Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Buzzdock Ads - how do i remove them?

  • 05-09-2013 12:28pm
    #1
    Registered Users, Registered Users 2 Posts: 43


    Everytime i do a search using Google, the first half page of results are coming up as Buzzdock Ads.

    I want to get rid of these.

    I searched on Google how to do it and there was a lot of references on various forums to go to Control Panel - Unistall Program and uninstall Buzzdock.

    However, i tried this and there is no listing of a Buzzdock application on my computer. I went down through the full list of applications and i know what each of them are for and none of them relate to BUzzdock.

    Anyone have any advice?

    Appreciate the help.

    btw - i'm using a Windows XP operating system and Internet Explorer web browser. I'm not exactle technically gifted when it comes to computers so please dumb down any advice!

    Thanks.


Comments

  • Registered Users, Registered Users 2 Posts: 840 ✭✭✭jsa112


    Download OTL to your Desktop
    • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    • Click the Quick Scan button. Do not change any settings. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files here


  • Registered Users, Registered Users 2 Posts: 43 IntoYourSister


    jsa112 wrote: »
    Download OTL to your Desktop
    • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    • Click the Quick Scan button. Do not change any settings. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files here

    OK. Thanks very much. It will be this evening before i get a chance to do this.

    Thanks again.


  • Registered Users, Registered Users 2 Posts: 43 IntoYourSister


    OTL.txt

    OTL logfile created on: 9/5/2013 9:44:05 PM - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Paulo\Downloads
    64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000409 | Country: Ireland | Language: ENI | Date Format: dd/MM/yyyy

    3.80 Gb Total Physical Memory | 2.18 Gb Available Physical Memory | 57.32% Memory free
    7.60 Gb Paging File | 5.54 Gb Available in Paging File | 72.87% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 451.01 Gb Total Space | 288.99 Gb Free Space | 64.08% Space Free | Partition Type: NTFS

    Computer Name: PAULO-PC | User Name: Paulo | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2013/09/05 21:42:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Paulo\Downloads\OTL.exe
    PRC - [2013/08/09 08:03:09 | 000,051,992 | ---- | M] (cake bake) -- C:\Program Files (x86)\WADesktop.Updater.exe
    PRC - [2013/04/16 09:12:22 | 000,208,920 | ---- | M] (K7 Computing Pvt Ltd) -- C:\Program Files (x86)\K7 Computing\K7TSecurity\k7rtscan.exe
    PRC - [2013/04/02 09:14:04 | 000,154,136 | ---- | M] (K7 Computing Pvt Ltd) -- C:\Program Files (x86)\K7 Computing\K7TSecurity\k7emlpxy.exe
    PRC - [2013/03/29 12:49:02 | 000,163,864 | ---- | M] (K7 Computing Pvt Ltd) -- C:\Program Files (x86)\K7 Computing\K7TSecurity\k7tsecurity.exe
    PRC - [2013/03/29 11:12:28 | 000,241,288 | ---- | M] (K7 Computing Pvt Ltd) -- C:\Program Files (x86)\K7 Computing\K7TSecurity\k7tsmngr.exe
    PRC - [2012/08/08 20:04:06 | 000,070,656 | ---- | M] (Nike) -- C:\Program Files (x86)\Nike\Nike+ Connect\Nike+ Connect daemon.exe
    PRC - [2011/12/21 15:16:54 | 000,262,752 | ---- | M] (K7 Computing Pvt Ltd) -- C:\Program Files (x86)\K7 Computing\K7TSecurity\K7CrvSvc.exe
    PRC - [2011/11/14 19:26:48 | 000,247,968 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe
    PRC - [2011/11/05 12:50:19 | 000,072,800 | ---- | M] (K7 Computing Pvt Ltd) -- C:\Program Files (x86)\K7 Computing\K7TSecurity\K7SysMon.Exe
    PRC - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    PRC - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    PRC - [2010/03/17 22:37:16 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    PRC - [2010/03/17 22:34:12 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    PRC - [2010/02/28 03:33:14 | 000,077,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE
    PRC - [2009/12/23 23:39:04 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    PRC - [2009/12/23 23:39:02 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    PRC - [2009/12/15 22:14:22 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
    PRC - [2009/11/13 22:15:00 | 001,807,600 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
    PRC - [2009/06/24 22:21:38 | 000,409,744 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
    PRC - [2009/06/09 15:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
    PRC - [2009/05/21 14:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
    PRC - [2009/05/21 14:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe


    ========== Modules (No Company Name) ==========

    MOD - [2013/02/13 21:05:10 | 001,840,640 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\5313101ea19adc3e2dfe99fd480f839f\System.Web.Services.ni.dll
    MOD - [2013/02/13 21:05:08 | 011,824,128 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\a00aab40bdf5aed84b4d4294965cf20d\System.Web.ni.dll
    MOD - [2013/02/13 21:04:53 | 012,433,920 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\05682429807d34d6ff05a77ea153935f\System.Windows.Forms.ni.dll
    MOD - [2013/01/15 20:37:31 | 000,997,888 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\ee4683cbfd60ee35d95e2e6d32fc3981\System.Management.ni.dll
    MOD - [2013/01/15 20:29:04 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\01b47a246b4ec7bfec31bf4503aceda1\System.Runtime.Remoting.ni.dll
    MOD - [2013/01/15 20:28:25 | 001,592,832 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\e2ee5d77ebe0bd025e7a7a317a43d677\System.Drawing.ni.dll
    MOD - [2013/01/15 20:28:08 | 003,325,952 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\82a4c4666ad83c3a375210247e69646b\WindowsBase.ni.dll
    MOD - [2013/01/15 20:28:02 | 005,453,312 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\10aba2c167cc1119b80159fd9ac71ca8\System.Xml.ni.dll
    MOD - [2013/01/15 20:27:58 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\96a3b737db1e72adaf32d2b350e50c23\System.Configuration.ni.dll
    MOD - [2013/01/15 20:27:57 | 007,974,400 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\c54750e64ba10d0fb7b6a636fb3695ca\System.ni.dll
    MOD - [2013/01/15 20:27:51 | 011,490,816 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b0b8554c05f194f546a8ed531320760b\mscorlib.ni.dll
    MOD - [2012/11/28 15:13:52 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    MOD - [2012/11/28 15:13:30 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    MOD - [2010/02/28 03:33:14 | 000,077,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE
    MOD - [2009/12/15 22:14:22 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
    MOD - [2009/11/13 22:15:00 | 001,807,600 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
    MOD - [2009/11/13 22:15:00 | 000,275,696 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll
    MOD - [2009/11/13 22:15:00 | 000,152,816 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll
    MOD - [2009/11/13 22:15:00 | 000,095,472 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll
    MOD - [2009/11/13 22:15:00 | 000,058,608 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll
    MOD - [2009/11/13 22:15:00 | 000,017,648 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\CppUtils.dll


    ========== Services (SafeList) ==========

    SRV:64bit: - [2010/03/17 22:29:08 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Disabled | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\AESTSr64.exe -- (AESTFilters)
    SRV:64bit: - [2010/03/17 22:27:52 | 000,244,736 | ---- | M] (IDT, Inc.) [Disabled | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\stacsv64.exe -- (STacSV)
    SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV:64bit: - [2009/07/02 00:54:02 | 000,864,032 | ---- | M] (Broadcom Corporation.) [Disabled | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
    SRV:64bit: - [2009/06/09 15:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Disabled | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
    SRV - [2013/04/19 15:14:16 | 000,161,384 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
    SRV - [2013/04/16 09:12:22 | 000,208,920 | ---- | M] (K7 Computing Pvt Ltd) [Auto | Running] -- C:\Program Files (x86)\K7 Computing\K7TSecurity\k7rtscan.exe -- (K7RTScan)
    SRV - [2013/04/02 09:14:04 | 000,154,136 | ---- | M] (K7 Computing Pvt Ltd) [Auto | Running] -- C:\Program Files (x86)\K7 Computing\K7TSecurity\k7emlpxy.exe -- (K7EmlPxy)
    SRV - [2013/03/29 11:12:28 | 000,241,288 | ---- | M] (K7 Computing Pvt Ltd) [Auto | Running] -- C:\Program Files (x86)\K7 Computing\K7TSecurity\k7tsmngr.exe -- (K7TSMngr)
    SRV - [2011/12/21 15:16:54 | 000,262,752 | ---- | M] (K7 Computing Pvt Ltd) [Auto | Running] -- C:\Program Files (x86)\K7 Computing\K7TSecurity\K7CrvSvc.exe -- (K7CrvSvc)
    SRV - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [Disabled | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
    SRV - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Disabled | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
    SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2010/03/17 22:37:16 | 002,320,920 | ---- | M] (Intel Corporation) [Disabled | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
    SRV - [2010/03/17 22:34:12 | 000,268,824 | ---- | M] (Intel Corporation) [Disabled | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
    SRV - [2010/03/17 22:29:08 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Disabled | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\AESTSr64.exe -- (AESTFilters)
    SRV - [2010/03/17 22:27:52 | 000,244,736 | ---- | M] (IDT, Inc.) [Disabled | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\STacSV64.exe -- (STacSV)
    SRV - [2009/12/23 23:39:04 | 000,013,336 | ---- | M] (Intel Corporation) [Disabled | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
    SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
    SRV - [2009/05/21 14:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) [Disabled | Running] -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - [2013/08/01 04:44:42 | 001,199,904 | ---- | M] (K7 Computing Pvt Ltd) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\K7Sentry.sys -- (K7Sentry)
    DRV:64bit: - [2013/07/23 14:38:26 | 000,107,296 | ---- | M] (K7 Computing Pvt Ltd) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\K7FWHlpr.Sys -- (K7FWHlpr)
    DRV:64bit: - [2012/09/28 11:32:56 | 000,053,760 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
    DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
    DRV:64bit: - [2012/07/30 11:24:30 | 000,158,720 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ser2pl64.sys -- (Ser2pl)
    DRV:64bit: - [2012/03/01 07:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
    DRV:64bit: - [2011/10/01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
    DRV:64bit: - [2011/10/01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
    DRV:64bit: - [2011/10/01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
    DRV:64bit: - [2011/10/01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
    DRV:64bit: - [2011/03/11 07:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2011/03/11 07:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2010/08/25 20:36:04 | 010,611,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
    DRV:64bit: - [2010/04/19 20:29:18 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
    DRV:64bit: - [2010/03/17 22:44:44 | 000,301,104 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
    DRV:64bit: - [2010/03/17 22:41:48 | 000,325,152 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
    DRV:64bit: - [2010/03/17 22:33:06 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
    DRV:64bit: - [2010/03/17 22:29:52 | 000,232,480 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
    DRV:64bit: - [2010/03/17 22:27:14 | 000,505,856 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
    DRV:64bit: - [2010/02/27 01:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
    DRV:64bit: - [2010/02/03 15:38:30 | 000,271,872 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
    DRV:64bit: - [2010/02/03 07:13:08 | 000,020,984 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcmvwl64.sys -- (BcmVWL)
    DRV:64bit: - [2010/02/03 07:13:06 | 003,058,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
    DRV:64bit: - [2009/12/17 16:42:08 | 000,538,136 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
    DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2009/07/14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2009/07/09 04:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
    DRV:64bit: - [2009/07/03 07:26:34 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
    DRV:64bit: - [2009/07/03 07:26:34 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
    DRV:64bit: - [2009/07/03 07:26:34 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
    DRV:64bit: - [2009/07/03 07:26:34 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
    DRV:64bit: - [2009/06/15 19:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
    DRV:64bit: - [2009/06/10 21:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
    DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
    DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
    DRV:64bit: - [2006/11/01 17:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
    DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.)
    IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ie/
    IE - HKCU\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.)
    IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


    ========== FireFox ==========

    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)



    ========== Chrome ==========

    CHR - homepage: http://www.google.com/
    CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\8.0.552.215\pdf.dll
    CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\8.0.552.215\gears.dll
    CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\8.0.552.215\gcswf32.dll
    CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
    CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
    CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
    CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
    CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
    CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
    CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
    CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
    CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
    CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.2.183.23\npGoogleOneClick8.dll
    CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
    CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
    CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrl.dll
    CHR - plugin: Default Plug-in (Enabled) = default_plugin

    O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
    O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.)
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
    O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.)
    O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" File not found
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html File not found
    O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
    O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html File not found
    O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
    O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
    O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
    O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
    O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
    O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
    O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
    O16:64bit: - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
    O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
    O16 - DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} http://assets.photobox.com/assets/v/ra3RgI_VSoCPalw7aL2ig_0fSS8.cab (PhotoboxPhotowaysUploader5 Control)
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
    O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{61A09BC0-02EB-44B7-B593-A5C9C13521C7}: DhcpNameServer = 172.31.140.69 172.30.140.69
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D43BE858-1D4F-41C4-BB7B-6F81C30AC4EA}: DhcpNameServer = 192.168.1.1
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
    O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
    O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O32 - HKLM CDRom: AutoRun - 1
    O34 - HKLM BootExecute: (autocheck autochk *)
    O34 - HKLM BootExecute: (K7TSDbg)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

    ========== Files/Folders - Created Within 30 Days ==========

    [2013/09/04 22:45:46 | 000,000,000 | ---D | C] -- C:\windows\pss
    [2013/09/04 22:29:00 | 000,000,000 | ---D | C] -- C:\Users\Paulo\AppData\Roaming\Anvisoft
    [2013/09/04 22:28:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvisoft
    [2013/09/04 22:28:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Anvisoft
    [2013/09/04 22:28:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Anvisoft
    [2013/09/04 03:04:28 | 000,000,000 | ---D | C] -- C:\windows\SysNative\SPReview
    [2013/08/26 21:46:44 | 000,000,000 | ---D | C] -- C:\windows\SysNative\MRT
    [2013/08/26 21:02:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Betcat
    [2013/08/11 17:47:12 | 000,000,000 | ---D | C] -- C:\Users\Paulo\AppData\Roaming\Betcat
    [2013/08/09 08:03:10 | 000,000,000 | ---D | C] -- C:\Users\Paulo\AppData\Roaming\Web Cake
    [2013/08/09 08:03:09 | 000,051,992 | ---- | C] (cake bake) -- C:\Program Files (x86)\WADesktop.Updater.exe

    ========== Files - Modified Within 30 Days ==========

    [2013/09/05 21:39:35 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
    [2013/09/03 08:46:36 | 000,013,872 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2013/09/03 08:46:36 | 000,013,872 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2013/09/03 08:39:04 | 3062,812,672 | -HS- | M] () -- C:\hiberfil.sys
    [2013/08/29 15:07:59 | 000,000,017 | ---- | M] () -- C:\windows\SysWow64\shortcut_ex.dat
    [2013/08/09 08:03:09 | 000,051,992 | ---- | M] (cake bake) -- C:\Program Files (x86)\WADesktop.Updater.exe

    ========== Files Created - No Company Name ==========

    [2013/08/29 15:07:59 | 000,000,017 | ---- | C] () -- C:\windows\SysWow64\shortcut_ex.dat
    [2011/09/17 13:00:25 | 000,160,768 | ---- | C] () -- C:\windows\SysWow64\unrar.dll
    [2010/10/20 21:03:32 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
    [2008/12/11 13:27:24 | 001,320,608 | ---- | C] () -- C:\Users\Paulo\AppData\Roaming\com.kennettnet.MusicRescue4.Profiles.plist
    [2008/12/11 12:53:20 | 000,379,174 | ---- | C] () -- C:\Users\Paulo\AppData\Roaming\com.kennettnet.MusicRescue4.plist

    ========== ZeroAccess Check ==========

    [2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
    "" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

    ========== LOP Check ==========

    [2013/09/04 22:48:42 | 000,000,000 | ---D | M] -- C:\Users\Paulo\AppData\Roaming\Anvisoft
    [2013/09/04 20:17:18 | 000,000,000 | ---D | M] -- C:\Users\Paulo\AppData\Roaming\Betcat
    [2013/06/09 10:03:46 | 000,000,000 | ---D | M] -- C:\Users\Paulo\AppData\Roaming\GoforFiles
    [2013/08/29 15:07:49 | 000,000,000 | ---D | M] -- C:\Users\Paulo\AppData\Roaming\SoftGrid Client
    [2013/07/26 22:47:00 | 000,000,000 | ---D | M] -- C:\Users\Paulo\AppData\Roaming\Spotify
    [2010/12/03 00:26:59 | 000,000,000 | ---D | M] -- C:\Users\Paulo\AppData\Roaming\TP
    [2013/07/26 22:46:45 | 000,000,000 | ---D | M] -- C:\Users\Paulo\AppData\Roaming\uTorrent
    [2013/08/11 23:22:00 | 000,000,000 | ---D | M] -- C:\Users\Paulo\AppData\Roaming\Web Cake
    [2012/02/17 11:32:26 | 000,000,000 | ---D | M] -- C:\Users\Paulo\AppData\Roaming\Windows Live Writer

    ========== Purity Check ==========


    < End of report >


  • Registered Users, Registered Users 2 Posts: 43 IntoYourSister


    Extras.txt

    OTL Extras logfile created on: 9/5/2013 9:44:05 PM - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Paulo\Downloads
    64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000409 | Country: Ireland | Language: ENI | Date Format: dd/MM/yyyy

    3.80 Gb Total Physical Memory | 2.18 Gb Available Physical Memory | 57.32% Memory free
    7.60 Gb Paging File | 5.54 Gb Available in Paging File | 72.87% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 451.01 Gb Total Space | 288.99 Gb Free Space | 64.08% Space Free | Partition Type: NTFS

    Computer Name: PAULO-PC | User Name: Paulo | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
    .html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found

    ========== Shell Spawning ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
    http [open] -- Reg Error: Key error.
    https [open] -- Reg Error: Key error.
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
    http [open] -- Reg Error: Key error.
    https [open] -- Reg Error: Key error.
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    ========== Authorized Applications List ==========


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{0DFDAFF5-2533-4DD3-AF12-B195F0431D31}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{180D715D-B779-4758-B694-C0347B29246B}" = rport=139 | protocol=6 | dir=out | app=system |
    "{1A43C19A-30F8-4507-B085-E6C5D4563762}" = rport=445 | protocol=6 | dir=out | app=system |
    "{1B8E4133-C50F-4B04-9750-F0A7FCAC059B}" = rport=10243 | protocol=6 | dir=out | app=system |
    "{1F8181A1-B9FE-4D7E-B186-0F827CDC3D82}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{2697130B-B7E2-40D6-83CB-CA369D733DAC}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{3FC35DDD-896C-4EED-A073-AE9BBBD0109E}" = rport=138 | protocol=17 | dir=out | app=system |
    "{453407BF-330B-42B9-8881-EA7744D92D3B}" = lport=10243 | protocol=6 | dir=in | app=system |
    "{47135E82-1C7C-4FA0-A2AE-594BF8C00BF9}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{4CACD3AF-BA7B-4A3A-B7B0-2EB7BC59C42C}" = lport=138 | protocol=17 | dir=in | app=system |
    "{6282879A-0178-4666-8FF7-C8056A246454}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{71109315-7B51-4684-8BBD-6DD2412935BF}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [EMAIL="name=@firewallapi.dll,-28539"]name=@firewallapi.dll,-28539[/EMAIL] |
    "{720028EC-1548-42FA-87A3-22CA15A2DBD3}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{7CFC34D2-FA2D-40B3-B44B-A30068706A51}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
    "{7EBA1749-D261-40FA-9BFE-18F002F118E5}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{80CE391B-EE05-41C1-9530-7C95C2665894}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
    "{8FCF9E7F-E272-428E-BB4C-44F553A1CBA2}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{90C3D412-88AA-4286-ABEF-16A6BB7820E7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{9217DD4B-EB5E-435B-BEF2-4ABAE512F7C6}" = lport=445 | protocol=6 | dir=in | app=system |
    "{96EEA1F7-3A6B-4B76-8FA1-28AE0F6F4C5B}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
    "{A29E5FA8-64B1-41B9-AD44-A6A2B6484667}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{A84CC364-3472-4B33-A147-E078BE267DFF}" = lport=137 | protocol=17 | dir=in | app=system |
    "{C9D136A5-958F-466D-819C-78127195C026}" = rport=137 | protocol=17 | dir=out | app=system |
    "{DD1FB2A3-93C4-478B-8C06-99FE6D6038E0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{DE3B5E08-98AE-4396-8BC5-D49F90590497}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
    "{E0A30283-430C-4387-91AD-26192F4B9C76}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{EFE27EBF-B1E9-4707-B7F4-A91EBC35051D}" = lport=139 | protocol=6 | dir=in | app=system |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{0A43B063-2113-4152-9BE6-13A03A4D9121}" = protocol=6 | dir=in | app=c:\program files (x86)\goforfiles\goforfilesdl.exe |
    "{194E9C4E-3C99-43BE-BB1A-28BA8CC400D4}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
    "{1D605E48-283A-467A-B5AA-90A73E620C88}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{1F130003-D242-431A-9823-9B44C7C8D2B2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{22995E5F-F346-4AF7-A0D6-C071F9FD51CE}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
    "{2CF4D639-2C9A-40B1-83D1-3094E2EF5A5D}" = protocol=58 | dir=out | [EMAIL="name=@firewallapi.dll,-28546"]name=@firewallapi.dll,-28546[/EMAIL] |
    "{36D8CA3D-2D84-40E4-8809-A7BD5C7DEFBE}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{3E4EBC1C-91AF-4BA7-AA95-1A6E51CAA4BE}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
    "{4153F84E-3761-49DC-B9C7-7BD0F0793605}" = protocol=1 | dir=out | [EMAIL="name=@firewallapi.dll,-28544"]name=@firewallapi.dll,-28544[/EMAIL] |
    "{43576AD8-60A8-41F9-98C3-64FD5735952A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{47991CA6-49C8-48C8-8450-CAECCCDC706B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{48C9D6C0-EB1A-4653-990F-EC2674EAFE2F}" = protocol=6 | dir=out | app=system |
    "{54367EF0-1464-4B07-96EF-A5F936C09BA4}" = protocol=17 | dir=in | app=c:\program files (x86)\goforfiles\goforfiles.exe |
    "{7580CBE5-B69B-400C-9FC1-9E67837A8D39}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{7E4523E9-7A2F-4342-B715-2B95CFE5ABBF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{7E9AF205-A982-45B3-B775-F7CBBEBADFAB}" = protocol=6 | dir=in | app=c:\program files (x86)\goforfiles\goforfiles.exe |
    "{8331298C-2F1C-4E77-88C8-9EEC7A192D84}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{84103ADA-04F9-4A20-B587-28D9EE4E5E87}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
    "{88FAA206-5C46-4CFC-B75A-A8FCB550FFE3}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
    "{895B50FE-4D47-4BDB-B7EB-2B7A7699ADBE}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
    "{89C50B6C-A0AF-4A43-9FB5-8FDF1D0F4A88}" = protocol=58 | dir=in | [EMAIL="name=@firewallapi.dll,-28545"]name=@firewallapi.dll,-28545[/EMAIL] |
    "{9466F63C-1AA7-49E2-902C-DCAB0294F315}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{9609E591-D814-4BB8-9760-218D6667EEED}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{9AE206B4-3D32-4146-AE64-14CC74184364}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{A1CAF734-DA4E-4514-BC53-FC3DE61EA95A}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
    "{A279290D-8CD4-4389-A220-D221DE0179DA}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{B0067110-42D3-4FB3-A2A3-7AB640CF6E44}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{B05CD70E-BEDD-402D-A425-8010DA3225C4}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{B8106AF7-00E8-40FD-AA80-5C605C42B236}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
    "{BA1E6E25-AF91-4F0B-89AE-413894A29DF9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
    "{BADF66D4-7252-4E10-9141-E0BD123A7E2E}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
    "{C0523901-4D5A-4318-B57C-425DCC4C9796}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{C80B599C-6462-4CD1-8F36-9725DA74D025}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
    "{D3F2974E-D987-419B-BD5B-3E6AF9D19B51}" = protocol=17 | dir=in | app=c:\program files (x86)\goforfiles\goforfilesdl.exe |
    "{DF78476B-8673-4AD8-85A2-5CA9A3B0BBD2}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
    "{DFDB74D5-E079-4167-814E-5ED826CC064E}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
    "{E02F1962-A618-4375-BA24-DB836C3708E2}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{F9DC7E62-ACDC-472E-AA98-2D3A4467A84E}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
    "{FB0B40AC-817B-43AB-BF81-7C03723139F2}" = protocol=1 | dir=in | [EMAIL="name=@firewallapi.dll,-28543"]name=@firewallapi.dll,-28543[/EMAIL] |
    "TCP Query User{39C2B97A-DA9F-4A35-9484-10FE9102D677}C:\users\paulo\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\paulo\appdata\roaming\spotify\spotify.exe |
    "UDP Query User{93BB405F-E5CF-4BF9-8C40-F9E99BAE6C9C}C:\users\paulo\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\paulo\appdata\roaming\spotify\spotify.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{0E5D76AD-A3FB-48D5-8400-8903B10317D3}" = iTunes
    "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
    "{26A24AE4-039D-4CA4-87B4-2F86416020FF}" = Java(TM) 6 Update 20 (64-bit)
    "{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
    "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
    "{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
    "{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
    "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
    "{C73A3942-84C8-4597-9F9B-EE227DCBA758}" = Dell Dock
    "{D0CB24F4-084F-40DE-B6B9-A03626E682F0}" = iCloud
    "{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
    "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
    "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
    "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
    "DW WLAN Card" = DW WLAN Card
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "SynTPDeinstKey" = Synaptics Pointing Device Driver

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}" = Microsoft Visual C++ 2005 Redistributable
    "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
    "{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}" = Dell DataSafe Online
    "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
    "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
    "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
    "{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 33
    "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
    "{3364BD16-5A28-4862-86A1-A8FF5FD23919}" = Music Rescue
    "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
    "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
    "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
    "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
    "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
    "{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
    "{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
    "{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
    "{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
    "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
    "{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
    "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
    "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
    "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
    "{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn
    "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
    "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
    "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
    "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
    "{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2
    "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
    "{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
    "{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn
    "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
    "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
    "{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
    "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
    "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
    "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
    "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
    "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
    "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
    "{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
    "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
    "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
    "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
    "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
    "conduitEngine" = Conduit Engine
    "Dell Dock" = Dell Dock
    "Dell Webcam Central" = Dell Webcam Central
    "K7AntiVirus Plus" = K7AntiVirus Plus
    "Nike+ Connect" = Nike+ Connect
    "Office14.Click2Run" = Microsoft Office Click-to-Run 2010
    "uTorrent" = µTorrent
    "uTorrentBar Toolbar" = uTorrentBar Toolbar
    "VLC media player" = VLC media player 1.1.4
    "WinLiveSuite" = Windows Live Essentials
    "WinRAR archiver" = WinRAR archiver

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Spotify" = Spotify

    ========== Last 20 Event Log Errors ==========

    [ Application Events ]
    Error - 8/5/2013 3:15:35 PM | Computer Name = Paulo-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 2714

    Error - 8/5/2013 3:15:41 PM | Computer Name = Paulo-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: Continuously busy for more than a second

    Error - 8/5/2013 3:15:41 PM | Computer Name = Paulo-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledEvent 9219

    Error - 8/5/2013 3:15:41 PM | Computer Name = Paulo-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 9219

    Error - 8/5/2013 3:15:50 PM | Computer Name = Paulo-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: Continuously busy for more than a second

    Error - 8/5/2013 3:15:50 PM | Computer Name = Paulo-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledEvent 18439

    Error - 8/5/2013 3:15:50 PM | Computer Name = Paulo-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 18439

    Error - 8/11/2013 2:27:01 PM | Computer Name = Paulo-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: Continuously busy for more than a second

    Error - 8/11/2013 2:27:01 PM | Computer Name = Paulo-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledEvent 2296335

    Error - 8/11/2013 2:27:01 PM | Computer Name = Paulo-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 2296335

    [ Dell Events ]
    Error - 7/20/2011 4:14:28 PM | Computer Name = Paulo-PC | Source = DataSafe | ID = 17
    Description = The process was interrupted before completion.

    [ Media Center Events ]
    Error - 11/5/2010 3:59:17 PM | Computer Name = Paulo-PC | Source = MCUpdate | ID = 0
    Description = 19:59:16 - Error connecting to the internet. 19:59:17 - Unable
    to contact server..

    Error - 11/5/2010 3:59:29 PM | Computer Name = Paulo-PC | Source = MCUpdate | ID = 0
    Description = 19:59:22 - Error connecting to the internet. 19:59:22 - Unable
    to contact server..

    Error - 11/5/2010 4:59:36 PM | Computer Name = Paulo-PC | Source = MCUpdate | ID = 0
    Description = 20:59:36 - Error connecting to the internet. 20:59:36 - Unable
    to contact server..

    Error - 11/5/2010 4:59:42 PM | Computer Name = Paulo-PC | Source = MCUpdate | ID = 0
    Description = 20:59:41 - Error connecting to the internet. 20:59:41 - Unable
    to contact server..

    Error - 11/5/2010 5:59:54 PM | Computer Name = Paulo-PC | Source = MCUpdate | ID = 0
    Description = 21:59:54 - Error connecting to the internet. 21:59:54 - Unable
    to contact server..

    Error - 11/5/2010 6:00:03 PM | Computer Name = Paulo-PC | Source = MCUpdate | ID = 0
    Description = 21:59:59 - Error connecting to the internet. 21:59:59 - Unable
    to contact server..

    Error - 11/5/2010 7:00:16 PM | Computer Name = Paulo-PC | Source = MCUpdate | ID = 0
    Description = 23:00:15 - Error connecting to the internet. 23:00:15 - Unable
    to contact server..

    Error - 11/5/2010 7:00:25 PM | Computer Name = Paulo-PC | Source = MCUpdate | ID = 0
    Description = 23:00:21 - Error connecting to the internet. 23:00:21 - Unable
    to contact server..

    Error - 11/24/2010 4:55:06 PM | Computer Name = Paulo-PC | Source = MCUpdate | ID = 0
    Description = 20:55:06 - Error connecting to the internet. 20:55:06 - Unable
    to contact server..

    Error - 11/24/2010 4:55:15 PM | Computer Name = Paulo-PC | Source = MCUpdate | ID = 0
    Description = 20:55:11 - Error connecting to the internet. 20:55:11 - Unable
    to contact server..

    [ System Events ]
    Error - 9/1/2013 4:32:27 AM | Computer Name = Paulo-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
    Description = Installation Failure: Windows failed to install the following update
    with error 0x80070643: Windows 7 Service Pack 1 for x64-based Systems (KB976932).

    Error - 9/1/2013 10:04:41 PM | Computer Name = Paulo-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
    Description = Installation Failure: Windows failed to install the following update
    with error 0x800b0100: Windows 7 Service Pack 1 for x64-based Systems (KB976932).

    Error - 9/3/2013 3:45:45 AM | Computer Name = Paulo-PC | Source = Microsoft-Windows-Service Pack Installer | ID = 6
    Description = The Service Pack cannot be installed when the computer is running
    on battery power.

    Error - 9/3/2013 3:45:45 AM | Computer Name = Paulo-PC | Source = Microsoft-Windows-Service Pack Installer | ID = 8
    Description = Service Pack installation failed with error code 0x800f0829.

    Error - 9/3/2013 3:45:55 AM | Computer Name = Paulo-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
    Description = Installation Failure: Windows failed to install the following update
    with error 0x80070643: Windows 7 Service Pack 1 for x64-based Systems (KB976932).

    Error - 9/3/2013 10:40:19 PM | Computer Name = Paulo-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
    Description = Installation Failure: Windows failed to install the following update
    with error 0x800b0100: Windows 7 Service Pack 1 for x64-based Systems (KB976932).

    Error - 9/4/2013 5:45:43 PM | Computer Name = Paulo-PC | Source = Service Control Manager | ID = 7006
    Description = The ScRegSetValueExW call failed for Start with the following error:
    %%5

    Error - 9/4/2013 5:45:43 PM | Computer Name = Paulo-PC | Source = Service Control Manager | ID = 7006
    Description = The ScRegSetValueExW call failed for Start with the following error:
    %%5

    Error - 9/4/2013 5:45:43 PM | Computer Name = Paulo-PC | Source = Service Control Manager | ID = 7006
    Description = The ScRegSetValueExW call failed for Start with the following error:
    %%5

    Error - 9/4/2013 5:45:43 PM | Computer Name = Paulo-PC | Source = Service Control Manager | ID = 7006
    Description = The ScRegSetValueExW call failed for Start with the following error:
    %%5


    < End of report >


  • Registered Users, Registered Users 2 Posts: 840 ✭✭✭jsa112


    not seeing much


    download adwcleaner, run it and post its log

    http://www.bleepingcomputer.com/download/adwcleaner/


    download malwarebytes update it, run a quick scan post that log too

    http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 43 IntoYourSister


    Sorry. I should have said that before i did what you said i ran some other program that was recommended based on a google search and that seems to have done the trick.

    My only problem now is that when i go a Google search i'm getting a lot of Google ads at the start of the my search results.

    Can this be stopped?

    Thanks again for your help.


  • Registered Users, Registered Users 2 Posts: 840 ✭✭✭jsa112


    do the above steps anyway, they should help


Advertisement