users\Conor\AppData\Local\{7B816A7A-44C2-42F6-A7A3-402F3F8DE8BC} folder moved successfully.
C:\Users\Conor\AppData\Local\{E7099B0C-59E6-4DD2-B627-ED45E31279C3} folder moved successfully.
C:\Users\Conor\AppData\Local\{02708CDD-B6DC-421E-B52B-345CD66A8ED8} folder moved successfully.
C:\Users\Conor\AppData\Local\{D273313B-0A21-4B08-A57E-CA50E08B9FAF} folder moved successfully.
C:\Users\Conor\AppData\Local\{FCFB4D9F-469F-4525-AB11-3CC0E57491B4} folder moved successfully.
C:\Users\Conor\AppData\Local\{B234E758-FCC8-4BC2-97A2-0A15294C5155} folder moved successfully.
C:\Users\Conor\AppData\Local\{CA0FDEE7-BED7-4149-BD46-5D61B08D9E91} folder moved successfully.
C:\Users\Conor\AppData\Local\{DD444E36-EA99-467B-9C50-D14426575D15} folder moved successfully.
C:\Users\Conor\AppData\Local\{FF62F229-D9CA-4070-9580-A226BB4536A7} folder moved successfully.
C:\Users\Conor\AppData\Local\{25E3D1FE-7A20-4E8F-AEC8-FA1484E86DB3} folder moved successfully.
C:\Users\Conor\AppData\Local\{14A3BD69-865D-48A5-853A-AFF7F8EE3CFB} folder moved successfully.
C:\Users\Conor\AppData\Local\{5B7BDF38-120F-451C-BA78-9756CD1538A3} folder moved successfully.
C:\Users\Conor\AppData\Local\{A90E646E-1093-4D07-A6F3-7A5E09D962E4} folder moved successfully.
C:\Users\Conor\AppData\Local\{12BF2572-F1F2-46CE-B289-214082698088} folder moved successfully.
C:\Users\Conor\AppData\Local\{059077C1-B18A-46BA-A28D-DF771C5ECAE2} folder moved successfully.
C:\Users\Conor\AppData\Local\{7C3CC3A0-52CA-4627-9EA3-5D3BC7690F4C} folder moved successfully.
C:\Users\Conor\AppData\Local\{66783162-B2DD-4D40-8F02-EBC8B35DB1CF} folder moved successfully.
C:\Users\Conor\AppData\Local\{3E03B0A2-8613-4E9A-BCF9-D26F87EDEBD8} folder moved successfully.
C:\Users\Conor\AppData\Local\{9C59225F-6EA2-4962-BE82-646AF0B3157C} folder moved successfully.
C:\Users\Conor\AppData\Local\{8D0EB217-E5AD-48FA-A02E-B033ED54DBE2} folder moved successfully.
C:\Users\Conor\AppData\Local\{5329DC93-4BA5-4B1E-81C7-7DAD662BCA1D} folder moved successfully.
C:\Users\Conor\AppData\Local\{F1FF5A71-7BEF-4787-A27D-68C8F2968595} folder moved successfully.
C:\Users\Conor\AppData\Local\{2F36AE1C-F6A7-45C0-B103-6964D7BBC263} folder moved successfully.
C:\Users\Conor\AppData\Local\{5CE8D47A-7E64-412D-929A-B136FF6514C6} folder moved successfully.
C:\Users\Conor\AppData\Local\{B859953E-CB00-46F1-886F-DB41E6246C5D} folder moved successfully.
C:\Users\Conor\AppData\Local\{33D215C4-C30F-49E9-978D-83E02C9BC2AC} folder moved successfully.
C:\Users\Conor\AppData\Local\{C96838A3-BBDE-47E2-8831-F181F615F408} folder moved successfully.
C:\Users\Conor\AppData\Local\{F401CA01-79EA-4A2B-B94B-647BFC48F5EE} folder moved successfully.
C:\Users\Conor\AppData\Local\{9E2F6361-B501-4E32-9E7F-0B6834AE33E6} folder moved successfully.
C:\Users\Conor\AppData\Local\{D5E4FEBE-ECAF-4298-8903-6BC724187794} folder moved successfully.
C:\Users\Conor\AppData\Local\{36A533DA-DAC6-49F4-A4AF-505A001A118F} folder moved successfully.
C:\Users\Conor\AppData\Roaming\Azureus\torrents folder moved successfully.
C:\Users\Conor\AppData\Roaming\Azureus\tmp folder moved successfully.
C:\Users\Conor\AppData\Roaming\Azureus\subs folder moved successfully.
C:\Users\Conor\AppData\Roaming\Azureus\shares folder moved successfully.
C:\Users\Conor\AppData\Roaming\Azureus\rss folder moved successfully.
C:\Users\Conor\AppData\Roaming\Azureus\plugins\mlab folder moved successfully.
C:\Users\Conor\AppData\Roaming\Azureus\plugins\hvi folder moved successfully.
C:\Users\Conor\AppData\Roaming\Azureus\plugins\azutp\x64 folder moved successfully.
C:\Users\Conor\AppData\Roaming\Azureus\plugins\azutp\win32 folder moved successfully.
C:\Users\Conor\AppData\Roaming\Azureus\plugins\azutp folder moved successfully.
C:\Users\Conor\AppData\Roaming\Azureus\plugins\azupnpav folder moved successfully.
C:\Users\Conor\AppData\Roaming\Azureus\plugins\azemp folder moved successfully.
C:\Users\Conor\AppData\Roaming\Azureus\plugins\aefeatman_v folder moved successfully.
C:\Users\Conor\AppData\Roaming\Azureus\plugins folder moved successfully.
C:\Users\Conor\AppData\Roaming\Azureus\net folder moved successfully.
C:\Users\Conor\AppData\Roaming\Azureus\logs\save folder moved successfully.
C:\Users\Conor\AppData\Roaming\Azureus\logs folder moved successfully.
C:\Users\Conor\AppData\Roaming\Azureus\dht folder moved successfully.
C:\Users\Conor\AppData\Roaming\Azureus\devices folder moved successfully.
C:\Users\Conor\AppData\Roaming\Azureus\cache folder moved successfully.
C:\Users\Conor\AppData\Roaming\Azureus\active folder moved successfully.
C:\Users\Conor\AppData\Roaming\Azureus folder moved successfully.
C:\Users\Conor\AppData\Roaming\StreamTorrent\1.0\config folder moved successfully.
C:\Users\Conor\AppData\Roaming\StreamTorrent\1.0 folder moved successfully.
C:\Users\Conor\AppData\Roaming\StreamTorrent folder moved successfully.
C:\Users\Conor\AppData\Roaming\uTorrent\dlimagecache folder moved successfully.
C:\Users\Conor\AppData\Roaming\uTorrent\apps folder moved successfully.
C:\Users\Conor\AppData\Roaming\uTorrent folder moved successfully.
File\Folder c:\program files (x86)\common files\akamai not found.
File\Folder C:\Users\Conor\AppData\Local\Akamai not found.
========== COMMANDS ==========
Restore point Set: OTL Restore Point

[EMPTYTEMP]

User: All Users

User: Conor
->Temp folder emptied: 3749938 bytes
->Temporary Internet Files folder emptied: 13368478 bytes
->Java cache emptied: 7669329 bytes
->FireFox cache emptied: 50603365 bytes
->Google Chrome cache emptied: 92556321 bytes
->Flash cache emptied: 5662279 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 170964 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50534 bytes
RecycleBin emptied: 1960100 bytes

Total Files Cleaned = 168.00 mb


OTL by OldTimer - Version 3.2.31.0 log created on 11062011_234709

Files\Folders moved on Reboot...
C:\Users\Conor\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Conor\AppData\Local\Temp\~DFE7C2D2AACB166BB3.TMP moved successfully.
File\Folder C:\Windows\temp\ZLT00d76.TMP not found!

Registry entries deleted on Reboot...
shakey1991
Active Member
 
Posts: 9
Joined: November 3rd, 2011, 3:32 am

internet issues

Unread postby shakey1991 » November 6th, 2011, 9:06 am

sorry gary, we have exceeded our bandwidth limit for this month and have to make do with dial-up speeds, i will post the online scan log around this time tomorrow or the following day

quick question, what is wrong with akami net interface, nfl.com askedme to install it to watch higher quality videos
shakey1991
Active Member
 
Posts: 9
Joined: November 3rd, 2011, 3:32 am

Re: I have a spam problem

Unread postby Gary R » November 6th, 2011, 9:35 am

Akamai uses P2P technology to enable fast downloading, and having P2P programs of any kind can leave your computer vulnerable to infection.

P2P works by each member of the network enabling a certain proportion of their hard drive for use by the network, so that files can be "shared" across that network. It is this "sharing" that is both the strength of P2P, and from a security point of view the weakness of P2P.

P2P completely bypasses your firewall and anti-virus programs, which might otherwise "interfere" with the file transfer process.

Unless configured correctly (and most people do not configure P2P correctly), you may be exposing more of your computer to the P2P network than you realise, and even when they are configured correctly, the defensive "ring fencing" used by P2P programs to protect your computer, is easily overcome, leaving your computer open to exploit.

Akamai is a perfectly legitimate program, but use of it does leave your computer's defences seriously diminished, and it has been the experience of this forum that any use of P2P is not worth the security risk. 80% or more of the people coming to us with infection problems are users of P2P, but since we have introduced the "ban" on P2P (where we ask for all P2P programs to be uninstalled), the number of them that "re-offend" (come here for help again) has reduced dramatically.

Below are a few articles on P2P that you may wish to read ....

http://www.us-cert.gov/cas/tips/ST05-007.html
http://www.fbi.gov/scams-safety/peertopeer/oeertopeer
http://www.benedelman.org/spyware/p2p/
http://www.pcworld.com/article/126230/i ... works.html
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

eset log

Unread postby shakey1991 » November 8th, 2011, 6:26 am

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=818098e840e553458f06256c7e7a54a1
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2011-11-08 10:22:33
# local_time=2011-11-08 09:22:33 (+1000, AUS Eastern Daylight Time)
# country="Australia"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=1024 16777215 100 0 985019 985019 0 0
# compatibility_mode=5893 16776574 100 94 19208516 72373694 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# compatibility_mode=9217 16777214 75 70 31657566 37366182 0 0
# scanned=132308
# found=0
# cleaned=0
# scan_time=7508
shakey1991
Active Member
 
Posts: 9
Joined: November 3rd, 2011, 3:32 am

Re: I have a spam problem

Unread postby Gary R » November 8th, 2011, 7:36 am

It looks as if your laptop is clean of infection, so if you'd like me to check your Desktop now, then please run scans with OTL and TDSSKiller, and post me the logs.

OTL.txt
Extras.txt
TDSSKiller log
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: I have a spam problem

Unread postby shakey1991 » November 8th, 2011, 7:56 am

will do in the coming week, i have a hectic uni schedule atm

so does the fact there was no infection mean my laptop is clean? how would someone gain access to my e-mail anyway? if the reasons are too varied dont bother haha, just thinking for the future, ways to prevent this from happening
shakey1991
Active Member
 
Posts: 9
Joined: November 3rd, 2011, 3:32 am

Re: I have a spam problem

Unread postby Gary R » November 8th, 2011, 11:23 am

As I said earlier, with an online e-mail provider like hotmail or yahoo, it's not uncommon for an account to be hacked, you're not the first person this has happened to and you won't be the last.

Usually changing your password is all it takes to re-secure the account.

I'll leave this topic open for 3 days, if you post the logs from your Desktop within that time then we'll continue, if not I'll close the topic, and you can open a new topic when you're ready and post the logs to that.

In the meantime, we just need to do a little tidying up on your laptop.

Let's clear out OTL and the files and folders it created. This will also remove TDSSKiller.
  • Double click OTL.exe to launch the programme.
  • Click on the CleanUp! button.
  • OTL will download a list from the Internet, if your firewall or other defensive programmes alerts you, allow it access.
  • You will be prompted to allow the clean up procedure, click Yes
  • When finished exit out of OTL
  • Now delete OTL.exe (if still present).

Please read the article below which will give you a few suggestions for how to minimise your chances of getting another infection.

If your computer is running slowly after your clean up, please read.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 117 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware