BullGuard
 HomeLog InRegisterCommunity CalendarSearch the ForumView The Member ListHelp
Slow Internet Connection
   
BullGuard Antivirus Forum > Virus Removal > Removal Help > Slow Internet Connection  
Forum Quick Jump
 
New Topic Post reply to : Slow Internet Connection Printable version of : Slow Internet Connection
29 posts in this thread.
Viewing Page :
 1  2 
[ << Previous Thread | Next Thread >> ]

Steelstring13
New Member


Date Joined Jun 2013
Total Posts : 14
 
   Posted 6/15/2013 10:32 AM (GMT +3)    Quote: Slow Internet ConnectionAlert an admin about: Slow Internet Connection
Hello,

I have recently had quite a few issues with my internet lately. At first I thought it was my Internet Provider, but after using a few other devices (phones, Ipads) and seeing that they can easily connect through our router to browse I realized it must be something on my actual PC. I have run scans with Norton as well as CCleaner, MalwareBytes and only picked up browser cookies for deletion. I think I may have some kind of virus or malware on my computer but am really unsure.

I can browse most sites with no slowing down issues or anything. Though when I use a google search or connect to ANY online game my computer's connection speed chugs so slowly.

I have used these Bullguard forums in the past (few years ago) and you guys fixed my problem so professionally. I'm getting desperate now and have no clue on what to do.

Thank you in advance for your help.


Logfile of HijackThis v1.99.1
Scan saved at 5:11:34 PM, on 15/06/2013
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v10.0 (10.00.9200.16611)

Running processes:
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Norton Utilities 14\RMTray.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
F:\Users\Chris\Downloads\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?ptr=100&crg=3.1010000.10039&barid={F43E38D7-CF58-11E2-BE19-4C72B997E360}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.3.19\coIEPlg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.3.19\coIEPlg.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\coIEPlg.dll
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [IntelSBA] C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\SBALaunchDelay.exe "C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe -minimized" 60
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [DisplayFusion] "C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe"
O4 - HKCU\..\Run: [NortonUtilities] C:\Program Files (x86)\Norton Utilities 14\RMTray.exe /S
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\bonjour\mdnsnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O11 - Options group: [INTERNATIONAL] International
O13 - Gopher Prefix:
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc (file missing)
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: Intel(R) Small Business Advantage - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Norton Identity Safe (NCO) - Unknown owner - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.3.19\ccSvcHst.exe" /s "NCO" /m "C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.3.19\diMaster.dll" /prefetch:1 (file missing)
O23 - Service: NetBalancerService - SeriousBit - C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Unknown owner - C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\diMaster.dll" /prefetch:1 (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe (file missing)
Back to Top
 

Steelstring13
New Member


Date Joined Jun 2013
Total Posts : 14
 
   Posted 6/15/2013 10:39 AM (GMT +3)    Quote: Slow Internet ConnectionAlert an admin about: Slow Internet Connection
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.06.14.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16614
Chris :: CHRIS-PC [administrator]

15/06/2013 1:47:10 PM
mbam-log-2013-06-15 (13-47-10).txt

Scan type: Full scan (C:\|D:\|E:\|F:\|G:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 677670
Time elapsed: 1 hour(s), 34 minute(s), 29 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16611 BrowserJavaVersion: 10.21.2
Run by Chris at 17:17:58 on 2013-06-15
Microsoft Windows 7 Ultimate N 6.1.7601.1.1252.61.1033.18.8142.5369 [GMT 10:00]
.
AV: Norton Internet Security *Enabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: Norton Internet Security *Enabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
C:\Windows\system32\IProsetMonitor.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.3.19\ccSvcHst.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe
C:\Windows\Explorer.EXE
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.3.19\ccSvcHst.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe
C:\Program Files (x86)\Norton Utilities 14\RMTray.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\DisplayFusion\DisplayFusionHookx86.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe
C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\msiexec.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.com/
mStart Page = hxxp://home.sweetim.com/?ptr=100&crg=3.1010000.10039&barid={F43E38D7-CF58-11E2-BE19-4C72B997E360}
mWinlogon: Userinit = userinit.exe,
BHO: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\CoIEPlg.dll
BHO: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\IPSBHO.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Norton Identity Protection: {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.3.19\CoIEPlg.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Norton Identity Safe Toolbar: {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.3.19\CoIEPlg.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\CoIEPlg.dll
uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
uRun: [DisplayFusion] "C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe"
uRun: [NortonUtilities] C:\Program Files (x86)\Norton Utilities 14\RMTray.exe /S
mRun: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
mRun: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
mRun: [IntelSBA] C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\SBALaunchDelay.exe "C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe -minimized" 60
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
dRun: [Exetender] "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
TCP: NameServer = 10.0.0.138
TCP: Interfaces\{CA30882D-7DFF-4007-9B30-C4C94A292333} : DHCPNameServer = 10.0.0.138
TCP: Interfaces\{CA30882D-7DFF-4007-9B30-C4C94A292333}\4556C637472716739373536453F5548545 : DHCPNameServer = 10.0.0.138
TCP: Interfaces\{CA30882D-7DFF-4007-9B30-C4C94A292333}\77962756C6563737 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{CA30882D-7DFF-4007-9B30-C4C94A292333}\8496D4963627F6 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{CA30882D-7DFF-4007-9B30-C4C94A292333}\E4544574541425F5548545 : DHCPNameServer = 192.168.1.250
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2013-2-25 16152]
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NISx64\1100000.088\SymDS64.sys [2013-6-15 433200]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NISx64\1100000.088\SymEFA64.sys [2013-6-15 217136]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20090829.001\BHDrvx64.sys [2013-6-15 641584]
R1 ccHP;Symantec Hash Provider;C:\Windows\System32\drivers\NISx64\1100000.088\ccHPx64.sys [2013-6-15 615040]
R1 ccSet_NST;Norton Identity Safe Settings Manager;C:\Windows\System32\drivers\NSTx64\7DD03030.013\ccSetx64.sys [2013-6-15 168096]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20090828.002\IDSVia64.sys [2013-6-15 467504]
R1 nbdrv;NetBalancer LightWeight Filter;C:\Windows\System32\drivers\nbdrv.sys [2013-4-18 41392]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NISx64\1100000.088\Ironx64.sys [2013-6-15 146992]
R1 SYMTDIV;Symantec Vista Network Dispatch Driver;C:\Windows\System32\drivers\NISx64\1100000.088\symtdiv.sys [2013-6-15 450608]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-3-12 13592]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-2-2 628448]
R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-2-25 128280]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2013-2-26 189608]
R2 Intel(R) Small Business Advantage;Intel(R) Small Business Advantage;C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [2013-2-26 49376]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2013-2-25 161560]
R2 NCO;Norton Identity Safe;C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.3.19\ccSvcHst.exe [2013-6-15 144520]
R2 NetBalancerService;NetBalancerService;C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe [2013-4-18 10752]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe [2013-6-15 126392]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-3-14 383264]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2013-2-25 363800]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2013-2-25 356120]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2013-2-25 787736]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2013-4-17 79360]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-2-25 19456]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2011-4-12 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2013-2-25 29696]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-2-25 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-2-25 30208]
S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2011-4-12 117248]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-2-25 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
.
=============== Created Last 30 ================
.
2013-06-15 06:29:57 168096 ----a-r- C:\Windows\System32\drivers\NSTx64\7DD03030.013\ccSetx64.sys
2013-06-15 06:29:54 -------- d-----w- C:\Windows\System32\drivers\NSTx64\7DD03030.013
2013-06-15 06:29:54 -------- d-----w- C:\Windows\System32\drivers\NSTx64
2013-06-15 06:29:54 -------- d-----w- C:\Program Files (x86)\Norton Identity Safe
2013-06-15 06:20:06 -------- d-----w- C:\Windows\pss
2013-06-15 06:15:03 -------- d-----w- C:\Users\Chris\AppData\Roaming\Norton Utilities 14
2013-06-15 06:10:29 880640 ----a-w- C:\Windows\SysWow64\UniBox10.ocx
2013-06-15 06:10:29 212992 ----a-w- C:\Windows\SysWow64\UniBoxVB12.ocx
2013-06-15 06:10:29 1101824 ----a-w- C:\Windows\SysWow64\UniBox210.ocx
2013-06-15 06:09:25 -------- d-----w- C:\ProgramData\Norton Installer
2013-06-15 06:08:58 506368 ----a-w- C:\Windows\SysWow64\msxml.dll
2013-06-15 06:08:57 -------- d-----w- C:\Program Files (x86)\Norton Utilities 14
2013-06-15 03:37:52 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-06-15 03:37:52 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-14 12:58:45 -------- d-----w- C:\Program Files\CCleaner
2013-06-14 10:12:32 -------- d-----w- C:\Program Files (x86)\Battlelog Web Plugins
2013-06-12 10:28:51 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-06-12 10:23:39 751104 ----a-w- C:\Windows\System32\win32spl.dll
2013-06-12 10:23:39 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll
2013-06-12 10:23:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll
2013-06-12 10:23:27 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll
2013-06-12 10:23:22 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2013-06-12 10:23:22 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2013-06-12 10:22:25 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
2013-06-12 10:22:25 52224 ----a-w- C:\Windows\System32\certenc.dll
2013-06-12 10:22:25 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
2013-06-12 10:22:25 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-06-12 10:22:25 1464320 ----a-w- C:\Windows\System32\crypt32.dll
2013-06-12 10:22:25 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-06-12 10:22:25 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2013-06-12 10:22:25 1192448 ----a-w- C:\Windows\System32\certutil.exe
2013-06-12 10:22:25 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-06-12 10:22:25 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-06-12 10:22:09 1887232 ----a-w- C:\Windows\System32\d3d11.dll
2013-06-12 10:22:09 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll
2013-06-10 10:45:28 -------- d-----w- C:\Users\Chris\AppData\Local\CRE
2013-06-10 10:33:37 -------- d-----w- C:\Users\Chris\jagexcache1
2013-06-07 10:14:49 -------- d-----w- C:\Program Files (x86)\Asoftech
2013-06-07 10:08:32 634880 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\iKernel.dll
2013-06-07 10:08:32 57344 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\ctor.dll
2013-06-07 10:08:32 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\DotNetInstaller.exe
2013-06-07 10:08:32 270468 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\Setup.dll
2013-06-07 10:08:32 237568 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\iscript.dll
2013-06-07 10:08:32 159876 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\IGdi.dll
2013-06-07 10:08:32 151552 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\iuser.dll
2013-06-07 10:03:14 -------- d-----w- C:\Users\Chris\AppData\Local\Bundled software uninstaller
2013-06-07 09:59:38 -------- d-----w- C:\Windows\SysWow64\WNLT
2013-06-07 09:46:55 -------- d-----w- C:\Users\Chris\AppData\Local\KSafe
2013-06-07 09:45:55 -------- d-----w- C:\Users\Chris\AppData\Roaming\kingsoft
2013-06-07 09:45:52 -------- d-----w- C:\ProgramData\Kingsoft
2013-06-07 09:45:50 -------- d-----w- C:\Program Files (x86)\Kingsoft
2013-06-07 08:47:17 -------- d-----w- C:\Users\Chris\AppData\Roaming\Malwarebytes
2013-06-07 08:47:06 -------- d-----w- C:\ProgramData\Malwarebytes
2013-06-03 13:41:22 -------- d-----w- C:\Users\Chris\AppData\Roaming\asoftech
2013-06-03 13:40:13 -------- d-----w- C:\Program Files (x86)\MyPC Backup
2013-06-02 13:48:19 -------- d-----w- C:\Program Files (x86)\Project64 2.1
2013-05-27 15:05:45 -------- d-----w- C:\Users\Chris\AppData\Roaming\Image-Line
2013-05-27 15:05:44 -------- d-----w- C:\Program Files\Image-Line
2013-05-27 15:05:35 1554944 ----a-w- C:\Windows\SysWow64\vorbis.acm
2013-05-27 15:05:34 -------- d-----w- C:\Users\Chris\AppData\Roaming\FlowStone
2013-05-27 15:05:34 -------- d-----w- C:\Program Files (x86)\DSPRobotics
2013-05-27 12:46:30 -------- d-----w- C:\Program Files (x86)\Common Files\digidesign
2013-05-27 11:51:56 86016 ----a-w- C:\Windows\unvise32.exe
2013-05-26 12:39:39 -------- d-----w- C:\Users\Chris\AppData\Roaming\NetBeans
2013-05-26 12:39:39 -------- d-----w- C:\Users\Chris\AppData\Local\NetBeans
2013-05-26 12:32:43 -------- d-----w- C:\Program Files (x86)\NetBeans 7.3
2013-05-22 12:11:15 -------- d-s---w- C:\Users\Chris\Google Drive
2013-05-21 14:27:55 -------- d-----w- C:\Users\Chris\jagexcache
2013-05-18 07:28:56 -------- d-----w- C:\Users\Chris\AppData\Roaming\FAHClient
2013-05-16 14:13:04 -------- d-----w- C:\Users\Chris\AppData\Local\Mumble
2013-05-16 10:27:08 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2013-05-16 10:27:08 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2013-05-16 10:27:08 144384 ----a-w- C:\Windows\System32\cdd.dll
2013-05-16 10:26:48 1930752 ----a-w- C:\Windows\System32\authui.dll
2013-05-16 10:26:47 70144 ----a-w- C:\Windows\System32\appinfo.dll
2013-05-16 10:26:47 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
2013-05-16 10:26:47 111448 ----a-w- C:\Windows\System32\consent.exe
2013-05-16 10:26:31 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll
2013-05-16 10:26:31 230400 ----a-w- C:\Windows\System32\wwansvc.dll
2013-05-16 10:26:28 3153920 ----a-w- C:\Windows\System32\win32k.sys
.
==================== Find3M ====================
.
2013-06-15 06:44:28 173104 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2013-06-15 03:23:07 291088 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2013-06-15 03:23:07 291088 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2013-06-15 03:22:54 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2013-06-12 01:12:55 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-12 01:12:55 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-05-17 01:25:57 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-05-17 01:25:27 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-05-17 01:25:26 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-05-17 01:25:26 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-05-17 00:59:03 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-05-17 00:58:10 3958784 ----a-w- C:\Windows\System32\jscript9.dll
2013-05-17 00:58:08 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-05-17 00:58:08 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-05-14 13:14:01 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-05-14 12:23:25 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-05-14 09:23:31 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-05-14 08:40:13 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-05-04 11:53:12 466456 ----a-w- C:\Windows\System32\wrap_oal.dll
2013-05-04 11:53:12 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll
2013-05-04 11:53:12 122904 ----a-w- C:\Windows\System32\OpenAL32.dll
2013-05-04 11:53:12 109080 ----a-w- C:\Windows\SysWow64\OpenAL32.dll
2013-04-28 02:33:22 231376 ----a-w- C:\Windows\System32\drivers\truecrypt.sys
2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2013-04-03 19:35:05 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-03-19 08:29:08 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-03-19 08:29:08 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-03-19 06:04:06 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-03-19 05:46:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2013-03-19 05:04:13 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04:10 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47:50 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll
2013-03-19 03:06:33 112640 ----a-w- C:\Windows\System32\smss.exe
2013-03-17 09:07:43 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
.
============= FINISH: 17:18:10.23 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate N
Boot Device: \Device\HarddiskVolume1
Install Date: 25/02/2013 11:51:00 AM
System Uptime: 15/06/2013 4:31:06 PM (1 hours ago)
.
Motherboard: Intel Corporation | | DB75EN
Processor: Intel(R) Core(TM) i5-3330 CPU @ 3.00GHz | CPU 1 | 3001/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 119 GiB total, 25.866 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is FIXED (NTFS) - 233 GiB total, 105.104 GiB free.
G: is FIXED (NTFS) - 699 GiB total, 457.692 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: X5XSEx_Pr143
Device ID: ROOT\LEGACY_X5XSEX_PR143\0000
Manufacturer:
Name: X5XSEx_Pr143
PNP Device ID: ROOT\LEGACY_X5XSEX_PR143\0000
Service: X5XSEx_Pr143
.
==== System Restore Points ===================
.
RP122: 13/06/2013 12:42:18 AM - Windows Update
RP123: 13/06/2013 9:02:08 PM - Windows Update
RP124: 13/06/2013 10:21:08 PM - TrueCrypt uninstallation
RP125: 13/06/2013 10:21:51 PM - Removed SweetIM for Messenger 3.7
RP126: 14/06/2013 8:43:19 PM - Norton 360 Registry Clean
RP127: 15/06/2013 4:16:16 PM - Made by Norton Utilities
RP128: 15/06/2013 4:18:23 PM - Made by Norton Utilities
.
==== Installed Programs ======================
.
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.7)
Antichamber
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ASIO4ALL
µTorrent
Audacity 2.0.3
AutoMe
Battlefield 3™
Battlelog Web Plugins
Bonjour
Borderlands 2
CCleaner
Curse Client
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DisplayFusion 3.1.6
DLC Quest
Droid Assault
Dust: An Elysian Tail
EDGE
ESN Sonar
Evoland
Far Cry® 3
Far Cry® 3 Blood Dragon
FEZ
FL Studio 11
FlowStone FL 3.0
Fraps (remove only)
G-Force
GameSpy Comrade
GIMP 2.8.4
Google Chrome
Google Drive
Google Update Helper
Hardcore
Hydra VSTi/DXi v1.2
IL Download Manager
IL Shared Libraries
Intel(R) Control Center
Intel(R) Desktop Utilities
Intel(R) Integrator Toolkit 5
Intel(R) Manageability Engine Firmware Recovery Agent
Intel(R) Management Engine Components
Intel(R) Network Connections 16.8.46.0
Intel(R) Rapid Storage Technology
Intel(R) Small Business Advantage
Intel(R) Update Manager
Intel(R) USB 3.0 eXtensible Host Controller Driver
Intel® Trusted Connect Service Client
iTunes
Java 7 Update 21
Java Auto Updater
Java SE Development Kit 7 Update 21
Malwarebytes Anti-Malware version 1.75.0.1300
Mark of the Ninja
Microsoft .NET Framework 1.1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft Application Error Reporting
Microsoft Games for Windows - LIVE Redistributable
Microsoft Help Viewer 1.0
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2008 R2 Management Objects
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft SQL Server Compact 3.5 SP2 x64 ENU
Microsoft SQL Server System CLR Types
Microsoft Visual C# 2010 Express - ENU
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU
Microsoft XNA Framework Redistributable 3.1
Microsoft XNA Framework Redistributable 4.0
Microsoft XNA Framework Redistributable 4.0 Refresh
Microsoft XNA Game Studio 4.0
Microsoft XNA Game Studio 4.0 (ARP entry)
Microsoft XNA Game Studio 4.0 (Redists)
Microsoft XNA Game Studio 4.0 (Shared Components)
Microsoft XNA Game Studio 4.0 (Visual Studio)
Microsoft XNA Game Studio 4.0 (XnaLiveProxy)
Microsoft XNA Game Studio 4.0 Documentation
Microsoft XNA Game Studio Platform Tools
Mozilla Maintenance Service
MSVCRT Redists
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
Mumble 1.2.3
My Game Long Name
NetBalancer
NetBeans IDE 7.3
Norton Identity Safe
Norton Internet Security
Norton Utilities
NVIDIA 3D Vision Controller Driver 314.22
NVIDIA 3D Vision Driver 314.22
NVIDIA Control Panel 314.22
NVIDIA Graphics Driver 314.22
NVIDIA HD Audio Driver 1.3.23.1
NVIDIA Install Application
NVIDIA PhysX
NVIDIA PhysX System Software 9.12.1031
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 1.12.12
NVIDIA Update Components
Ohm Force - Ohmicide VST
OpenAL
Origin
PoiZone
Project 64 version 2.1.0.1
Puddle
PunkBuster Services
Realtek High Definition Audio Driver
Reus
RUSH
Sawer
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition
Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition
Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition
Security Update for Microsoft Visual C# 2010 Express - ENU (KB2251489)
Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
Simple Shutdown Timer
Symphony
They Bleed Pixels
Toki Tori
Toxic Biohazard
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Uplay
Vegas Pro 12.0 (64-bit)
Virtual DJ Pro Full - Atomix Productions
VirtualCloneDrive
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
Visual Studio 2010 x64 Redistributables
VLC media player 2.0.5
Waves Diamond Bundle v5.2
Winamp
Winamp Detector Plug-in
WinRAR 4.20 (64-bit)
.
==== Event Viewer Messages From Past Week ========
.
15/06/2013 4:33:16 PM, Error: Service Control Manager [7038] - The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: Logon failure: the specified account password has expired. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
15/06/2013 4:33:16 PM, Error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The service did not start due to a logon failure.
15/06/2013 4:31:13 PM, Error: Service Control Manager [7000] - The X5XSEx_Pr143 service failed to start due to the following error: The system cannot find the path specified.
15/06/2013 4:23:28 PM, Error: VDS Basic Provider - Unexpected failure. Error code: 490@01010004
14/06/2013 9:59:46 PM, Error: Service Control Manager [7000] - The DisplayFusionService service failed to start due to the following error: The system cannot find the file specified.
13/06/2013 12:42:56 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070002: Windows Malicious Software Removal Tool x64 - June 2013 (KB890830).
12/06/2013 11:03:56 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
12/06/2013 11:03:56 PM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12975
 
   Posted 6/16/2013 2:53 AM (GMT +3)    Quote: Slow Internet ConnectionAlert an admin about: Slow Internet Connection
Hi  Steelstring13    smile
 
 
 
Download OTL by OldTimer, saving it to your desktop: http://oldtimer.geekstogo.com/OTL.exe
 
 
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select All Users
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
 
 
Post both logs


Please read:  Forum Rules
Click here:   Before-posting-a-log
 
Do not PM me with logfiles. They will be deleted. 

 

Back to Top
 

Steelstring13
New Member


Date Joined Jun 2013
Total Posts : 14
 
   Posted 6/16/2013 5:05 AM (GMT +3)    Quote: Slow Internet ConnectionAlert an admin about: Slow Internet Connection
Hello Touch,

I believe you're the person who sorted me out last time :)

OTL logfile created on: 16/06/2013 11:59:19 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = F:\Users\Chris\Downloads
64bit- Ultimate Edition N Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000c09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

7.95 Gb Total Physical Memory | 5.47 Gb Available Physical Memory | 68.84% Memory free
19.87 Gb Paging File | 17.28 Gb Available in Paging File | 86.96% Paging File free
Paging file location(s): g:\pagefile.sys 12211 12211 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119.14 Gb Total Space | 23.27 Gb Free Space | 19.53% Space Free | Partition Type: NTFS
Drive F: | 232.88 Gb Total Space | 104.95 Gb Free Space | 45.07% Space Free | Partition Type: NTFS
Drive G: | 698.54 Gb Total Space | 457.69 Gb Free Space | 65.52% Space Free | Partition Type: NTFS

Computer Name: CHRIS-PC | User Name: Chris | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/06/16 11:55:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- F:\Users\Chris\Downloads\OTL.exe
PRC - [2013/05/29 15:27:40 | 000,825,808 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/05/10 17:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/16 16:10:44 | 019,662,744 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
PRC - [2013/03/17 19:07:43 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013/03/14 21:07:46 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/12/24 14:33:30 | 000,144,520 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.3.19\ccSvcHst.exe
PRC - [2012/06/29 01:40:52 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe
PRC - [2012/02/27 12:02:16 | 004,243,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe
PRC - [2012/02/27 12:01:00 | 000,049,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe
PRC - [2012/02/07 20:05:04 | 000,363,800 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012/02/07 20:05:04 | 000,277,784 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012/02/07 20:04:54 | 000,128,280 | R--- | M] () -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2012/02/07 20:04:44 | 000,161,560 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/01/27 03:40:44 | 000,291,608 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2011/11/29 19:04:56 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/11/29 19:04:54 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/02/26 10:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\17.7.0.12\ccsvchst.exe
PRC - [2009/11/29 01:09:32 | 000,092,848 | ---- | M] (Binary Fortress Software) -- C:\Program Files (x86)\DisplayFusion\DisplayFusionHookx86.exe
PRC - [2009/09/14 10:53:32 | 000,279,912 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Utilities 14\RMTray.exe


========== Modules (No Company Name) ==========

MOD - [2013/06/16 11:54:42 | 001,175,040 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\wx._core_.pyd
MOD - [2013/06/16 11:54:42 | 001,153,024 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\_ssl.pyd
MOD - [2013/06/16 11:54:42 | 001,062,400 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\wx._controls_.pyd
MOD - [2013/06/16 11:54:42 | 001,022,416 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\windows._cacheinvalidation.pyd
MOD - [2013/06/16 11:54:42 | 000,811,008 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\wx._windows_.pyd
MOD - [2013/06/16 11:54:42 | 000,805,888 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\wx._gdi_.pyd
MOD - [2013/06/16 11:54:42 | 000,735,232 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\wx._misc_.pyd
MOD - [2013/06/16 11:54:42 | 000,711,680 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\_hashlib.pyd
MOD - [2013/06/16 11:54:42 | 000,686,080 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\unicodedata.pyd
MOD - [2013/06/16 11:54:42 | 000,557,056 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\pysqlite2._sqlite.pyd
MOD - [2013/06/16 11:54:42 | 000,364,544 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\pythoncom27.dll
MOD - [2013/06/16 11:54:42 | 000,320,512 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\win32com.shell.shell.pyd
MOD - [2013/06/16 11:54:42 | 000,128,512 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\_elementtree.pyd
MOD - [2013/06/16 11:54:42 | 000,127,488 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\pyexpat.pyd
MOD - [2013/06/16 11:54:42 | 000,122,368 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\wx._wizard.pyd
MOD - [2013/06/16 11:54:42 | 000,119,808 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\win32file.pyd
MOD - [2013/06/16 11:54:42 | 000,110,080 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\PyWinTypes27.dll
MOD - [2013/06/16 11:54:42 | 000,108,544 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\win32security.pyd
MOD - [2013/06/16 11:54:42 | 000,098,816 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\win32api.pyd
MOD - [2013/06/16 11:54:42 | 000,087,040 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\_ctypes.pyd
MOD - [2013/06/16 11:54:42 | 000,070,656 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\wx._html2.pyd
MOD - [2013/06/16 11:54:42 | 000,044,032 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\_socket.pyd
MOD - [2013/06/16 11:54:42 | 000,038,912 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\win32inet.pyd
MOD - [2013/06/16 11:54:42 | 000,035,840 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\win32process.pyd
MOD - [2013/06/16 11:54:42 | 000,026,624 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\_multiprocessing.pyd
MOD - [2013/06/16 11:54:42 | 000,025,600 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\win32pdh.pyd
MOD - [2013/06/16 11:54:42 | 000,022,528 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\win32ts.pyd
MOD - [2013/06/16 11:54:42 | 000,018,432 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\win32event.pyd
MOD - [2013/06/16 11:54:42 | 000,017,408 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\win32profile.pyd
MOD - [2013/06/16 11:54:42 | 000,011,264 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\win32crypt.pyd
MOD - [2013/06/16 11:54:42 | 000,010,240 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\select.pyd
MOD - [2013/05/29 15:27:38 | 000,393,168 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ppgooglenaclpluginchrome.dll
MOD - [2013/05/29 15:27:35 | 004,051,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\pdf.dll
MOD - [2013/05/29 15:26:40 | 000,599,504 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\libglesv2.dll
MOD - [2013/05/29 15:26:39 | 000,124,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\libegl.dll
MOD - [2013/05/29 15:26:36 | 001,597,392 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ffmpegsumo.dll
MOD - [2013/05/17 08:32:49 | 000,330,240 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\5b0667dad44a1069048497e7f4ae6f12\System.Management.Instrumentation.ni.dll
MOD - [2013/05/17 08:31:49 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\3c2ed368e1f3889997dfb42a5ca77284\System.Core.ni.dll
MOD - [2013/05/17 08:11:15 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\af525b4bec3b9941b7be8ffbf813da80\PresentationFramework.ni.dll
MOD - [2013/05/17 08:11:07 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll
MOD - [2013/05/17 08:11:01 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7eac0dbe9aa20b55e37235f8ee030e6b\PresentationCore.ni.dll
MOD - [2013/05/17 08:10:54 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\716959df79685a1eae0fc14275a32b0f\WindowsBase.ni.dll
MOD - [2013/05/17 08:10:53 | 000,687,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\23673bbebe3c0ca7c894e614bb3ffd1a\System.Security.ni.dll
MOD - [2013/05/17 08:10:52 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll
MOD - [2013/03/17 13:12:58 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll
MOD - [2013/03/17 13:12:39 | 000,185,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\a7424b1be331f4b534ea24e0c21dbe47\UIAutomationTypes.ni.dll
MOD - [2013/03/17 13:12:39 | 000,060,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\23da92e38ffc0bbf6673adb1892aa0f4\UIAutomationProvider.ni.dll
MOD - [2013/03/17 02:05:43 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\302207b4fa3083899fd8ab4db98cecc5\System.Management.ni.dll
MOD - [2013/03/17 02:05:32 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll
MOD - [2013/03/17 02:05:28 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll
MOD - [2013/03/17 02:05:27 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\389a1832a3da11e1b409cd6ae60cb9fa\IAStorCommon.ni.dll
MOD - [2013/03/17 02:05:25 | 000,487,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\7ffdaee3a54ffd1a5e3b008a5bde5ecf\IAStorUtil.ni.dll
MOD - [2013/03/17 02:05:25 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\7ff638de44686eab4afaa8b3c8a9cfca\System.ServiceProcess.ni.dll
MOD - [2013/03/17 02:05:19 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013/03/17 02:05:17 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013/03/17 02:05:14 | 000,141,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\1ea01658676f73cf48ebde8e904a0464\System.Configuration.Install.ni.dll
MOD - [2013/03/17 02:05:08 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013/03/17 02:05:03 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2013/01/28 12:08:56 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013/01/28 12:08:28 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/05/31 01:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.3.19\wincfi39.dll
MOD - [2012/02/27 12:02:14 | 000,215,264 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\System.ComponentModel.Composition.dll
MOD - [2012/02/27 12:02:10 | 000,051,424 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\Interop.TaskScheduler.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/03/25 20:06:36 | 000,010,752 | ---- | M] (SeriousBit) [Auto | Running] -- C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe -- (NetBalancerService)
SRV:64bit: - [2012/02/02 21:29:52 | 000,628,448 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:64bit: - [2011/11/09 16:38:06 | 000,189,608 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel(R)
SRV:64bit: - [2009/07/14 11:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 11:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/06/12 11:12:56 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/06/07 08:06:24 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/05/10 17:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/17 13:29:05 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2013/03/17 19:07:43 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013/03/15 15:53:06 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/03/14 21:07:46 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013/03/08 17:52:21 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/12/24 14:33:30 | 000,144,520 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.3.19\ccSvcHst.exe -- (NCO)
SRV - [2012/02/27 12:01:00 | 000,049,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe -- (Intel(R)
SRV - [2012/02/07 20:05:04 | 000,363,800 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/02/07 20:05:04 | 000,277,784 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/02/07 20:04:54 | 000,128,280 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R)
SRV - [2012/02/07 20:04:44 | 000,161,560 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2011/11/29 19:04:56 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/26 10:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe -- (NIS)
SRV - [2009/06/11 07:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/06/15 16:44:28 | 000,173,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2013/01/17 00:39:12 | 000,041,392 | ---- | M] (SeriousBit) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\nbdrv.sys -- (nbdrv)
DRV:64bit: - [2012/12/19 15:41:52 | 000,194,488 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012/12/13 12:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/11/16 13:18:04 | 000,168,096 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NSTx64\7DD03030.013\ccSetx64.sys -- (ccSet_NST)
DRV:64bit: - [2012/08/24 00:12:16 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/08/24 00:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/24 00:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/24 00:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/17 17:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/03/01 16:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/27 03:39:34 | 000,787,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012/01/27 03:39:34 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012/01/27 03:39:34 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012/01/11 12:32:28 | 000,358,576 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress)
DRV:64bit: - [2011/11/29 18:40:32 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/03/11 16:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 16:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/01/16 02:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2010/12/17 08:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010/11/21 13:24:16 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010/11/21 13:24:16 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010/11/21 13:24:15 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 13:24:15 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/05/06 14:01:59 | 000,451,120 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\symtdiv.sys -- (SYMTDIv)
DRV:64bit: - [2010/04/29 15:03:51 | 000,150,064 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\ironx64.sys -- (SymIRON)
DRV:64bit: - [2010/04/22 13:02:20 | 000,221,232 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\symefa64.sys -- (SymEFA)
DRV:64bit: - [2010/04/22 12:29:51 | 000,505,392 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2010/04/22 12:29:51 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2010/02/26 10:22:52 | 000,615,040 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\cchpx64.sys -- (ccHP)
DRV:64bit: - [2009/10/16 16:44:56 | 001,309,696 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\P17.sys -- (P17)
DRV:64bit: - [2009/10/05 15:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/08/30 10:17:18 | 000,433,200 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\symds64.sys -- (SymDS)
DRV:64bit: - [2009/08/13 21:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/07/14 11:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 11:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 11:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/11 06:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 06:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 06:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 06:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV - [2013/06/15 18:26:01 | 002,098,776 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20130614.023\ex64.sys -- (NAVEX15)
DRV - [2013/06/15 18:26:01 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2013/06/15 18:26:01 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2013/06/15 18:26:01 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20130614.023\eng64.sys -- (NAVENG)
DRV - [2013/06/14 14:20:38 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20130614.001\IDSviA64.sys -- (IDSVia64)
DRV - [2013/05/31 17:15:28 | 001,393,240 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20130531.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2009/07/14 11:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?ptr=100&crg=3.1010000.10039&barid={F43E38D7-CF58-11E2-BE19-4C72B997E360}
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&ptr=100&q={searchTerms}&crg=3.1010000.10039&barid={F43E38D7-CF58-11E2-BE19-4C72B997E360}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2686758744-1141044052-442096660-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKU\S-1-5-21-2686758744-1141044052-442096660-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ninemsn.com.au/?ocid=iehp
IE - HKU\S-1-5-21-2686758744-1141044052-442096660-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-AU
IE - HKU\S-1-5-21-2686758744-1141044052-442096660-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = DA 23 01 3F 28 13 CE 01 [binary data]
IE - HKU\S-1-5-21-2686758744-1141044052-442096660-1000\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKU\S-1-5-21-2686758744-1141044052-442096660-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&ptr=100&q={searchTerms}&crg=3.1010000.10039&barid={F43E38D7-CF58-11E2-BE19-4C72B997E360}
IE - HKU\S-1-5-21-2686758744-1141044052-442096660-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2686758744-1141044052-442096660-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.4: C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@exent.com/npExentCtl,version=7.0.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: F:\Program Files (x86)\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F04D2D30-776C-4d02-8627-8E4385ECA58D}: C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2013.3.3.19\coFFPlgn\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\ [2013/06/15 16:44:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\ [2013/06/16 11:54:42 | 000,000,000 | ---D | M]

[2013/06/03 23:39:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\Mozilla\Extensions
[2013/05/09 21:53:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com.au/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Intel Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - Extension: Theme Creator = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpelnjfckgfiplcikojhomllgombffc\2.5_0\
CHR - Extension: Google Docs = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: RuneScape = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfgmipjabpfjdgflgbjjpgekdejokfci\2.3.19.11_0\
CHR - Extension: Google Search = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: KB SSL Enforcer = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\flcpelgcagfhfoegekianiofphddckof\2.0.0_0\
CHR - Extension: AdBlock = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.64_0\
CHR - Extension: FVD Video Downloader = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp\5.2.0_0\
CHR - Extension: Reload All Tabs = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpkdnfkjhdkcpimadpdcgapffceacjem\1.2.12_0\
CHR - Extension: MuteTab = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmkbaaijgpppbokgnhhoakihofedkgcc\2.0.2_0\
CHR - Extension: ScriptSafe = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf\1.0.6.13_0\
CHR - Extension: Battlefield 3 = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pagmklehiaheilihklokljahmoihkjni\1_0\
CHR - Extension: Gmail = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/06/11 07:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.7.0.12\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\17.7.0.12\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.7.0.12\coieplg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-2686758744-1141044052-442096660-1000\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [IMSS] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelSBA] C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\SBALaunchDelay.exe (Intel Corporation)
O4 - HKLM..\Run: [P17RunE] C:\Windows\SysWow64\P17RunE.dll (Creative Technology Ltd.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\.DEFAULT..\Run: [Exetender] "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup File not found
O4 - HKU\S-1-5-18..\Run: [Exetender] "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup File not found
O4 - HKU\S-1-5-19..\Run: [Exetender] "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Exetender] "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup File not found
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2686758744-1141044052-442096660-1000..\Run: [DisplayFusion] C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe (Binary Fortress Software)
O4 - HKU\S-1-5-21-2686758744-1141044052-442096660-1000..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKU\S-1-5-21-2686758744-1141044052-442096660-1000..\Run: [NortonUtilities] C:\Program Files (x86)\Norton Utilities 14\RMTray.exe (Symantec Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2686758744-1141044052-442096660-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2686758744-1141044052-442096660-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2686758744-1141044052-442096660-1000\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2686758744-1141044052-442096660-1000\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CA30882D-7DFF-4007-9B30-C4C94A292333}: DhcpNameServer = 10.0.0.138
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{0d4929f5-8b71-11e2-b178-4c72b997e360}\Shell - "" = AutoRun
O33 - MountPoints2\{0d4929f5-8b71-11e2-b178-4c72b997e360}\Shell\AutoRun\command - "" = E:\Start.exe
O33 - MountPoints2\{66d01a4c-7eca-11e2-8a23-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{66d01a4c-7eca-11e2-8a23-806e6f6e6963}\Shell\AutoRun\command - "" = D:\EIProcessCaller.exe
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\CTRun\Start.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/06/16 01:43:16 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/06/16 01:43:16 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/06/15 19:27:22 | 000,615,040 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\cchpx64.sys
[2013/06/15 19:27:22 | 000,505,392 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\srtsp64.sys
[2013/06/15 19:27:22 | 000,451,120 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\symtdiv.sys
[2013/06/15 19:27:22 | 000,433,200 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\symds64.sys
[2013/06/15 19:27:22 | 000,221,232 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\symefa64.sys
[2013/06/15 19:27:22 | 000,150,064 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\ironx64.sys
[2013/06/15 19:27:22 | 000,032,304 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\srtspx64.sys
[2013/06/15 19:27:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NISx64\1107000.00C
[2013/06/15 17:16:07 | 000,000,000 | ---D | C] -- f:\Users\Chris\Desktop\Logs
[2013/06/15 16:44:28 | 000,173,104 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2013/06/15 16:44:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2013/06/15 16:44:28 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2013/06/15 16:44:20 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NISx64
[2013/06/15 16:44:19 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
[2013/06/15 16:44:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Internet Security
[2013/06/15 16:29:57 | 000,168,096 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NSTx64\7DD03030.013\ccSetx64.sys
[2013/06/15 16:29:54 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Identity Safe
[2013/06/15 16:29:54 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSTx64
[2013/06/15 16:29:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Identity Safe
[2013/06/15 16:29:54 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSTx64\7DD03030.013
[2013/06/15 16:20:06 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2013/06/15 16:15:03 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Norton Utilities 14
[2013/06/15 16:10:29 | 001,101,824 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\SysWow64\UniBox210.ocx
[2013/06/15 16:10:29 | 000,880,640 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\SysWow64\UniBox10.ocx
[2013/06/15 16:10:29 | 000,212,992 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\SysWow64\UniBoxVB12.ocx
[2013/06/15 16:09:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton Installer
[2013/06/15 16:09:07 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2013/06/15 16:09:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Utilities 14
[2013/06/15 16:08:58 | 000,506,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml.dll
[2013/06/15 16:08:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Utilities 14
[2013/06/15 13:37:52 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/06/15 13:37:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/06/15 13:37:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/06/14 22:58:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013/06/14 22:58:45 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/06/14 20:12:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battlelog Web Plugins
[2013/06/13 22:22:13 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/06/13 00:42:44 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/06/13 00:42:44 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/06/13 00:42:44 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/06/13 00:42:44 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/06/13 00:42:44 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/06/13 00:42:44 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/06/13 00:42:44 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/06/13 00:42:44 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/06/13 00:42:44 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/06/13 00:42:43 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/06/13 00:42:43 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/06/13 00:42:43 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/06/13 00:42:42 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/06/12 20:23:39 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013/06/12 20:23:39 | 000,492,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013/06/12 20:23:27 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptdlg.dll
[2013/06/12 20:23:27 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptdlg.dll
[2013/06/12 20:23:22 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013/06/12 20:22:25 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013/06/12 20:22:25 | 001,192,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe
[2013/06/12 20:22:25 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe
[2013/06/12 20:22:25 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2013/06/12 20:22:25 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll
[2013/06/12 20:22:25 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certenc.dll
[2013/06/12 20:22:09 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013/06/12 20:22:09 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013/06/10 20:45:28 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\CRE
[2013/06/10 20:33:37 | 000,000,000 | ---D | C] -- C:\Users\Chris\jagexcache1
[2013/06/07 20:14:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoMe
[2013/06/07 20:14:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Asoftech
[2013/06/07 20:03:14 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\Bundled software uninstaller
[2013/06/07 19:59:38 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\WNLT
[2013/06/07 19:46:55 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\KSafe
[2013/06/07 19:45:55 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\kingsoft
[2013/06/07 19:45:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Kingsoft
[2013/06/07 19:45:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kingsoft
[2013/06/07 18:47:17 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Malwarebytes
[2013/06/07 18:47:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/06/03 23:41:22 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\asoftech
[2013/06/03 23:40:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyPC Backup
[2013/06/03 23:39:28 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2013/06/02 23:48:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project 64 2.0
[2013/06/02 23:48:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Project64 2.1
[2013/05/28 01:05:45 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Image-Line
[2013/05/28 01:05:44 | 000,000,000 | ---D | C] -- C:\Program Files\Image-Line
[2013/05/28 01:05:35 | 001,554,944 | ---- | C] (HMS http://hp.vector.co.jp/authors/VA012897/) -- C:\Windows\SysWow64\vorbis.acm
[2013/05/28 01:05:34 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\FlowStone
[2013/05/28 01:05:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DSPRobotics
[2013/05/27 22:46:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
[2013/05/27 22:46:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\digidesign
[2013/05/27 22:33:08 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Waves
[2013/05/27 22:33:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves
[2013/05/27 22:03:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synapse Audio
[2013/05/27 21:51:56 | 000,086,016 | ---- | C] (MindVision Software) -- C:\Windows\unvise32.exe
[2013/05/27 21:51:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ohm Force
[2013/05/27 17:59:24 | 000,000,000 | ---D | C] -- C:\Users\Chris\Documents
[2013/05/26 22:39:39 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\NetBeans
[2013/05/26 22:39:39 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\NetBeans
[2013/05/26 22:33:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBeans
[2013/05/26 22:32:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NetBeans 7.3
[2013/05/22 22:11:15 | 000,000,000 | --SD | C] -- C:\Users\Chris\Google Drive
[2013/05/22 22:10:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
[2013/05/22 00:27:55 | 000,000,000 | ---D | C] -- C:\Users\Chris\jagexcache
[2013/05/18 21:24:32 | 000,000,000 | ---D | C] -- f:\Users\Chris\Documents\Reus
[2013/05/18 17:28:56 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\FAHClient
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/06/16 12:00:00 | 000,792,118 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/06/16 12:00:00 | 000,673,088 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/06/16 12:00:00 | 000,129,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/06/16 11:56:44 | 000,020,304 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/06/16 11:56:44 | 000,020,304 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/06/16 11:54:47 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/06/16 11:54:41 | 000,000,828 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
[2013/06/16 11:54:40 | 000,002,489 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2013/06/16 11:54:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/06/16 11:54:34 | 2108,153,855 | -HS- | M] () -- C:\hiberfil.sys
[2013/06/16 11:54:34 | 001,831,158 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\Cat.DB
[2013/06/16 01:29:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/06/16 01:11:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/06/15 18:13:38 | 000,000,222 | ---- | M] () -- f:\Users\Chris\Desktop\Unepic.url
[2013/06/15 16:44:28 | 000,173,104 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2013/06/15 16:44:28 | 000,007,440 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2013/06/15 16:44:28 | 000,000,854 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2013/06/15 16:21:56 | 000,003,072 | ---- | M] () -- C:\Windows\SysWow64\Cache.db
[2013/06/15 16:10:33 | 000,001,048 | ---- | M] () -- C:\Users\Public\Desktop\Norton Utilities.lnk
[2013/06/15 15:53:21 | 000,000,024 | ---- | M] () -- C:\Users\Chris\random.dat
[2013/06/15 15:51:22 | 000,000,044 | ---- | M] () -- C:\Users\Chris\jagex_cl_runescape_LIVE.dat
[2013/06/15 13:37:53 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/06/15 13:23:07 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013/06/15 13:23:07 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013/06/15 13:22:54 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2013/06/14 23:22:20 | 000,002,279 | ---- | M] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/06/14 23:22:20 | 000,002,255 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/06/14 22:58:46 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/06/13 21:58:35 | 000,002,688 | ---- | M] () -- f:\Users\Chris\Desktop\WNetWatcher.cfg
[2013/06/13 21:56:13 | 001,024,000 | ---- | M] () -- f:\Users\Chris\Desktop\PROF_SAVE_body
[2013/06/12 11:41:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
[2013/06/12 11:12:55 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/06/12 11:12:55 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/06/10 20:33:37 | 000,000,045 | ---- | M] () -- C:\Users\Chris\jagex_cl_runescape_LIVE1.dat
[2013/06/09 00:06:58 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/06/08 21:40:02 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/06/07 20:14:57 | 000,000,790 | ---- | M] () -- C:\Users\Public\Desktop\AutoMe.lnk
[2013/06/07 17:49:05 | 000,362,952 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/06/04 01:12:30 | 000,001,351 | ---- | M] () -- f:\Users\Chris\Documents\AutoHotkey.ahk
[2013/06/01 02:01:49 | 000,000,044 | ---- | M] () -- C:\Users\Chris\jagex_cl_oldschool_LIVE.dat
[2013/05/28 21:14:41 | 000,000,202 | ---- | M] () -- f:\Users\Chris\Desktop\Dust An Elysian Tail.url
[2013/05/28 01:06:01 | 000,002,040 | ---- | M] () -- C:\Users\Public\Desktop\FL Studio 11.lnk
[2013/05/26 22:33:43 | 000,002,061 | ---- | M] () -- C:\Users\Public\Desktop\NetBeans IDE 7.3.lnk
[2013/05/24 00:51:07 | 000,010,866 | ---- | M] () -- f:\Users\Chris\Desktop\Shotgun Fire.mp3
[2013/05/24 00:40:05 | 015,862,944 | ---- | M] () -- f:\Users\Chris\Desktop\Level 1.wav
[2013/05/22 22:11:23 | 000,000,973 | ---- | M] () -- f:\Users\Chris\Desktop\GoogleDrive.lnk
[2013/05/22 22:11:23 | 000,000,973 | ---- | M] () -- C:\Users\Chris\Google Drive - Shortcut.lnk
[2013/05/18 21:24:21 | 000,777,586 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/05/18 20:46:38 | 000,000,222 | ---- | M] () -- f:\Users\Chris\Desktop\Reus.url
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/06/16 11:54:27 | 001,831,158 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\Cat.DB
[2013/06/15 19:27:22 | 000,007,829 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\symefa64.cat
[2013/06/15 19:27:22 | 000,007,787 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\symnetv64.cat
[2013/06/15 19:27:22 | 000,007,414 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\srtspx64.cat
[2013/06/15 19:27:22 | 000,007,410 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\srtsp64.cat
[2013/06/15 19:27:22 | 000,007,406 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\symds64.cat
[2013/06/15 19:27:22 | 000,007,402 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\iron.cat
[2013/06/15 19:27:22 | 000,007,368 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\symnet64.cat
[2013/06/15 19:27:22 | 000,007,358 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\cchpx64.cat
[2013/06/15 19:27:22 | 000,003,373 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\symefa.inf
[2013/06/15 19:27:22 | 000,002,793 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\symds.inf
[2013/06/15 19:27:22 | 000,001,838 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\cchpx64.inf
[2013/06/15 19:27:22 | 000,001,473 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\symnetv.inf
[2013/06/15 19:27:22 | 000,001,445 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\symnet.inf
[2013/06/15 19:27:22 | 000,001,437 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\srtsp64.inf
[2013/06/15 19:27:22 | 000,001,421 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\srtspx64.inf
[2013/06/15 19:27:22 | 000,000,771 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\iron.inf
[2013/06/15 19:27:18 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\isolate.ini
[2013/06/15 18:13:38 | 000,000,222 | ---- | C] () -- f:\Users\Chris\Desktop\Unepic.url
[2013/06/15 16:44:28 | 000,007,440 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2013/06/15 16:44:28 | 000,002,489 | ---- | C] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2013/06/15 16:44:28 | 000,000,854 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2013/06/15 16:29:54 | 000,007,611 | R--- | C] () -- C:\Windows\SysNative\drivers\NSTx64\7DD03030.013\ccsetx64.cat
[2013/06/15 16:29:54 | 000,000,853 | R--- | C] () -- C:\Windows\SysNative\drivers\NSTx64\7DD03030.013\ccSetx64.inf
[2013/06/15 16:29:54 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NSTx64\7DD03030.013\isolate.ini
[2013/06/15 16:17:45 | 000,003,072 | ---- | C] () -- C:\Windows\SysWow64\Cache.db
[2013/06/15 16:09:02 | 000,001,048 | ---- | C] () -- C:\Users\Public\Desktop\Norton Utilities.lnk
[2013/06/15 13:37:53 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/06/14 22:58:45 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/06/10 20:33:37 | 000,000,045 | ---- | C] () -- C:\Users\Chris\jagex_cl_runescape_LIVE1.dat
[2013/06/07 20:14:57 | 000,000,790 | ---- | C] () -- C:\Users\Public\Desktop\AutoMe.lnk
[2013/06/04 01:12:30 | 000,001,351 | ---- | C] () -- f:\Users\Chris\Documents\AutoHotkey.ahk
[2013/05/28 21:14:41 | 000,000,202 | ---- | C] () -- f:\Users\Chris\Desktop\Dust An Elysian Tail.url
[2013/05/28 01:06:01 | 000,002,040 | ---- | C] () -- C:\Users\Public\Desktop\FL Studio 11.lnk
[2013/05/28 01:05:43 | 000,002,052 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FL Studio 11.lnk
[2013/05/26 22:33:43 | 000,002,061 | ---- | C] () -- C:\Users\Public\Desktop\NetBeans IDE 7.3.lnk
[2013/05/24 00:51:07 | 000,010,866 | ---- | C] () -- f:\Users\Chris\Desktop\Shotgun Fire.mp3
[2013/05/24 00:39:58 | 015,862,944 | ---- | C] () -- f:\Users\Chris\Desktop\Level 1.wav
[2013/05/22 22:11:31 | 000,000,973 | ---- | C] () -- f:\Users\Chris\Desktop\GoogleDrive.lnk
[2013/05/22 22:11:23 | 000,000,973 | ---- | C] () -- C:\Users\Chris\Google Drive - Shortcut.lnk
[2013/05/22 01:14:29 | 000,000,044 | ---- | C] () -- C:\Users\Chris\jagex_cl_oldschool_LIVE.dat
[2013/05/22 00:27:55 | 000,000,044 | ---- | C] () -- C:\Users\Chris\jagex_cl_runescape_LIVE.dat
[2013/05/22 00:27:55 | 000,000,024 | ---- | C] () -- C:\Users\Chris\random.dat
[2013/05/18 20:46:38 | 000,000,222 | ---- | C] () -- f:\Users\Chris\Desktop\Reus.url
[2013/05/09 21:53:13 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2013/04/25 14:55:30 | 000,021,764 | ---- | C] () -- C:\Users\Chris\AppData\Local\recently-used.xbel
[2013/04/17 13:28:35 | 000,166,912 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2013/04/17 13:28:35 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2013/04/17 13:28:33 | 000,002,177 | ---- | C] () -- C:\Windows\P17EP.ini
[2013/04/17 13:28:33 | 000,001,578 | ---- | C] () -- C:\Windows\P17EPLS.ini
[2013/04/17 13:28:33 | 000,001,489 | ---- | C] () -- C:\Windows\P17EP51.ini
[2013/02/28 19:52:57 | 000,000,093 | ---- | C] () -- C:\Users\Chris\AppData\Local\fusioncache.dat
[2013/02/28 19:51:50 | 000,777,586 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/02/27 13:37:05 | 000,000,641 | ---- | C] () -- C:\Users\Chris\Downloads - Shortcut.lnk
[2013/02/25 20:41:11 | 000,291,088 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013/02/25 20:41:10 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013/02/25 20:41:09 | 000,669,184 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012/07/03 06:11:02 | 000,016,384 | ---- | C] () -- C:\Windows\SysWow64\theowl.dll
[2012/02/03 13:00:58 | 000,139,264 | ---- | C] () -- C:\Windows\SysWow64\TCPClient.dll
[2012/02/02 21:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll

========== ZeroAccess Check ==========

[2009/07/14 15:00:09 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 15:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 14:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 11:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 13:24:46 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 11:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Alternate Data Streams ==========

@Alternate Data Stream - 179 bytes -> C:\ProgramData\TEMP:D287FACF

< End of report >


OTL Extras logfile created on: 16/06/2013 11:59:19 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = F:\Users\Chris\Downloads
64bit- Ultimate Edition N Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000c09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

7.95 Gb Total Physical Memory | 5.47 Gb Available Physical Memory | 68.84% Memory free
19.87 Gb Paging File | 17.28 Gb Available in Paging File | 86.96% Paging File free
Paging file location(s): g:\pagefile.sys 12211 12211 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119.14 Gb Total Space | 23.27 Gb Free Space | 19.53% Space Free | Partition Type: NTFS
Drive F: | 232.88 Gb Total Space | 104.95 Gb Free Space | 45.07% Space Free | Partition Type: NTFS
Drive G: | 698.54 Gb Total Space | 457.69 Gb Free Space | 65.52% Space Free | Partition Type: NTFS

Computer Name: CHRIS-PC | User Name: Chris | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-2686758744-1141044052-442096660-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "F:\Program Files (x86)\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "F:\Program Files (x86)\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "F:\Program Files (x86)\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "F:\Program Files (x86)\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 61 01 DA 5A 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{12C3EE2A-3728-45C5-93CA-BCD21F2ACE7D}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\fez\fez.exe |
"{153A247F-F1C8-4F2D-975F-C0D2DA7EDD69}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{15FB98D6-06AD-4DFD-ADD8-22A54009424D}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\they bleed pixels\they bleed pixels pc.exe |
"{1688A857-F6F8-4CA1-B095-76AFCF400AB5}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\far cry 3 blood dragon\bin\fc3_blooddragon_d3d11.exe |
"{1C3DED2D-CAA2-4908-BD58-BB102734A536}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\tower wars\tw.exe |
"{22240288-9DE6-4310-A8FC-8A03E41EE785}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{22EEE2EF-51BA-4995-8DC5-609A054962D9}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{24D77089-89B8-4371-8CAE-0EDA19333B74}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\far cry 3\bin\farcry3_d3d11.exe |
"{29039712-5C46-4E93-9849-BB26E1DCE565}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\dlc quest\dlc.exe |
"{30F23CDC-9F59-41DC-90FE-FA45A141AD3C}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\antichamber\binaries\win32\udk.exe |
"{322CE691-200A-4C83-8E19-1F1FB03A880C}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\rush\rush.exe |
"{3318E0E7-5AE1-4CC1-9CCE-18A99CC2F9E5}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\edge\edge.exe |
"{335B3F61-91A0-4EDD-B27C-400734026446}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\far cry 3\bin\fc3updatersteam.exe |
"{3505E624-B2F0-4B99-A1CD-3AB1AEE5C8DE}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{3AFE22DA-26E7-4FB6-88DE-6843DF9C71D9}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{3C7A1992-7657-4688-8C54-1DB229B081EC}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{3F3A1522-8096-4B62-9CA1-86797C0A88BE}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\far cry 3\bin\farcry3.exe |
"{3FB00AB4-BAAE-4BC5-9749-72AAC14E7D2B}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{401E1DAC-97C1-4E56-A656-AFB192D196EC}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{41F81DD5-FBA5-46D8-A1D8-60DA83083AC3}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\far cry 3\bin\fc3updatersteam.exe |
"{46F12682-9B9F-4DA4-B8FD-1E223CC7B0FF}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\symphony\symphony.exe |
"{49168C0D-A7E6-4D88-A9FD-56552E6FDCB0}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\toki tori\tokitori.exe |
"{4B00E989-8D9C-43BD-BB0A-87DF0D014315}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\dlc quest\dlc.exe |
"{4E89B7F3-6E36-4342-9956-294EE6FD2C9E}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\far cry 3 blood dragon\bin\fc3bdupdatersteam.exe |
"{5E496E65-3451-43BE-A886-3CD9581AE265}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5F76B6D0-7FDF-4E56-A876-F2A1EA4AB1A5}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{6146AEE6-30C3-467F-B176-A74D4941FDAF}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\toki tori\tokitori.exe |
"{64D94B16-81BE-4954-9D70-6DB596B9C27D}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\far cry 3 blood dragon\bin\fc3bdupdatersteam.exe |
"{6A1809B1-52DD-4C4E-9C46-67F19EF9136C}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\beat hazard\beathazard.exe |
"{6C0DEAFB-A1F2-4BA1-AF16-F5097C121EE3}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"{6D33F9F6-B234-4DFA-8128-4ACC84A339C0}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\fez\fez.exe |
"{76DEA8D5-8830-4AB6-89F9-57641040266D}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\beat hazard\beathazard.exe |
"{78558D45-56DB-4FE1-BE95-D031AE49A195}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\evoland\evoland.exe |
"{81D275D4-8464-467F-BCD2-C23EE2003950}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\tower wars\tw.exe |
"{86E94D2A-CC3B-4B14-A630-1EE0DDF401F8}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\edge\edge.exe |
"{8D492F28-8597-46E0-BF6A-A98DECF508EC}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{8E7B8BE6-0FE9-4DBA-AA06-0704963C8C38}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{9674FAF9-BAA5-42C0-94D4-2771CF1ED3A9}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steam.exe |
"{97921DDC-7802-4A76-9780-22F014D94DE8}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\mark_of_the_ninja\bin\game.exe |
"{99A52DE8-0634-4012-A11B-C4DDDC019320}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\mark_of_the_ninja\bin\game.exe |
"{9A032F15-9287-4BFD-A115-9B3C2B6518BA}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"{9B162E95-FA05-45F3-B37D-6CC4A33102F8}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steam.exe |
"{A268B277-A705-4F9F-96BF-2988A5181447}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{A2A32B72-94C6-490E-A118-652427C905B4}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\unepic\unepic.exe |
"{A9137125-0D86-4C45-9791-B3493E082BA9}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\puddle\launcher.exe |
"{B13FEBA7-069C-4469-8C92-BD59C30F34FB}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\antichamber\binaries\win32\udk.exe |
"{B4DFB13A-C0B5-4B3D-A0E3-5EAD6E07185F}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{B5DAC367-B552-4F88-9866-F69225727184}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\dust an elysian tail\dustaet.exe |
"{B6DA1F37-BD39-4115-BE5D-E7DDB3E0195C}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenautslauncher.exe |
"{BC5A5A12-1DD6-457F-A4DF-210EB41D67ED}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\reus\reus.exe |
"{BD109427-6D8A-4E37-ADDF-7D97BAC4AB3F}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{BF70EEA1-F7DF-4D19-AD99-1B5747C2955D}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\far cry 3\bin\farcry3.exe |
"{D040CBD7-D056-4B57-A868-34044003486C}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\dust an elysian tail\dustaet.exe |
"{D07AB8DB-80EC-4D12-8272-8221BA2C8389}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\puddle\launcher.exe |
"{D297EC63-4ABF-40C8-85AB-CC219C5DDE5D}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{D3198E6B-4F1F-4A63-8AD0-D37F7FA211F5}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\unepic\unepic.exe |
"{D4911397-CCF6-4845-996E-00F0B9D75C9D}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\they bleed pixels\they bleed pixels pc.exe |
"{D53B1FF1-D763-4D7C-A988-DECF697645F0}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\evoland\evoland.exe |
"{D62E5690-F9E4-45BD-BCB3-FEF7823A008B}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\dust an elysian tail\dustaet.exe |
"{DD14B513-8440-4DDD-888E-A37F4093AFBB}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\dust an elysian tail\dustaet.exe |
"{DD4430F3-8F92-4574-AF0D-185D79971AEE}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\rush\rush.exe |
"{DE07C913-0020-44C4-9D6F-499E5ABE1035}" = dir=in | app=c:\program files (x86)\common files\microsoft shared\xna\xnatrans\v3.0\xnatransx.exe |
"{E04E425E-3E1F-4B0A-92FC-0D6CF5A67248}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\droid assault\droidassault.exe |
"{E57FB69F-2718-4B75-8560-6DB7771A85B6}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\beat hazard\runme.exe |
"{E5932F65-92E1-4EAA-B1D4-F26E4B082DBD}" = protocol=17 | dir=in | app=f:\program files (x86)\utorrent.exe |
"{E6A6007B-025A-4670-B23B-0F18A0989819}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{EE97921E-37EB-4777-BEAE-0D98A1736239}" = dir=in | app=c:\program files (x86)\microsoft xna\xna game studio\v4.0\bin\xnaliveproxy.exe |
"{F685DD5B-28C0-4477-8EEB-631B6C7F7D77}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\far cry 3 blood dragon\bin\fc3_blooddragon.exe |
"{F716E5D4-6AC9-4164-87E4-C39A6AB652DB}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\far cry 3 blood dragon\bin\fc3_blooddragon_d3d11.exe |
"{F7C1B3A8-307A-4798-AD9F-5A3E3747996F}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\far cry 3\bin\farcry3_d3d11.exe |
"{FB0B69BC-5A2F-460F-A964-FA25708E04F0}" = protocol=6 | dir=in | app=f:\program files (x86)\utorrent.exe |
"{FC065DD9-596B-49BB-9606-404390226077}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\far cry 3 blood dragon\bin\fc3_blooddragon.exe |
"{FCC531BF-D2E4-4DC4-87A2-4EC507DD5CAC}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{FD87B617-D298-4294-A79B-2071D46935EA}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\symphony\symphony.exe |
"{FD8AE7B9-6E34-448B-81A5-0E33A445D787}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\reus\reus.exe |
"{FEEF1E54-2F34-4138-8C0B-F963EF52352C}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\beat hazard\runme.exe |
"{FF139F20-7F58-4C42-B095-BFF3A0288A3B}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenautslauncher.exe |
"{FFE8D7EF-6912-4B5B-8D43-8CAA1EC83FDB}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\droid assault\droidassault.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0225AD21-F3E2-4916-BFF3-65D3F9052582}" = iTunes
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6438A99C-A37E-4758-A0AE-95F8A63AAFF5}" = Intel(R) Network Connections 16.8.46.0
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{94D70749-4281-39AC-AD90-B56A0E0A402E}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319
"{A7500970-FE98-11E1-B560-F04DA23A5C58}" = Vegas Pro 12.0 (64-bit)
"{AB085680-FE98-11E1-A232-F04DA23A5C58}" = MSVCRT Redists
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.12.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.23.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{BCA26999-EC22-3007-BB79-638913079C9A}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
"CCleaner" = CCleaner
"GIMP-2_is1" = GIMP 2.8.4
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"NetBalancer_is1" = NetBalancer
"PROSetDX" = Intel(R) Network Connections 16.8.46.0
"UDK-9b3ff701-46ad-4089-983f-3ca6133e0f55" = My Game Long Name
"WinRAR archiver" = WinRAR 4.20 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01C79EF3-DE84-4B56-B638-8BEA0D507506}" = Microsoft XNA Game Studio 4.0 (XnaLiveProxy)
"{0666E46E-A860-4353-BE6D-13AA72FABB57}" = Microsoft XNA Game Studio Platform Tools
"{08C84CC6-E7FD-4B2D-BBF9-B02CC90EE031}" = Microsoft XNA Game Studio 4.0 (Shared Components)
"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1C3DA126-D523-4089-BCCA-FA46FE34D6F8}" = Google Drive
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{32A3A4F4-B792-11D6-A78A-00B0D0170210}" = Java SE Development Kit 7 Update 21
"{39FC5346-05D2-44C0-B350-CC01A00ED9B4}" = AutoMe
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F4EB5FE-B5BE-4069-A5A8-6D9262E1B379}" = Microsoft XNA Game Studio 4.0 Documentation
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects
"{59F24743-2EA1-3A45-B8C2-6E0E1E078FA8}" = Microsoft Visual C# 2010 Express - ENU
"{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}" = GameSpy Comrade
"{608E1B9B-A2E8-4A1F-8BAB-874EB0DD25E3}" = Intel(R) Update Manager
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{68BD57D3-D606-411E-A7E0-3EB6EA5660F6}" = Microsoft XNA Game Studio 4.0 (Redists)
"{6A6D86CD-B004-46b7-8951-7BB75A776F8C}" = Intel(R) Small Business Advantage
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73BE04D9-BA0E-4BAF-9C9D-677278BDB3DC}" = Microsoft XNA Game Studio 4.0 (ARP entry)
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8C496FBF-DB4A-468D-A3A1-15E127382218}" = Microsoft XNA Game Studio 4.0 (Visual Studio)
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A6C48A9F-694A-4234-B3AA-62590B668927}" = Intel(R) Manageability Engine Firmware Recovery Agent
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.7)
"{B4E343DD-BAAB-4D59-AD9C-DEA0AFE09DF1}" = Mumble 1.2.3
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}" = Microsoft XNA Framework Redistributable 4.0 Refresh
"{E7597FFE-2C87-4939-89E6-38EF01C247DF}" = Intel(R) Integrator Toolkit 5
"{F01CBA59-B5BD-4608-A834-1CBE8C292A71}" = Intel(R) Desktop Utilities
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ASIO4ALL" = ASIO4ALL
"Audacity_is1" = Audacity 2.0.3
"B076073A-5527-4f4f-B46B-B10692277DA2_is1" = DisplayFusion 3.1.6
"Battlelog Web Plugins" = Battlelog Web Plugins
"ESN Sonar-0.70.4" = ESN Sonar
"FL Studio 11" = FL Studio 11
"FlowStone" = FlowStone FL 3.0
"Fraps" = Fraps (remove only)
"G-Force" = G-Force
"Google Chrome" = Google Chrome
"Hardcore" = Hardcore
"IL Download Manager" = IL Download Manager
"IL Shared Libraries" = IL Shared Libraries
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Microsoft Visual C# 2010 Express - ENU" = Microsoft Visual C# 2010 Express - ENU
"MozillaMaintenanceService" = Mozilla Maintenance Service
"nbi-nb-base-7.3.0.0.201302132200" = NetBeans IDE 7.3
"NIS" = Norton Internet Security
"Norton Utilities_is1" = Norton Utilities
"NST" = Norton Identity Safe
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"Ohmicide VST" = Ohm Force - Ohmicide VST
"OpenAL" = OpenAL
"Origin" = Origin
"PoiZone" = PoiZone
"Project 64_is1" = Project 64 version 2.1.0.1
"PunkBusterSvc" = PunkBuster Services
"Sawer" = Sawer
"Simple Shutdown Timer1.1.2" = Simple Shutdown Timer
"Steam App 207750" = Symphony
"Steam App 211260" = They Bleed Pixels
"Steam App 214560" = Mark of the Ninja
"Steam App 219200" = Droid Assault
"Steam App 219890" = Antichamber
"Steam App 220240" = Far Cry® 3
"Steam App 222140" = Puddle
"Steam App 222730" = Reus
"Steam App 224760" = FEZ
"Steam App 230050" = DLC Quest
"Steam App 233270" = Far Cry® 3 Blood Dragon
"Steam App 233470" = Evoland
"Steam App 233980" = Unepic
"Steam App 236090" = Dust: An Elysian Tail
"Steam App 38700" = Toki Tori
"Steam App 38720" = RUSH
"Steam App 38740" = EDGE
"Steam App 49520" = Borderlands 2
"SynapseHydra_is1" = Hydra VSTi/DXi v1.2
"Toxic Biohazard" = Toxic Biohazard
"Uplay" = Uplay
"uTorrent" = µTorrent
"Virtual DJ Pro Full - Atomix Productions" = Virtual DJ Pro Full - Atomix Productions
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 2.0.5
"Waves Diamond Bundle v5.2" = Waves Diamond Bundle v5.2
"Winamp" = Winamp
"XNA Game Studio 4.0" = Microsoft XNA Game Studio 4.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2686758744-1141044052-442096660-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"101a9f93b8f0bb6f" = Curse Client
"Winamp Detect" = Winamp Detector Plug-in

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 14/06/2013 5:56:23 AM | Computer Name = Chris-PC | Source = WinMgmt | ID = 10
Description =

Error - 14/06/2013 8:00:51 AM | Computer Name = Chris-PC | Source = WinMgmt | ID = 10
Description =

Error - 14/06/2013 9:32:22 AM | Computer Name = Chris-PC | Source = WinMgmt | ID = 10
Description =

Error - 14/06/2013 10:46:47 AM | Computer Name = Chris-PC | Source = WinMgmt | ID = 10
Description =

Error - 14/06/2013 11:02:48 PM | Computer Name = Chris-PC | Source = WinMgmt | ID = 10
Description =

Error - 14/06/2013 11:28:39 PM | Computer Name = Chris-PC | Source = NetBalancer 6.5.4 | ID = 0
Description = System.UnauthorizedAccessException: Access to the registry key 'HKEY_CLASSES_ROOT\CLSID\{12275AF4-E724-470c-8B28-9121FBD34B89}\InprocServer32'
is denied. at Microsoft.Win32.RegistryKey.Win32Error(Int32 errorCode, String
str) at Microsoft.Win32.RegistryKey.CreateSubKey(String subkey, RegistryKeyPermissionCheck
permissionCheck, RegistrySecurity registrySecurity) at fl.f[a](String a, a A)

Error - 14/06/2013 11:47:58 PM | Computer Name = Chris-PC | Source = WinMgmt | ID = 10
Description =

Error - 15/06/2013 2:18:22 AM | Computer Name = Chris-PC | Source = WinMgmt | ID = 10
Description =

Error - 15/06/2013 2:32:18 AM | Computer Name = Chris-PC | Source = WinMgmt | ID = 10
Description =

Error - 15/06/2013 9:55:48 PM | Computer Name = Chris-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 15/06/2013 2:17:17 AM | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7000
Description = The X5XSEx_Pr143 service failed to start due to the following error:
%%3

Error - 15/06/2013 2:19:19 AM | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7038
Description = The nvUpdatusService service was unable to log on as .\UpdatusUser
with the currently configured password due to the following error: %%1330 To ensure
that the service is configured properly, use the Services snap-in in Microsoft
Management Console (MMC).

Error - 15/06/2013 2:19:19 AM | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7000
Description = The NVIDIA Update Service Daemon service failed to start due to the
following error: %%1069

Error - 15/06/2013 2:23:28 AM | Computer Name = Chris-PC | Source = VDS Basic Provider | ID = 33554433
Description =

Error - 15/06/2013 2:31:13 AM | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7000
Description = The X5XSEx_Pr143 service failed to start due to the following error:
%%3

Error - 15/06/2013 2:33:16 AM | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7038
Description = The nvUpdatusService service was unable to log on as .\UpdatusUser
with the currently configured password due to the following error: %%1330 To ensure
that the service is configured properly, use the Services snap-in in Microsoft
Management Console (MMC).

Error - 15/06/2013 2:33:16 AM | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7000
Description = The NVIDIA Update Service Daemon service failed to start due to the
following error: %%1069

Error - 15/06/2013 9:54:39 PM | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7000
Description = The X5XSEx_Pr143 service failed to start due to the following error:
%%3

Error - 15/06/2013 9:56:41 PM | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7038
Description = The nvUpdatusService service was unable to log on as .\UpdatusUser
with the currently configured password due to the following error: %%1330 To ensure
that the service is configured properly, use the Services snap-in in Microsoft
Management Console (MMC).

Error - 15/06/2013 9:56:41 PM | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7000
Description = The NVIDIA Update Service Daemon service failed to start due to the
following error: %%1069


< End of report >
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12975
 
   Posted 6/16/2013 12:05 PM (GMT +3)    Quote: Slow Internet ConnectionAlert an admin about: Slow Internet Connection
Please dowload adwcleaner.
Double click on AdwCleaner.exe to run the tool. 
***Note: Windows Vista and Windows 7 users: 
Right click in the adwCleaner.exe and select – Run as admin 
Click Delete. 
Everything that was found will be deleted. 
Save any open files and approve the reboot. A text file will open after the restart. 

Next -
Junkware Removal Tool by thisisu
Download:  http://www.bleepingcomputer.com/download/junkware-removal-tool/
Disable your Antivirus program if required
For vista and windows 7 right click on the tool and select run as administrator

After the scan is completed, post the generated log here, along with adwcleaner log.


Please read:  Forum Rules
Click here:   Before-posting-a-log
 
Do not PM me with logfiles. They will be deleted. 

 

Back to Top
 

Steelstring13
New Member


Date Joined Jun 2013
Total Posts : 14
 
   Posted 6/16/2013 12:18 PM (GMT +3)    Quote: Slow Internet ConnectionAlert an admin about: Slow Internet Connection
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Ultimate N x64
Ran by Chris on Sun 16/06/2013 at 19:15:36.15
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\splashtop"



~~~ Chrome

Successfully deleted: [Registry Key] hkey_local_machine\software\policies\google\chrome\extensioninstallforcelist



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 16/06/2013 at 19:18:03.04
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




# AdwCleaner v2.303 - Logfile created 06/16/2013 at 19:13:01
# Updated 08/06/2013 by Xplode
# Operating system : Windows 7 Ultimate N Service Pack 1 (64 bits)
# User : Chris - CHRIS-PC
# Boot Mode : Normal
# Running from : F:\Users\Chris\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\Free Ride Games
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Users\Chris\AppData\Local\Bundled software uninstaller
Folder Deleted : C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfgmipjabpfjdgflgbjjpgekdejokfci
Folder Deleted : C:\Users\Chris\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Ride Games
Folder Deleted : C:\Windows\SysWOW64\WNLT

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\Google\Chrome\Extensions\cfgmipjabpfjdgflgbjjpgekdejokfci
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{103DFC4E-147A-5606-9B4E-1C216DF227A1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{44d07caa-4fc4-5a84-9951-a485ad808d0e}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cfgmipjabpfjdgflgbjjpgekdejokfci
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Tarma Installer
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16611

Replaced : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?ptr=100&crg=3.1010000.10039&barid={F43E38D7-CF58-11E2-BE19-4C72B997E360} --> hxxp://www.google.com

-\\ Google Chrome v27.0.1453.110

File : C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [3137 octets] - [16/06/2013 19:13:01]

########## EOF - C:\AdwCleaner[S1].txt - [3197 octets] ##########
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12975
 
   Posted 6/16/2013 12:53 PM (GMT +3)    Quote: Slow Internet ConnectionAlert an admin about: Slow Internet Connection
Next step..........
 
 
 
 
Please download Combofix from:
 
And save to the desktop.
 
After the download is complete, perform the following tasks before using the ComboFix tool to scan your PC:
Exit all windows that are currently open on your computer.
To prevent interference, temporarily disable your antivirus, antispyware, firewall and other security tools that may be running on your computer.
 
Double-click on the combofix icon found on your desktop.
 
Please note, that once you start combofix you should not click anywhere on the combofix window as it can cause the program to stall.
In fact, when combofix is running, do not touch your computer at all and just take a break as it may take a while for it to complete.

When finished, it will produce a logfile located at C:\combofix.txt.
 

Post the contents of that log in your next reply
The logs will be reasonably large so you may have to divide them into sections and make several posts to post them.


Please read:  Forum Rules
Click here:   Before-posting-a-log
 
Do not PM me with logfiles. They will be deleted. 

 

Back to Top
 

Steelstring13
New Member


Date Joined Jun 2013
Total Posts : 14
 
   Posted 6/16/2013 1:17 PM (GMT +3)    Quote: Slow Internet ConnectionAlert an admin about: Slow Internet Connection
Thank you so much for all you have done so far.

Here is the Combofix log:







ComboFix 13-06-15.01 - Chris 16/06/2013 20:06:46.1.4 - x64
Microsoft Windows 7 Ultimate N 6.1.7601.1.1252.61.1033.18.8142.5868 [GMT 10:00]
Running from: f:\users\Chris\Downloads\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
FW: Norton Internet Security *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
SP: Norton Internet Security *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Chris\AppData\Local\Temp\_MEI30202\_ctypes.pyd
c:\users\Chris\AppData\Local\Temp\_MEI30202\_elementtree.pyd
c:\users\Chris\AppData\Local\Temp\_MEI30202\_hashlib.pyd
c:\users\Chris\AppData\Local\Temp\_MEI30202\_multiprocessing.pyd
c:\users\Chris\AppData\Local\Temp\_MEI30202\_socket.pyd
c:\users\Chris\AppData\Local\Temp\_MEI30202\_ssl.pyd
c:\users\Chris\AppData\Local\Temp\_MEI30202\pyexpat.pyd
c:\users\Chris\AppData\Local\Temp\_MEI30202\pysqlite2._sqlite.pyd
c:\users\Chris\AppData\Local\Temp\_MEI30202\python27.dll
c:\users\Chris\AppData\Local\Temp\_MEI30202\pythoncom27.dll
c:\users\Chris\AppData\Local\Temp\_MEI30202\PyWinTypes27.dll
c:\users\Chris\AppData\Local\Temp\_MEI30202\select.pyd
c:\users\Chris\AppData\Local\Temp\_MEI30202\unicodedata.pyd
c:\users\Chris\AppData\Local\Temp\_MEI30202\win32api.pyd
c:\users\Chris\AppData\Local\Temp\_MEI30202\win32com.shell.shell.pyd
c:\users\Chris\AppData\Local\Temp\_MEI30202\win32crypt.pyd
c:\users\Chris\AppData\Local\Temp\_MEI30202\win32event.pyd
c:\users\Chris\AppData\Local\Temp\_MEI30202\win32file.pyd
c:\users\Chris\AppData\Local\Temp\_MEI30202\win32inet.pyd
c:\users\Chris\AppData\Local\Temp\_MEI30202\win32pdh.pyd
c:\users\Chris\AppData\Local\Temp\_MEI30202\win32process.pyd
c:\users\Chris\AppData\Local\Temp\_MEI30202\win32profile.pyd
c:\users\Chris\AppData\Local\Temp\_MEI30202\win32security.pyd
c:\users\Chris\AppData\Local\Temp\_MEI30202\win32ts.pyd
c:\users\Chris\AppData\Local\Temp\_MEI30202\windows._cacheinvalidation.pyd
c:\users\Chris\AppData\Local\Temp\_MEI30202\wx._controls_.pyd
c:\users\Chris\AppData\Local\Temp\_MEI30202\wx._core_.pyd
c:\users\Chris\AppData\Local\Temp\_MEI30202\wx._gdi_.pyd
c:\users\Chris\AppData\Local\Temp\_MEI30202\wx._html2.pyd
c:\users\Chris\AppData\Local\Temp\_MEI30202\wx._misc_.pyd
c:\users\Chris\AppData\Local\Temp\_MEI30202\wx._windows_.pyd
c:\users\Chris\AppData\Local\Temp\_MEI30202\wx._wizard.pyd
c:\users\Chris\AppData\Local\Temp\_MEI30202\wxbase294u_net_vc90.dll
c:\users\Chris\AppData\Local\Temp\_MEI30202\wxbase294u_vc90.dll
c:\users\Chris\AppData\Local\Temp\_MEI30202\wxmsw294u_adv_vc90.dll
c:\users\Chris\AppData\Local\Temp\_MEI30202\wxmsw294u_core_vc90.dll
c:\users\Chris\AppData\Local\Temp\_MEI30202\wxmsw294u_html_vc90.dll
c:\users\Chris\AppData\Local\Temp\_MEI30202\wxmsw294u_webview_vc90.dll
c:\windows\SysWow64\frapsvid.dll
G:\install.exe
.
.
((((((((((((((((((((((((( Files Created from 2013-05-16 to 2013-06-16 )))))))))))))))))))))))))))))))
.
.
2013-06-16 10:10 . 2013-06-16 10:10 -------- d-----w- c:\users\matt\AppData\Local\temp
2013-06-16 10:10 . 2013-06-16 10:10 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-06-16 09:15 . 2013-06-16 09:15 -------- d-----w- c:\windows\ERUNT
2013-06-16 09:15 . 2013-06-16 09:15 -------- d-----w- C:\JRT
2013-06-15 06:44 . 2013-06-15 06:44 173104 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2013-06-15 06:44 . 2013-06-15 06:44 -------- d-----w- c:\program files\Symantec
2013-06-15 06:44 . 2013-06-15 06:44 -------- d-----w- c:\program files\Common Files\Symantec Shared
2013-06-15 06:44 . 2013-06-16 09:14 -------- d-----w- c:\windows\system32\drivers\NISx64
2013-06-15 06:44 . 2013-06-15 06:44 -------- d-----w- c:\program files (x86)\Norton Internet Security
2013-06-15 06:29 . 2013-06-15 06:29 -------- d-----w- c:\program files (x86)\Norton Identity Safe
2013-06-15 06:29 . 2013-06-15 06:29 -------- d-----w- c:\windows\system32\drivers\NSTx64
2013-06-15 06:15 . 2013-06-15 06:17 -------- d-----w- c:\users\Chris\AppData\Roaming\Norton Utilities 14
2013-06-15 06:10 . 2008-04-02 05:54 1101824 ----a-w- c:\windows\SysWow64\UniBox210.ocx
2013-06-15 06:10 . 2008-04-02 05:53 212992 ----a-w- c:\windows\SysWow64\UniBoxVB12.ocx
2013-06-15 06:10 . 2008-04-02 05:53 880640 ----a-w- c:\windows\SysWow64\UniBox10.ocx
2013-06-15 06:09 . 2013-06-15 06:09 -------- d-----w- c:\programdata\Norton Installer
2013-06-15 06:08 . 2004-08-03 22:00 506368 ----a-w- c:\windows\SysWow64\msxml.dll
2013-06-15 06:08 . 2013-06-15 06:31 -------- d-----w- c:\program files (x86)\Norton Utilities 14
2013-06-15 03:37 . 2013-06-15 03:37 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-06-15 03:37 . 2013-04-04 04:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-06-14 12:58 . 2013-06-14 12:58 -------- d-----w- c:\program files\CCleaner
2013-06-14 10:12 . 2013-06-16 09:14 -------- d-----w- c:\program files (x86)\Battlelog Web Plugins
2013-06-12 10:28 . 2013-05-08 06:39 1910632 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-06-12 10:23 . 2013-04-26 05:51 751104 ----a-w- c:\windows\system32\win32spl.dll
2013-06-12 10:23 . 2013-04-26 04:55 492544 ----a-w- c:\windows\SysWow64\win32spl.dll
2013-06-12 10:23 . 2013-05-10 05:49 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2013-06-12 10:23 . 2013-05-10 03:20 24576 ----a-w- c:\windows\SysWow64\cryptdlg.dll
2013-06-12 10:23 . 2013-04-17 07:02 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2013-06-12 10:23 . 2013-04-17 06:24 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-06-12 10:22 . 2013-05-13 05:51 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-06-12 10:22 . 2013-05-13 05:51 1464320 ----a-w- c:\windows\system32\crypt32.dll
2013-06-12 10:22 . 2013-05-13 05:51 139776 ----a-w- c:\windows\system32\cryptnet.dll
2013-06-12 10:22 . 2013-05-13 05:50 52224 ----a-w- c:\windows\system32\certenc.dll
2013-06-12 10:22 . 2013-05-13 04:45 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-06-12 10:22 . 2013-05-13 04:45 1160192 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-06-12 10:22 . 2013-05-13 04:45 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-06-12 10:22 . 2013-05-13 03:43 1192448 ----a-w- c:\windows\system32\certutil.exe
2013-06-12 10:22 . 2013-05-13 03:08 903168 ----a-w- c:\windows\SysWow64\certutil.exe
2013-06-12 10:22 . 2013-05-13 03:08 43008 ----a-w- c:\windows\SysWow64\certenc.dll
2013-06-12 10:22 . 2013-04-25 23:30 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll
2013-06-12 10:22 . 2013-03-31 22:52 1887232 ----a-w- c:\windows\system32\d3d11.dll
2013-06-10 10:45 . 2013-06-10 10:45 -------- d-----w- c:\users\Chris\AppData\Local\CRE
2013-06-07 10:14 . 2013-06-07 10:14 -------- d-----w- c:\program files (x86)\Asoftech
2013-06-07 10:08 . 2013-06-07 10:08 270468 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\Setup.dll
2013-06-07 10:08 . 2013-06-07 10:08 159876 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\IGdi.dll
2013-06-07 10:08 . 2002-08-05 00:46 57344 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\ctor.dll
2013-06-07 10:08 . 2002-08-01 17:10 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\DotNetInstaller.exe
2013-06-07 10:08 . 2002-08-01 16:20 634880 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\iKernel.dll
2013-06-07 10:08 . 2002-08-01 16:20 237568 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\iscript.dll
2013-06-07 10:08 . 2002-08-01 16:20 151552 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\iuser.dll
2013-06-07 09:46 . 2013-06-07 09:46 -------- d-----w- c:\users\Chris\AppData\Local\KSafe
2013-06-07 09:45 . 2013-06-07 09:45 -------- d-----w- c:\users\Chris\AppData\Roaming\kingsoft
2013-06-07 09:45 . 2013-06-07 09:47 -------- d-----w- c:\programdata\Kingsoft
2013-06-07 09:45 . 2013-06-14 12:35 -------- d-----w- c:\program files (x86)\Kingsoft
2013-06-07 08:47 . 2013-06-07 08:47 -------- d-----w- c:\users\Chris\AppData\Roaming\Malwarebytes
2013-06-07 08:47 . 2013-06-07 08:47 -------- d-----w- c:\programdata\Malwarebytes
2013-06-03 13:41 . 2013-06-03 13:41 -------- d-----w- c:\users\Chris\AppData\Roaming\asoftech
2013-06-03 13:40 . 2013-06-07 09:43 -------- d-----w- c:\program files (x86)\MyPC Backup
2013-06-03 13:39 . 2013-06-03 13:39 -------- d-----w- c:\windows\Sun
2013-06-02 13:48 . 2013-06-02 14:02 -------- d-----w- c:\program files (x86)\Project64 2.1
2013-05-27 15:05 . 2013-05-27 15:05 -------- d-----w- c:\users\Chris\AppData\Roaming\Image-Line
2013-05-27 15:05 . 2013-05-27 15:05 -------- d-----w- c:\program files\Image-Line
2013-05-27 15:05 . 2009-09-15 09:14 1554944 ----a-w- c:\windows\SysWow64\vorbis.acm
2013-05-27 15:05 . 2013-06-12 13:16 -------- d-----w- c:\users\Chris\AppData\Roaming\FlowStone
2013-05-27 15:05 . 2013-05-27 15:05 -------- d-----w- c:\program files (x86)\DSPRobotics
2013-05-27 12:46 . 2013-05-27 12:46 -------- d-----w- c:\program files (x86)\Common Files\digidesign
2013-05-27 11:51 . 1999-12-17 00:13 86016 ----a-w- c:\windows\unvise32.exe
2013-05-26 12:39 . 2013-05-26 12:39 -------- d-----w- c:\users\Chris\AppData\Roaming\NetBeans
2013-05-26 12:39 . 2013-05-26 12:39 -------- d-----w- c:\users\Chris\AppData\Local\NetBeans
2013-05-26 12:32 . 2013-05-26 12:35 -------- d-----w- c:\program files (x86)\NetBeans 7.3
2013-05-22 12:11 . 2013-06-16 09:14 -------- d-s---w- c:\users\Chris\Google Drive
2013-05-21 14:27 . 2013-06-10 02:41 -------- d-----w- c:\users\Chris\jagexcache
2013-05-18 07:28 . 2013-06-06 09:25 -------- d-----w- c:\users\Chris\AppData\Roaming\FAHClient
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-16 09:27 . 2013-02-25 10:43 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-06-16 09:27 . 2013-02-25 10:41 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-06-16 08:25 . 2013-02-25 10:41 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-06-13 11:02 . 2013-02-25 01:33 75825640 ----a-w- c:\windows\system32\MRT.exe
2013-06-12 01:12 . 2013-03-01 02:21 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-12 01:12 . 2013-03-01 02:21 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-08 06:32 . 2013-05-08 06:32 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-05-08 06:32 . 2013-05-08 06:32 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-05-08 06:32 . 2013-05-08 06:32 61952 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-05-08 06:32 . 2013-05-08 06:32 523264 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-05-08 06:32 . 2013-05-08 06:32 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-05-08 06:32 . 2013-05-08 06:32 38400 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-05-08 06:32 . 2013-05-08 06:32 361984 ----a-w- c:\windows\SysWow64\html.iec
2013-05-08 06:32 . 2013-05-08 06:32 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-05-08 06:32 . 2013-05-08 06:32 226304 ----a-w- c:\windows\system32\elshyph.dll
2013-05-08 06:32 . 2013-05-08 06:32 185344 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-05-08 06:32 . 2013-05-08 06:32 158720 ----a-w- c:\windows\SysWow64\msls31.dll
2013-05-08 06:32 . 2013-05-08 06:32 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-05-08 06:32 . 2013-05-08 06:32 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-05-08 06:32 . 2013-05-08 06:32 138752 ----a-w- c:\windows\SysWow64\wextract.exe
2013-05-08 06:32 . 2013-05-08 06:32 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-05-08 06:32 . 2013-05-08 06:32 12800 ----a-w- c:\windows\SysWow64\mshta.exe
2013-05-08 06:32 . 2013-05-08 06:32 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-05-08 06:32 . 2013-05-08 06:32 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-05-08 06:32 . 2013-05-08 06:32 97280 ----a-w- c:\windows\system32\mshtmled.dll
2013-05-08 06:32 . 2013-05-08 06:32 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-05-08 06:32 . 2013-05-08 06:32 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-05-08 06:32 . 2013-05-08 06:32 81408 ----a-w- c:\windows\system32\icardie.dll
2013-05-08 06:32 . 2013-05-08 06:32 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-05-08 06:32 . 2013-05-08 06:32 762368 ----a-w- c:\windows\system32\ieapfltr.dll
2013-05-08 06:32 . 2013-05-08 06:32 62976 ----a-w- c:\windows\system32\pngfilt.dll
2013-05-08 06:32 . 2013-05-08 06:32 599552 ----a-w- c:\windows\system32\vbscript.dll
2013-05-08 06:32 . 2013-05-08 06:32 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-05-08 06:32 . 2013-05-08 06:32 51200 ----a-w- c:\windows\system32\imgutil.dll
2013-05-08 06:32 . 2013-05-08 06:32 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-05-08 06:32 . 2013-05-08 06:32 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2013-05-08 06:32 . 2013-05-08 06:32 441856 ----a-w- c:\windows\system32\html.iec
2013-05-08 06:32 . 2013-05-08 06:32 281600 ----a-w- c:\windows\system32\dxtrans.dll
2013-05-08 06:32 . 2013-05-08 06:32 27648 ----a-w- c:\windows\system32\licmgr10.dll
2013-05-08 06:32 . 2013-05-08 06:32 270848 ----a-w- c:\windows\system32\iedkcs32.dll
2013-05-08 06:32 . 2013-05-08 06:32 247296 ----a-w- c:\windows\system32\webcheck.dll
2013-05-08 06:32 . 2013-05-08 06:32 235008 ----a-w- c:\windows\system32\url.dll
2013-05-08 06:32 . 2013-05-08 06:32 216064 ----a-w- c:\windows\system32\msls31.dll
2013-05-08 06:32 . 2013-05-08 06:32 197120 ----a-w- c:\windows\system32\msrating.dll
2013-05-08 06:32 . 2013-05-08 06:32 173568 ----a-w- c:\windows\system32\ieUnatt.exe
2013-05-08 06:32 . 2013-05-08 06:32 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-05-08 06:32 . 2013-05-08 06:32 1509376 ----a-w- c:\windows\system32\inetcpl.cpl
2013-05-08 06:32 . 2013-05-08 06:32 149504 ----a-w- c:\windows\system32\occache.dll
2013-05-08 06:32 . 2013-05-08 06:32 144896 ----a-w- c:\windows\system32\wextract.exe
2013-05-08 06:32 . 2013-05-08 06:32 1400416 ----a-w- c:\windows\system32\ieapfltr.dat
2013-05-08 06:32 . 2013-05-08 06:32 13824 ----a-w- c:\windows\system32\mshta.exe
2013-05-08 06:32 . 2013-05-08 06:32 136192 ----a-w- c:\windows\system32\iepeers.dll
2013-05-08 06:32 . 2013-05-08 06:32 135680 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-05-08 06:32 . 2013-05-08 06:32 12800 ----a-w- c:\windows\system32\msfeedssync.exe
2013-05-08 06:32 . 2013-05-08 06:32 102912 ----a-w- c:\windows\system32\inseng.dll
2013-05-04 11:53 . 2013-04-17 03:29 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2013-05-04 11:53 . 2013-04-17 03:29 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2013-05-04 11:53 . 2013-04-17 03:29 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2013-05-04 11:53 . 2013-04-17 03:29 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2013-04-28 02:33 . 2013-04-28 02:33 231376 ----a-w- c:\windows\system32\drivers\truecrypt.sys
2013-04-13 05:49 . 2013-05-16 10:27 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-16 10:27 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-16 10:27 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-16 10:27 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-16 10:27 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-16 10:27 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-24 03:11 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-10 06:01 . 2013-05-16 10:27 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-04-10 06:01 . 2013-05-16 10:27 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-04-10 03:30 . 2013-05-16 10:26 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-04-03 19:35 . 2013-03-19 08:29 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-03-22 16:00 . 2013-03-21 11:00 190656 ----a-w- c:\programdata\Microsoft\VCSExpress\10.0\1033\ResourceCache.dll
2013-03-19 08:29 . 2013-02-25 07:48 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-03-19 08:29 . 2013-02-25 07:48 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-03-19 06:04 . 2013-04-11 08:01 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-19 05:53 . 2013-05-16 10:26 48640 ----a-w- c:\windows\system32\wwanprotdim.dll
2013-03-19 05:53 . 2013-05-16 10:26 230400 ----a-w- c:\windows\system32\wwansvc.dll
2013-03-19 05:46 . 2013-04-11 08:01 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 05:04 . 2013-04-11 08:01 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-11 08:01 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47 . 2013-04-11 08:01 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06 . 2013-04-11 08:01 112640 ----a-w- c:\windows\system32\smss.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2013-04-16 19662744]
"DisplayFusion"="c:\program files (x86)\DisplayFusion\DisplayFusion.exe" [2009-12-09 645296]
"NortonUtilities"="c:\program files (x86)\Norton Utilities 14\RMTray.exe" [2009-09-14 279912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2012-02-07 133400]
"P17RunE"="P17RunE.dll" [2008-03-28 14848]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-11 253816]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-11-29 284440]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2012-06-28 74752]
"IntelSBA"="c:\program files (x86)\Intel\Intel(R) Small Business Advantage\Service\SBALaunchDelay.exe" [2012-02-27 55520]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-01-26 291608]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-02-20 152392]
"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R2 Intel(R) Small Business Advantage;Intel(R) Small Business Advantage;c:\program files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe;c:\program files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [x]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R2 X5XSEx_Pr143;X5XSEx_Pr143;c:\program files (x86)\Free Ride Games\X5XSEx_Pr143.Sys;c:\program files (x86)\Free Ride Games\X5XSEx_Pr143.Sys [x]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1108000.005\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1108000.005\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1108000.005\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1108000.005\SYMEFA64.SYS [x]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20130531.001\BHDrvx64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20130531.001\BHDrvx64.sys [x]
S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NISx64\1108000.005\ccHPx64.sys;c:\windows\SYSNATIVE\drivers\NISx64\1108000.005\ccHPx64.sys [x]
S1 ccSet_NST;Norton Identity Safe Settings Manager;c:\windows\system32\drivers\NSTx64\7DD03030.013\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NSTx64\7DD03030.013\ccSetx64.sys [x]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20130614.001\IDSvia64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20130614.001\IDSvia64.sys [x]
S1 nbdrv;NetBalancer LightWeight Filter;c:\windows\system32\DRIVERS\nbdrv.sys;c:\windows\SYSNATIVE\DRIVERS\nbdrv.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1108000.005\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1108000.005\Ironx64.SYS [x]
S1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\System32\Drivers\NISx64\1108000.005\SYMTDIV.SYS;c:\windows\SYSNATIVE\Drivers\NISx64\1108000.005\SYMTDIV.SYS [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 NCO;Norton Identity Safe;c:\program files (x86)\Norton Identity Safe\Engine\2013.3.3.19\ccSvcHst.exe;c:\program files (x86)\Norton Identity Safe\Engine\2013.3.3.19\ccSvcHst.exe [x]
S2 NetBalancerService;NetBalancerService;c:\program files\NetBalancer\SeriousBit.NetBalancer.Service.exe;c:\program files\NetBalancer\SeriousBit.NetBalancer.Service.exe [x]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\17.8.0.5\ccSvcHst.exe;c:\program files (x86)\Norton Internet Security\Engine\17.8.0.5\ccSvcHst.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-14 13:22 1165776 ----a-w- c:\program files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-06-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-01 01:12]
.
2013-06-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-25 07:18]
.
2013-06-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-25 07:18]
.
2013-06-16 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 02:41]
.
2013-06-12 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 02:41]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-04-16 06:10 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-04-16 06:10 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-04-16 06:10 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-04-16 06:10 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-12-13 13263072]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://google.com/
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 10.0.0.138
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKU-Default-Run-Exetender - c:\program files (x86)\Free Ride Games\GPlayer.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-Battlelog Web Plugins - c:\program files (x86)\Battlelog Web Plugins\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NCO]
"ImagePath"="\"c:\program files (x86)\Norton Identity Safe\Engine\2013.3.3.19\ccSvcHst.exe\" /s \"NCO\" /m \"c:\program files (x86)\Norton Identity Safe\Engine\2013.3.3.19\diMaster.dll\" /prefetch:1"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\17.8.0.5\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\17.8.0.5\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2686758744-1141044052-442096660-1000\Software\SecuROM\License information*]
"datasecu"=hex:9b,b1,49,0a,6f,9d,2f,a3,79,fd,90,91,31,e1,72,43,ae,31,c0,d0,19,
fd,52,c8,80,64,ad,64,60,04,cf,b4,ec,17,7e,0f,dc,36,89,a4,d1,e4,c1,d5,15,56,\
"rkeysecu"=hex:1e,10,e8,4a,95,d3,6c,96,66,7e,4d,8e,f0,ca,f0,4e
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Completion time: 2013-06-16 20:12:26 - machine was rebooted
ComboFix-quarantined-files.txt 2013-06-16 10:12
.
Pre-Run: 24,633,856,000 bytes free
Post-Run: 24,357,122,048 bytes free
.
- - End Of File - - 0135E00C35A3DEF5DA7D7969E8CAE478
D41D8CD98F00B204E9800998ECF8427E
Back to Top
 

adalee
New Member


Date Joined Jun 2013
Total Posts : 1
 
   Posted 6/17/2013 6:34 AM (GMT +3)    Quote: Slow Internet ConnectionAlert an admin about: Slow Internet Connection
That's looks so complexed.
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12975
 
   Posted 6/17/2013 10:34 AM (GMT +3)    Quote: Slow Internet ConnectionAlert an admin about: Slow Internet Connection
Looks clean to me, so please tell how things are running                            ?


Please read:  Forum Rules
Click here:   Before-posting-a-log
 
Do not PM me with logfiles. They will be deleted. 

 

Back to Top
 

Steelstring13
New Member


Date Joined Jun 2013
Total Posts : 14
 
   Posted 6/17/2013 4:42 PM (GMT +3)    Quote: Slow Internet ConnectionAlert an admin about: Slow Internet Connection
Yes, I can play online games again! YAY!

What do you think it was? Is there something you would recommend I do to prevent this from happening again?
Thank you so much again Touch. You have helped me twice now.
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12975
 
   Posted 6/18/2013 10:41 AM (GMT +3)    Quote: Slow Internet ConnectionAlert an admin about: Slow Internet Connection
It seems to me,  it was a mix of various infections and some  Potentially unwanted program.
 
 
 
Potentially Unwanted Programs are not malware related, most antivirus or anti-malware program can not block it successfully, but PUP can also be prevented if you are careful enough when you surf online.
Please pay special attention when you install program released by unknown authors;
Choose custom installation or advanced installation instead of quick or recommended installation;
Read carefully the terms and conditions before you agree to install.



Good luck and be secure online                  smile


Please read:  Forum Rules
Click here:   Before-posting-a-log
 
Do not PM me with logfiles. They will be deleted. 

 

Back to Top
 

Steelstring13
New Member


Date Joined Jun 2013
Total Posts : 14
 
   Posted 6/19/2013 5:11 PM (GMT +3)    Quote: Slow Internet ConnectionAlert an admin about: Slow Internet Connection
Even though at the time of my reply things were up to regular speed. They have since declined back to the slow state at the start of this whole thing. Is there anything else I may need to do to check to see if there are any Potentially Unwanted Programs?
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12975
 
   Posted 6/20/2013 3:12 AM (GMT +3)    Quote: Slow Internet ConnectionAlert an admin about: Slow Internet Connection
We need to get a comprehensive report of what is present in your system.

Download OTL by OldTimer, saving it to your desktop: http://oldtimer.geekstogo.com/OTL.exe
Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
Select All Users
Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
 
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
 
Post both logs


Please read:  Forum Rules
Click here:   Before-posting-a-log
 
Do not PM me with logfiles. They will be deleted. 

 

Back to Top
 

Steelstring13
New Member


Date Joined Jun 2013
Total Posts : 14
 
   Posted 6/21/2013 10:50 AM (GMT +3)    Quote: Slow Internet ConnectionAlert an admin about: Slow Internet Connection
Hey Touch,

The OTL by Oldtimer would only provide a OTL.Txt file when finished. No Extras.Txt was given.




OTL logfile created on: 21/06/2013 5:46:01 PM - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = F:\Users\Chris\Downloads
64bit- Ultimate Edition N Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000c09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

7.95 Gb Total Physical Memory | 5.44 Gb Available Physical Memory | 68.46% Memory free
19.87 Gb Paging File | 17.06 Gb Available in Paging File | 85.86% Paging File free
Paging file location(s): g:\pagefile.sys 12211 12211 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119.14 Gb Total Space | 24.95 Gb Free Space | 20.94% Space Free | Partition Type: NTFS
Drive F: | 232.88 Gb Total Space | 100.55 Gb Free Space | 43.18% Space Free | Partition Type: NTFS
Drive G: | 698.54 Gb Total Space | 457.69 Gb Free Space | 65.52% Space Free | Partition Type: NTFS

Computer Name: CHRIS-PC | User Name: Chris | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/06/21 17:45:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- F:\Users\Chris\Downloads\OTL (1).exe
PRC - [2013/06/18 22:09:15 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013/06/15 11:28:44 | 000,825,808 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/05/21 14:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccsvchst.exe
PRC - [2013/05/10 17:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/16 16:10:44 | 019,662,744 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
PRC - [2013/03/14 21:07:46 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/06/29 01:40:52 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe
PRC - [2012/02/27 12:02:16 | 004,243,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe
PRC - [2012/02/27 12:01:00 | 000,049,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe
PRC - [2012/02/07 20:05:04 | 000,363,800 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012/02/07 20:05:04 | 000,277,784 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012/02/07 20:04:54 | 000,128,280 | R--- | M] () -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2012/02/07 20:04:44 | 000,161,560 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/01/27 03:40:44 | 000,291,608 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2011/11/29 19:04:56 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/11/29 19:04:54 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2011/08/04 14:18:43 | 000,126,400 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccsvchst.exe
PRC - [2009/11/29 01:09:32 | 000,092,848 | ---- | M] (Binary Fortress Software) -- C:\Program Files (x86)\DisplayFusion\DisplayFusionHookx86.exe
PRC - [2009/09/14 10:53:32 | 000,279,912 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Utilities 14\RMTray.exe


========== Modules (No Company Name) ==========

MOD - [2013/06/21 17:19:57 | 001,175,040 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\wx._core_.pyd
MOD - [2013/06/21 17:19:57 | 001,153,024 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\_ssl.pyd
MOD - [2013/06/21 17:19:57 | 001,062,400 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\wx._controls_.pyd
MOD - [2013/06/21 17:19:57 | 001,022,416 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\windows._cacheinvalidation.pyd
MOD - [2013/06/21 17:19:57 | 000,811,008 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\wx._windows_.pyd
MOD - [2013/06/21 17:19:57 | 000,805,888 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\wx._gdi_.pyd
MOD - [2013/06/21 17:19:57 | 000,735,232 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\wx._misc_.pyd
MOD - [2013/06/21 17:19:57 | 000,711,680 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\_hashlib.pyd
MOD - [2013/06/21 17:19:57 | 000,686,080 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\unicodedata.pyd
MOD - [2013/06/21 17:19:57 | 000,557,056 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\pysqlite2._sqlite.pyd
MOD - [2013/06/21 17:19:57 | 000,364,544 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\pythoncom27.dll
MOD - [2013/06/21 17:19:57 | 000,320,512 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\win32com.shell.shell.pyd
MOD - [2013/06/21 17:19:57 | 000,128,512 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\_elementtree.pyd
MOD - [2013/06/21 17:19:57 | 000,127,488 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\pyexpat.pyd
MOD - [2013/06/21 17:19:57 | 000,122,368 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\wx._wizard.pyd
MOD - [2013/06/21 17:19:57 | 000,119,808 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\win32file.pyd
MOD - [2013/06/21 17:19:57 | 000,110,080 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\PyWinTypes27.dll
MOD - [2013/06/21 17:19:57 | 000,108,544 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\win32security.pyd
MOD - [2013/06/21 17:19:57 | 000,098,816 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\win32api.pyd
MOD - [2013/06/21 17:19:57 | 000,087,040 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\_ctypes.pyd
MOD - [2013/06/21 17:19:57 | 000,070,656 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\wx._html2.pyd
MOD - [2013/06/21 17:19:57 | 000,044,032 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\_socket.pyd
MOD - [2013/06/21 17:19:57 | 000,038,912 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\win32inet.pyd
MOD - [2013/06/21 17:19:57 | 000,035,840 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\win32process.pyd
MOD - [2013/06/21 17:19:57 | 000,026,624 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\_multiprocessing.pyd
MOD - [2013/06/21 17:19:57 | 000,025,600 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\win32pdh.pyd
MOD - [2013/06/21 17:19:57 | 000,022,528 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\win32ts.pyd
MOD - [2013/06/21 17:19:57 | 000,018,432 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\win32event.pyd
MOD - [2013/06/21 17:19:57 | 000,017,408 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\win32profile.pyd
MOD - [2013/06/21 17:19:57 | 000,011,264 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\win32crypt.pyd
MOD - [2013/06/21 17:19:57 | 000,010,240 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\select.pyd
MOD - [2013/06/18 16:17:10 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b6eb138c3c9be780acb767c1bef572c1\System.Runtime.Remoting.ni.dll
MOD - [2013/06/15 11:28:42 | 000,393,168 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ppgooglenaclpluginchrome.dll
MOD - [2013/06/15 11:28:40 | 004,051,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\pdf.dll
MOD - [2013/06/15 11:27:51 | 000,599,504 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\libglesv2.dll
MOD - [2013/06/15 11:27:50 | 000,124,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\libegl.dll
MOD - [2013/06/15 11:27:48 | 001,597,392 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ffmpegsumo.dll
MOD - [2013/05/17 08:32:49 | 000,330,240 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\5b0667dad44a1069048497e7f4ae6f12\System.Management.Instrumentation.ni.dll
MOD - [2013/05/17 08:31:49 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\3c2ed368e1f3889997dfb42a5ca77284\System.Core.ni.dll
MOD - [2013/05/17 08:11:15 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\af525b4bec3b9941b7be8ffbf813da80\PresentationFramework.ni.dll
MOD - [2013/05/17 08:11:07 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll
MOD - [2013/05/17 08:11:01 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7eac0dbe9aa20b55e37235f8ee030e6b\PresentationCore.ni.dll
MOD - [2013/05/17 08:10:54 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\716959df79685a1eae0fc14275a32b0f\WindowsBase.ni.dll
MOD - [2013/05/17 08:10:53 | 000,687,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\23673bbebe3c0ca7c894e614bb3ffd1a\System.Security.ni.dll
MOD - [2013/05/17 08:10:52 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll
MOD - [2013/03/17 13:12:58 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll
MOD - [2013/03/17 13:12:39 | 000,185,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\a7424b1be331f4b534ea24e0c21dbe47\UIAutomationTypes.ni.dll
MOD - [2013/03/17 13:12:39 | 000,060,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\23da92e38ffc0bbf6673adb1892aa0f4\UIAutomationProvider.ni.dll
MOD - [2013/03/17 02:05:43 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\302207b4fa3083899fd8ab4db98cecc5\System.Management.ni.dll
MOD - [2013/03/17 02:05:27 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\389a1832a3da11e1b409cd6ae60cb9fa\IAStorCommon.ni.dll
MOD - [2013/03/17 02:05:25 | 000,487,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\7ffdaee3a54ffd1a5e3b008a5bde5ecf\IAStorUtil.ni.dll
MOD - [2013/03/17 02:05:25 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\7ff638de44686eab4afaa8b3c8a9cfca\System.ServiceProcess.ni.dll
MOD - [2013/03/17 02:05:19 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013/03/17 02:05:17 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013/03/17 02:05:14 | 000,141,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\1ea01658676f73cf48ebde8e904a0464\System.Configuration.Install.ni.dll
MOD - [2013/03/17 02:05:08 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013/03/17 02:05:03 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2013/01/28 12:08:56 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013/01/28 12:08:28 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/05/31 00:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\wincfi39.dll
MOD - [2012/02/27 12:02:14 | 000,215,264 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\System.ComponentModel.Composition.dll
MOD - [2012/02/27 12:02:10 | 000,051,424 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\Interop.TaskScheduler.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/03/25 20:06:36 | 000,010,752 | ---- | M] (SeriousBit) [Auto | Running] -- C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe -- (NetBalancerService)
SRV:64bit: - [2012/02/02 21:29:52 | 000,628,448 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:64bit: - [2011/11/09 16:38:06 | 000,189,608 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel(R)
SRV:64bit: - [2009/07/14 11:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 11:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/06/18 22:09:15 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013/06/12 11:12:56 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/06/07 08:06:24 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/05/21 14:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe -- (NCO)
SRV - [2013/05/12 08:26:17 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/05/10 17:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/17 13:29:05 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2013/03/15 15:53:06 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/03/14 21:07:46 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/02/27 12:01:00 | 000,049,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe -- (Intel(R)
SRV - [2012/02/07 20:05:04 | 000,363,800 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/02/07 20:05:04 | 000,277,784 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/02/07 20:04:54 | 000,128,280 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R)
SRV - [2012/02/07 20:04:44 | 000,161,560 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2011/11/29 19:04:56 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011/08/04 14:18:43 | 000,126,400 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe -- (NIS)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/11 07:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/06/15 16:44:28 | 000,173,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2013/04/16 12:41:14 | 000,169,048 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NSTx64\7DD04000.00A\ccsetx64.sys -- (ccSet_NST)
DRV:64bit: - [2013/01/17 00:39:12 | 000,041,392 | ---- | M] (SeriousBit) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\nbdrv.sys -- (nbdrv)
DRV:64bit: - [2012/12/19 15:41:52 | 000,194,488 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012/12/13 12:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/24 00:12:16 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/08/24 00:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/24 00:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/24 00:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/17 17:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/03/01 16:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/27 03:39:34 | 000,787,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012/01/27 03:39:34 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012/01/27 03:39:34 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012/01/11 12:32:28 | 000,358,576 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress)
DRV:64bit: - [2011/11/29 18:40:32 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/08/22 12:53:36 | 000,451,704 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\symtdiv.sys -- (SYMTDIv)
DRV:64bit: - [2011/08/22 12:53:35 | 000,221,304 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\symefa64.sys -- (SymEFA)
DRV:64bit: - [2011/08/04 14:19:26 | 000,593,544 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\cchpx64.sys -- (ccHP)
DRV:64bit: - [2011/03/11 16:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 16:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/01/16 02:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2010/12/17 08:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010/11/21 13:24:16 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010/11/21 13:24:16 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010/11/21 13:24:15 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 13:24:15 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/04/29 15:03:51 | 000,150,064 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\ironx64.sys -- (SymIRON)
DRV:64bit: - [2010/04/22 12:29:51 | 000,505,392 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2010/04/22 12:29:51 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2009/10/16 16:44:56 | 001,309,696 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\P17.sys -- (P17)
DRV:64bit: - [2009/10/05 15:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/08/30 10:17:18 | 000,433,200 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\symds64.sys -- (SymDS)
DRV:64bit: - [2009/08/13 21:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/07/14 11:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 11:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 11:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/11 06:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 06:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 06:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 06:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV - [2013/06/15 18:26:01 | 002,098,776 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20130620.023\ex64.sys -- (NAVEX15)
DRV - [2013/06/15 18:26:01 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2013/06/15 18:26:01 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2013/06/15 18:26:01 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20130620.023\eng64.sys -- (NAVENG)
DRV - [2013/06/14 14:20:38 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20130620.001\IDSviA64.sys -- (IDSVia64)
DRV - [2013/05/31 17:15:28 | 001,393,240 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20130531.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2009/07/14 11:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2686758744-1141044052-442096660-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKU\S-1-5-21-2686758744-1141044052-442096660-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-AU
IE - HKU\S-1-5-21-2686758744-1141044052-442096660-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = DA 23 01 3F 28 13 CE 01 [binary data]
IE - HKU\S-1-5-21-2686758744-1141044052-442096660-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2686758744-1141044052-442096660-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2686758744-1141044052-442096660-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.7: C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@exent.com/npExentCtl,version=7.0.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: F:\Program Files (x86)\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F04D2D30-776C-4d02-8627-8E4385ECA58D}: C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2013.3.3.19\coFFPlgn\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\ [2013/06/17 17:21:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn_2010_9_0_6 [2013/06/21 17:19:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2013/06/03 23:39:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\Mozilla\Extensions
[2013/05/09 21:53:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/06/16 21:55:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/06/16 21:55:15 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Java(TM) Platform SE 7 U21 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Uplay PC (Enabled) = C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
CHR - plugin: VLC Web Plugin (Enabled) = F:\Program Files (x86)\VLC\npvlc.dll
CHR - Extension: Theme Creator = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpelnjfckgfiplcikojhomllgombffc\2.5_0\
CHR - Extension: Google Docs = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Slinky Elegant = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmanlajnpdncmhfkiccmbgeocgbncfln\19.6_0\
CHR - Extension: Google Search = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: KB SSL Enforcer = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\flcpelgcagfhfoegekianiofphddckof\2.0.0_0\
CHR - Extension: AdBlock = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.64_0\
CHR - Extension: FVD Video Downloader = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp\5.2.1_0\
CHR - Extension: Reload All Tabs = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpkdnfkjhdkcpimadpdcgapffceacjem\1.2.12_0\
CHR - Extension: MuteTab = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmkbaaijgpppbokgnhhoakihofedkgcc\2.0.2_0\
CHR - Extension: ScriptSafe = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf\1.0.6.13_0\
CHR - Extension: Gmail = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013/06/16 20:11:10 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [IMSS] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelSBA] C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\SBALaunchDelay.exe (Intel Corporation)
O4 - HKLM..\Run: [P17RunE] C:\Windows\SysWow64\P17RunE.dll (Creative Technology Ltd.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\S-1-5-21-2686758744-1141044052-442096660-1000..\Run: [DisplayFusion] C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe (Binary Fortress Software)
O4 - HKU\S-1-5-21-2686758744-1141044052-442096660-1000..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKU\S-1-5-21-2686758744-1141044052-442096660-1000..\Run: [NortonUtilities] C:\Program Files (x86)\Norton Utilities 14\RMTray.exe (Symantec Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2686758744-1141044052-442096660-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2686758744-1141044052-442096660-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2686758744-1141044052-442096660-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2686758744-1141044052-442096660-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2686758744-1141044052-442096660-1000\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2686758744-1141044052-442096660-1000\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CA30882D-7DFF-4007-9B30-C4C94A292333}: DhcpNameServer = 10.0.0.138
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/06/19 22:34:36 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\Temporary Projects
[2013/06/18 22:31:22 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\ESN Sonar
[2013/06/18 20:44:46 | 000,169,048 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NSTx64\7DD04000.00A\ccsetx64.sys
[2013/06/18 20:44:44 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSTx64\7DD04000.00A
[2013/06/17 17:30:52 | 000,000,000 | ---D | C] -- f:\Users\Chris\Documents\BFBC2
[2013/06/17 02:12:45 | 000,593,544 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\cchpx64.sys
[2013/06/17 02:12:45 | 000,505,392 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\srtsp64.sys
[2013/06/17 02:12:45 | 000,451,704 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\symtdiv.sys
[2013/06/17 02:12:45 | 000,433,200 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\symds64.sys
[2013/06/17 02:12:45 | 000,221,304 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\symefa64.sys
[2013/06/17 02:12:45 | 000,150,064 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\ironx64.sys
[2013/06/17 02:12:45 | 000,032,304 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\srtspx64.sys
[2013/06/17 02:12:41 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NISx64\1109000.00C
[2013/06/16 23:57:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/06/16 21:56:21 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\Macromedia
[2013/06/16 21:55:18 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\Mozilla
[2013/06/16 20:12:27 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013/06/16 20:11:10 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2013/06/16 20:05:52 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/06/16 20:05:52 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/06/16 20:05:52 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/06/16 20:05:48 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/06/16 20:05:42 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/06/16 19:15:35 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/06/16 19:15:26 | 000,000,000 | ---D | C] -- C:\JRT
[2013/06/15 17:16:07 | 000,000,000 | ---D | C] -- f:\Users\Chris\Desktop\Logs
[2013/06/15 16:44:28 | 000,173,104 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2013/06/15 16:44:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2013/06/15 16:44:28 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2013/06/15 16:44:20 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NISx64
[2013/06/15 16:44:19 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
[2013/06/15 16:44:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Internet Security
[2013/06/15 16:29:54 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Identity Safe
[2013/06/15 16:29:54 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSTx64
[2013/06/15 16:29:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Identity Safe
[2013/06/15 16:20:06 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2013/06/15 16:15:03 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Norton Utilities 14
[2013/06/15 16:10:29 | 001,101,824 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\SysWow64\UniBox210.ocx
[2013/06/15 16:10:29 | 000,880,640 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\SysWow64\UniBox10.ocx
[2013/06/15 16:10:29 | 000,212,992 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\SysWow64\UniBoxVB12.ocx
[2013/06/15 16:09:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton Installer
[2013/06/15 16:09:07 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2013/06/15 16:09:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Utilities 14
[2013/06/15 16:08:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Utilities 14
[2013/06/15 13:37:52 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/06/15 13:37:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/06/15 13:37:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/06/14 22:58:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013/06/14 22:58:45 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/06/14 20:12:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battlelog Web Plugins
[2013/06/10 20:45:28 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\CRE
[2013/06/10 20:33:37 | 000,000,000 | ---D | C] -- C:\Users\Chris\jagexcache1
[2013/06/07 20:14:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoMe
[2013/06/07 20:14:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Asoftech
[2013/06/07 19:46:55 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\KSafe
[2013/06/07 19:45:55 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\kingsoft
[2013/06/07 19:45:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Kingsoft
[2013/06/07 19:45:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kingsoft
[2013/06/07 18:47:17 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Malwarebytes
[2013/06/07 18:47:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/06/03 23:41:22 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\asoftech
[2013/06/03 23:40:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyPC Backup
[2013/06/03 23:39:28 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2013/06/02 23:48:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project 64 2.0
[2013/06/02 23:48:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Project64 2.1
[2013/05/28 01:05:45 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Image-Line
[2013/05/28 01:05:44 | 000,000,000 | ---D | C] -- C:\Program Files\Image-Line
[2013/05/28 01:05:34 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\FlowStone
[2013/05/28 01:05:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DSPRobotics
[2013/05/27 22:46:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
[2013/05/27 22:46:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\digidesign
[2013/05/27 22:33:08 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Waves
[2013/05/27 22:33:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves
[2013/05/27 22:03:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synapse Audio
[2013/05/27 21:51:56 | 000,086,016 | ---- | C] (MindVision Software) -- C:\Windows\unvise32.exe
[2013/05/27 21:51:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ohm Force
[2013/05/27 17:59:24 | 000,000,000 | ---D | C] -- C:\Users\Chris\Documents
[2013/05/26 22:39:39 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\NetBeans
[2013/05/26 22:39:39 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\NetBeans
[2013/05/26 22:33:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBeans
[2013/05/26 22:32:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NetBeans 7.3
[2013/05/22 22:11:15 | 000,000,000 | --SD | C] -- C:\Users\Chris\Google Drive
[2013/05/22 22:10:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/06/21 17:33:06 | 000,000,024 | ---- | M] () -- C:\Users\Chris\random.dat
[2013/06/21 17:32:53 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/06/21 17:32:53 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/06/21 17:30:04 | 000,000,044 | ---- | M] () -- C:\Users\Chris\jagex_cl_runescape_LIVE.dat
[2013/06/21 17:27:01 | 000,020,304 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/06/21 17:27:01 | 000,020,304 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/06/21 17:24:06 | 000,792,118 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/06/21 17:24:06 | 000,673,088 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/06/21 17:24:06 | 000,129,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/06/21 17:19:57 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/06/21 17:19:57 | 000,000,828 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
[2013/06/21 17:19:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/06/21 17:19:51 | 2108,153,855 | -HS- | M] () -- C:\hiberfil.sys
[2013/06/20 23:11:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/06/20 19:57:27 | 001,836,222 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\Cat.DB
[2013/06/19 22:53:44 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013/06/19 22:53:44 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013/06/19 22:53:20 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2013/06/19 11:41:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
[2013/06/18 22:09:15 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013/06/18 00:53:50 | 000,777,586 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/06/17 17:21:47 | 000,002,489 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2013/06/17 17:21:47 | 000,002,279 | ---- | M] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/06/16 21:55:16 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/06/16 20:11:10 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013/06/15 18:13:38 | 000,000,222 | ---- | M] () -- f:\Users\Chris\Desktop\Unepic.url
[2013/06/15 16:44:28 | 000,173,104 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2013/06/15 16:44:28 | 000,007,440 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2013/06/15 16:44:28 | 000,000,854 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2013/06/15 16:21:56 | 000,003,072 | ---- | M] () -- C:\Windows\SysWow64\Cache.db
[2013/06/15 16:10:33 | 000,001,048 | ---- | M] () -- C:\Users\Public\Desktop\Norton Utilities.lnk
[2013/06/15 13:37:53 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/06/14 22:58:46 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/06/13 21:56:13 | 001,024,000 | ---- | M] () -- f:\Users\Chris\Desktop\PROF_SAVE_body
[2013/06/10 20:33:37 | 000,000,045 | ---- | M] () -- C:\Users\Chris\jagex_cl_runescape_LIVE1.dat
[2013/06/07 20:14:57 | 000,000,790 | ---- | M] () -- C:\Users\Public\Desktop\AutoMe.lnk
[2013/06/07 17:49:05 | 000,362,952 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/06/04 01:12:30 | 000,001,351 | ---- | M] () -- f:\Users\Chris\Documents\AutoHotkey.ahk
[2013/06/01 02:01:49 | 000,000,044 | ---- | M] () -- C:\Users\Chris\jagex_cl_oldschool_LIVE.dat
[2013/05/31 11:50:15 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\NSTx64\7DD04000.00A\isolate.ini
[2013/05/28 21:14:41 | 000,000,202 | ---- | M] () -- f:\Users\Chris\Desktop\Dust An Elysian Tail.url
[2013/05/28 01:06:01 | 000,002,040 | ---- | M] () -- C:\Users\Public\Desktop\FL Studio 11.lnk
[2013/05/26 22:33:43 | 000,002,061 | ---- | M] () -- C:\Users\Public\Desktop\NetBeans IDE 7.3.lnk
[2013/05/24 00:51:07 | 000,010,866 | ---- | M] () -- f:\Users\Chris\Desktop\Shotgun Fire.mp3
[2013/05/24 00:40:05 | 015,862,944 | ---- | M] () -- f:\Users\Chris\Desktop\Level 1.wav
[2013/05/22 22:11:23 | 000,000,973 | ---- | M] () -- f:\Users\Chris\Desktop\GoogleDrive.lnk
[2013/05/22 22:11:23 | 000,000,973 | ---- | M] () -- C:\Users\Chris\Google Drive - Shortcut.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/06/18 22:07:55 | 000,291,088 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013/06/18 22:07:55 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013/06/18 20:44:44 | 000,007,667 | ---- | C] () -- C:\Windows\SysNative\drivers\NSTx64\7DD04000.00A\ccsetx64.cat
[2013/06/18 20:44:44 | 000,000,853 | ---- | C] () -- C:\Windows\SysNative\drivers\NSTx64\7DD04000.00A\ccsetx64.inf
[2013/06/18 20:44:44 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NSTx64\7DD04000.00A\isolate.ini
[2013/06/17 17:21:40 | 001,836,222 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\Cat.DB
[2013/06/17 02:12:45 | 000,007,787 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\symnetv64.cat
[2013/06/17 02:12:45 | 000,007,448 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\cchpx64.cat
[2013/06/17 02:12:45 | 000,007,414 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\srtspx64.cat
[2013/06/17 02:12:45 | 000,007,410 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\srtsp64.cat
[2013/06/17 02:12:45 | 000,007,406 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\symds64.cat
[2013/06/17 02:12:45 | 000,007,402 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\iron.cat
[2013/06/17 02:12:45 | 000,007,368 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\symnet64.cat
[2013/06/17 02:12:45 | 000,003,373 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\symefa.inf
[2013/06/17 02:12:45 | 000,002,793 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\symds.inf
[2013/06/17 02:12:45 | 000,001,838 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\cchpx64.inf
[2013/06/17 02:12:45 | 000,001,473 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\symnetv.inf
[2013/06/17 02:12:45 | 000,001,445 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\symnet.inf
[2013/06/17 02:12:45 | 000,001,437 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\srtsp64.inf
[2013/06/17 02:12:45 | 000,001,421 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\srtspx64.inf
[2013/06/17 02:12:45 | 000,000,771 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\iron.inf
[2013/06/17 02:12:42 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\symefa64.cat
[2013/06/17 02:12:41 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\isolate.ini
[2013/06/16 23:57:18 | 000,002,279 | ---- | C] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/06/16 23:57:18 | 000,002,183 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/06/16 21:55:16 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/06/16 21:55:16 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/06/16 20:05:52 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/06/16 20:05:52 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/06/16 20:05:52 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/06/16 20:05:52 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/06/16 20:05:52 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/06/15 18:13:38 | 000,000,222 | ---- | C] () -- f:\Users\Chris\Desktop\Unepic.url
[2013/06/15 16:44:28 | 000,007,440 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2013/06/15 16:44:28 | 000,002,489 | ---- | C] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2013/06/15 16:44:28 | 000,000,854 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2013/06/15 16:17:45 | 000,003,072 | ---- | C] () -- C:\Windows\SysWow64\Cache.db
[2013/06/15 16:09:02 | 000,001,048 | ---- | C] () -- C:\Users\Public\Desktop\Norton Utilities.lnk
[2013/06/15 13:37:53 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/06/14 22:58:45 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/06/10 20:33:37 | 000,000,045 | ---- | C] () -- C:\Users\Chris\jagex_cl_runescape_LIVE1.dat
[2013/06/07 20:14:57 | 000,000,790 | ---- | C] () -- C:\Users\Public\Desktop\AutoMe.lnk
[2013/06/04 01:12:30 | 000,001,351 | ---- | C] () -- f:\Users\Chris\Documents\AutoHotkey.ahk
[2013/05/28 21:14:41 | 000,000,202 | ---- | C] () -- f:\Users\Chris\Desktop\Dust An Elysian Tail.url
[2013/05/28 01:06:01 | 000,002,040 | ---- | C] () -- C:\Users\Public\Desktop\FL Studio 11.lnk
[2013/05/28 01:05:43 | 000,002,052 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FL Studio 11.lnk
[2013/05/26 22:33:43 | 000,002,061 | ---- | C] () -- C:\Users\Public\Desktop\NetBeans IDE 7.3.lnk
[2013/05/24 00:51:07 | 000,010,866 | ---- | C] () -- f:\Users\Chris\Desktop\Shotgun Fire.mp3
[2013/05/24 00:39:58 | 015,862,944 | ---- | C] () -- f:\Users\Chris\Desktop\Level 1.wav
[2013/05/22 22:11:31 | 000,000,973 | ---- | C] () -- f:\Users\Chris\Desktop\GoogleDrive.lnk
[2013/05/22 22:11:23 | 000,000,973 | ---- | C] () -- C:\Users\Chris\Google Drive - Shortcut.lnk
[2013/05/22 01:14:29 | 000,000,044 | ---- | C] () -- C:\Users\Chris\jagex_cl_oldschool_LIVE.dat
[2013/05/22 00:27:55 | 000,000,044 | ---- | C] () -- C:\Users\Chris\jagex_cl_runescape_LIVE.dat
[2013/05/22 00:27:55 | 000,000,024 | ---- | C] () -- C:\Users\Chris\random.dat
[2013/05/09 21:53:13 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2013/04/25 14:55:30 | 000,021,764 | ---- | C] () -- C:\Users\Chris\AppData\Local\recently-used.xbel
[2013/04/17 13:28:35 | 000,166,912 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2013/04/17 13:28:35 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2013/04/17 13:28:33 | 000,002,177 | ---- | C] () -- C:\Windows\P17EP.ini
[2013/04/17 13:28:33 | 000,001,578 | ---- | C] () -- C:\Windows\P17EPLS.ini
[2013/04/17 13:28:33 | 000,001,489 | ---- | C] () -- C:\Windows\P17EP51.ini
[2013/02/28 19:52:57 | 000,000,093 | ---- | C] () -- C:\Users\Chris\AppData\Local\fusioncache.dat
[2013/02/28 19:51:50 | 000,777,586 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/02/27 13:37:05 | 000,000,641 | ---- | C] () -- C:\Users\Chris\Downloads - Shortcut.lnk
[2013/02/25 20:41:09 | 002,580,552 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012/07/03 06:11:02 | 000,016,384 | ---- | C] () -- C:\Windows\SysWow64\theowl.dll
[2012/02/03 13:00:58 | 000,139,264 | ---- | C] () -- C:\Windows\SysWow64\TCPClient.dll
[2012/02/02 21:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll

========== ZeroAccess Check ==========

[2009/07/14 15:00:09 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 15:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 14:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 11:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 13:24:46 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 11:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/03/19 18:11:47 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\.minecraft
[2013/06/03 23:41:25 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\asoftech
[2013/05/24 00:51:12 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Audacity
[2013/03/12 23:10:42 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Beat Hazard
[2013/05/09 22:00:56 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Best Video Converter
[2013/04/07 16:01:27 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\com.shirogames.evoland
[2013/04/26 02:16:07 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\com.ynab.YNAB4.LiveCaptive
[2013/03/17 22:24:49 | 000,000,000 | -HSD | M] -- C:\Users\Chris\AppData\Roaming\Common
[2013/04/05 08:56:46 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Curse Advertising
[2013/04/06 23:14:17 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\DisplayFusion
[2013/06/13 22:15:17 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Dropbox
[2013/04/18 22:46:20 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Empty Clip Studios
[2013/03/13 21:19:55 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\EuroTalk
[2013/06/06 19:25:36 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\FAHClient
[2013/05/04 21:54:13 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\FEZ
[2013/06/20 21:07:30 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\FlowStone
[2013/03/29 17:17:53 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Hardcore
[2013/05/28 01:05:45 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Image-Line
[2013/06/07 19:45:55 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\kingsoft
[2013/06/18 23:17:13 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Mumble
[2013/05/26 22:39:40 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\NetBeans
[2013/06/07 22:21:07 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Origin
[2013/04/13 12:40:36 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Publish Providers
[2013/04/16 00:04:51 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\raidcall
[2013/05/09 20:53:12 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Sony
[2013/04/17 02:56:36 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Sony Creative Software Inc
[2013/05/06 00:28:46 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\SoundSpectrum
[2013/02/26 19:29:33 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Spearit
[2013/03/31 18:26:23 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Thunderbird
[2013/02/25 20:24:35 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\TuneUp Software
[2013/06/14 22:59:42 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\uTorrent

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 179 bytes -> C:\ProgramData\TEMP:D287FACF

< End of report >
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12975
 
   Posted 6/22/2013 4:07 PM (GMT +3)    Quote: Slow Internet ConnectionAlert an admin about: Slow Internet Connection
I can´s see any infections, I´ll therefore suggest you run the following script, written by:
Arun Kumar
Microsoft MVP
 
 
1.It Cleans up all temp files from C drive
2. Removes all log files from C drive
3. Runs Defrag on C drive - first consolidates the free space and then defrags and then again consolidates free space.
4.Checking System File Integrity
 
 
 
Pasting the below in bold for your reference. You can copy it into Notepad and press CTRL+S. In the filetype, select "all filetypes *.*" and give it a name with .bat extension.
Such as clean.bat
 
 
@ECHO OFF
CLS
C:
CD \

ECHO WARNING: Do not use the X button to close. Press CTRL+C To Abort and press Y to close...

ECHO Removing all temp files from C: drive
Del *.tmp /s /Q
Del *.temp /s /Q

ECHO Removing all log Files from C: drive
Del *.log /s /Q

CLS

REM Defragmenting C: drive
ECHO Defragmenting C drive... Press CTRL+C To Abort and press Y to close...
defrag c: /h /x

REM Checking System File Integrity
ECHO Checking System File Integrity... Press CTRL+C To Abort and press Y to close...
SFC /SCANNOW
Pause
CLS

exit
 
 


 
Reboot when done, and tell if there are any improvements             ?






Please read:  Forum Rules
Click here:   Before-posting-a-log
 
Do not PM me with logfiles. They will be deleted. 

 

Back to Top
 

Steelstring13
New Member


Date Joined Jun 2013
Total Posts : 14
 
   Posted 6/23/2013 4:03 AM (GMT +3)    Quote: Slow Internet ConnectionAlert an admin about: Slow Internet Connection
I followed your instructions above. Any time I use a google search it still takes a very prolonged amount of time to complete a search.
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12975
 
   Posted 6/24/2013 10:03 AM (GMT +3)    Quote: Slow Internet ConnectionAlert an admin about: Slow Internet Connection
Try to reset IE settings, as described here:
http://support.microsoft.com/kb/923737/en-us


Please read:  Forum Rules
Click here:   Before-posting-a-log
 
Do not PM me with logfiles. They will be deleted. 

 

Back to Top
 

Steelstring13
New Member


Date Joined Jun 2013
Total Posts : 14
 
   Posted 6/24/2013 1:10 PM (GMT +3)    Quote: Slow Internet ConnectionAlert an admin about: Slow Internet Connection
I have reset the IE settings and it is still occurring. I use Chrome primarily and whenever I use Google search it slows down. Whenever I play on-line games it oscillates heavily as well.
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12975
 
   Posted 6/25/2013 2:16 AM (GMT +3)    Quote: Slow Internet ConnectionAlert an admin about: Slow Internet Connection
That´s odd. Try deactivate Norton from msconfig, as described here:
http://www.netsquirrel.com/msconfig/


Please read:  Forum Rules
Click here:   Before-posting-a-log
 
Do not PM me with logfiles. They will be deleted. 

 

Back to Top
 

Steelstring13
New Member


Date Joined Jun 2013
Total Posts : 14
 
   Posted 6/25/2013 2:04 PM (GMT +3)    Quote: Slow Internet ConnectionAlert an admin about: Slow Internet Connection
I have deactivated Norton entirely before and there has not been a change. It doesn't seem to be my internet provider, as my mobile phone connects to my wireless and it works fine.
I'm starting to think the only thing I can do is a refresh install of OS?
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12975
 
   Posted 6/25/2013 3:16 PM (GMT +3)    Quote: Slow Internet ConnectionAlert an admin about: Slow Internet Connection
Yes, it could end with an reinstall of windows, before you do I´ll suggest you download and run Farbar service scanner:
 
 
 
Put a checkmark next to:
 
Internet Services
Windows Firewall
Other services
Click Scan.
it will produce a log log (FSS.txt). Please post it in next reply..............


Please read:  Forum Rules
Click here:   Before-posting-a-log
 
Do not PM me with logfiles. They will be deleted. 

 

Back to Top
 

Steelstring13
New Member


Date Joined Jun 2013
Total Posts : 14
 
   Posted 6/25/2013 3:45 PM (GMT +3)    Quote: Slow Internet ConnectionAlert an admin about: Slow Internet Connection
I hope I don't have to :)

Farbar Service Scanner Version: 16-06-2013
Ran by Chris (administrator) on 25-06-2013 at 22:45:12
Running from "F:\Users\Chris\Downloads"
Windows 7 Ultimate N Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2013-06-12 20:28] - [2013-05-08 16:39] - 1910632 ____A (Microsoft Corporation) 9849EA3843A2ADBDD1497E97A85D8CAE

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12975
 
   Posted 6/26/2013 11:14 AM (GMT +3)    Quote: Slow Internet ConnectionAlert an admin about: Slow Internet Connection
It looks fine to me, but run the following scanner that is good at finding hidden infections.
 
 
 
For 32 bit Windows:
 
Save it to Desktop

For 64 bit Windows:
 
Save it to Desktop
 
When viable Recovery Scan Tool is started, click Scan.
Frst will let you know when the scan is finished, and has written FRST.txt to file, then close this message, then type the following in the search box:
services.exe
Press the search button
When the search is complete, the search.txt also written to your USB
Type exit and restart the computer normally

Copy and paste both logs in your reply. (FRST.txt and Search.txt)


Please read:  Forum Rules
Click here:   Before-posting-a-log
 
Do not PM me with logfiles. They will be deleted. 

 

Back to Top
 

Steelstring13
New Member


Date Joined Jun 2013
Total Posts : 14
 
   Posted 6/26/2013 3:57 PM (GMT +3)    Quote: Slow Internet ConnectionAlert an admin about: Slow Internet Connection
Alright cool, here they are:



Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-06-2013 02
Ran by Chris (administrator) on 26-06-2013 22:54:44
Running from F:\Users\Chris\Downloads
Windows 7 Ultimate N Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Intel Corporation) C:\Windows\system32\IProsetMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookx86.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [13263072 2012-12-13] (Realtek Semiconductor)
HKCU\...\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart [19676256 2013-06-06] (Google)
HKCU\...\Run: [DisplayFusion] "C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe" [645296 2009-12-09] (Binary Fortress Software)
HKLM-x32\...\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [133400 2012-02-07] (Intel Corporation)
HKLM-x32\...\Run: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry [x]
HKLM-x32\...\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [IntelSBA] C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\SBALaunchDelay.exe "C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe -minimized" 60 [4243168 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [291608 2012-01-27] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKU\UpdatusUser\...\Run: [DisplayFusion] "C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe" [645296 2009-12-09] (Binary Fortress Software)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\2z1f4210.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - F:\Program Files (x86)\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: No Name - C:\Users\Chris\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.facebook.com/", "https://www.google.com.au/"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U21) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Uplay PC) - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
CHR Plugin: (VLC Web Plugin) - F:\Program Files (x86)\VLC\npvlc.dll (VideoLAN)
CHR Extension: (Theme Creator) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpelnjfckgfiplcikojhomllgombffc\2.5_0
CHR Extension: (Google Docs) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Slinky Elegant) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmanlajnpdncmhfkiccmbgeocgbncfln\19.6_0
CHR Extension: (Google Search) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (KB SSL Enforcer) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\flcpelgcagfhfoegekianiofphddckof\2.0.0_0
CHR Extension: (AdBlock) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.2_0
CHR Extension: (Reload All Tabs) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpkdnfkjhdkcpimadpdcgapffceacjem\1.2.12_0
CHR Extension: (ScriptSafe) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf\1.0.6.13_0
CHR Extension: (Gmail) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-07] ()
R2 Intel(R) Small Business Advantage; C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [49376 2012-02-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-07] (Intel Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-06-25] ()
S2 Intel(R) Capability Licensing Service Interface; "C:\Program Files\Intel\iCLS Client\HeciServer.exe" [x]

==================== Drivers (Whitelisted) ====================

S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
S2 X5XSEx_Pr143; \??\C:\Program Files (x86)\Free Ride Games\X5XSEx_Pr143.Sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-06-26 22:54 - 2013-06-26 22:54 - 00000000 ____D C:\FRST
2013-06-25 20:58 - 2013-06-25 21:03 - 00000000 ____D C:\ProgramData\SecTaskMan
2013-06-25 20:58 - 2013-06-25 20:58 - 00000000 ____D C:\Program Files (x86)\Security Task Manager
2013-06-25 00:04 - 2013-06-25 21:05 - 00291088 ____A C:\Windows\SysWOW64\PnkBstrB.exe
2013-06-25 00:04 - 2013-06-25 00:18 - 00076888 ____A C:\Windows\SysWOW64\PnkBstrA.exe
2013-06-24 23:54 - 2013-06-24 23:56 - 00000000 ____D C:\Users\Chris\AppData\Local\Origin
2013-06-24 23:46 - 2013-06-25 22:57 - 00000000 ____D C:\Program Files (x86)\Origin
2013-06-24 23:46 - 2013-06-24 23:46 - 00000979 ____A C:\Users\Public\Desktop\Origin.lnk
2013-06-24 22:38 - 2013-06-24 22:38 - 00000000 ____D C:\Users\Default\AppData\LocalGoogle
2013-06-24 22:38 - 2013-06-24 22:38 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2013-06-24 22:38 - 2013-06-24 22:38 - 00000000 ____D C:\Users\Default User\AppData\LocalGoogle
2013-06-24 22:38 - 2013-06-24 22:38 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2013-06-24 19:07 - 2013-06-24 19:07 - 00001407 ____A C:\Users\Chris\AppData\Local\recently-used.xbel
2013-06-24 19:03 - 2013-06-24 19:03 - 00000000 ____D C:\Users\Chris\AppData\Local\gtk-2.0
2013-06-24 18:58 - 2013-06-24 19:00 - 00000000 ____D C:\Users\Chris\AppData\Roaming\XamarinStudio-4.0
2013-06-24 18:58 - 2013-06-24 18:58 - 00000000 ____D C:\Users\Chris\AppData\Roaming\stetic
2013-06-24 18:58 - 2013-06-24 18:58 - 00000000 ____D C:\Users\Chris\AppData\Local\XamarinStudio-4.0
2013-06-24 18:58 - 2013-06-24 18:58 - 00000000 ____D C:\ProgramData\Mono for Android
2013-06-24 18:53 - 2013-06-24 18:53 - 00000000 ____D C:\ProgramData\Monodoc
2013-06-24 18:53 - 2013-06-24 18:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0
2013-06-24 18:49 - 2013-06-24 18:49 - 00000000 ____D C:\Program Files (x86)\Xamarin Studio
2013-06-24 18:49 - 2013-06-24 18:49 - 00000000 ____D C:\Program Files (x86)\MonoDevelop
2013-06-24 18:46 - 2013-06-24 19:00 - 00000000 ____D C:\Users\Chris\.android
2013-06-24 18:46 - 2013-06-24 18:46 - 00000000 ____D C:\Program Files (x86)\GtkSharp
2013-06-24 18:44 - 2013-06-24 18:44 - 00000000 ____D C:\Program Files\Android
2013-06-24 18:42 - 2013-06-24 18:42 - 00000000 ____D C:\Users\Chris\AppData\Local\Android
2013-06-24 17:50 - 2013-06-24 19:32 - 00000000 ____D C:\Users\Chris\AppData\Local\Xamarin
2013-06-24 17:49 - 2013-06-26 11:54 - 00471472 ____A C:\Windows\PFRO.log
2013-06-24 17:15 - 2013-06-24 18:58 - 00000000 ____D C:\ProgramData\Package Cache
2013-06-23 15:27 - 2013-06-23 15:27 - 00000000 ____D C:\Windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
2013-06-23 15:27 - 2013-06-23 15:27 - 00000000 ____D C:\Users\Chris\AppData\Local\2K Games
2013-06-23 15:26 - 2013-06-26 00:08 - 00035026 ____A C:\Windows\DirectX.log
2013-06-23 13:06 - 2013-06-23 13:06 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-23 13:06 - 2013-06-23 13:06 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-23 13:06 - 2013-06-23 13:06 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-23 13:06 - 2013-06-23 13:06 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-23 11:01 - 2013-06-26 22:24 - 00001904 ____A C:\Windows\setupact.log
2013-06-23 11:01 - 2013-06-23 11:01 - 00000000 ____A C:\Windows\setuperr.log
2013-06-23 11:01 - 2013-06-23 11:01 - 00000000 ____A C:\Users\Chris\agent.log
2013-06-18 22:31 - 2013-06-18 22:31 - 00000000 ____D C:\Users\Chris\AppData\Local\ESN Sonar
2013-06-16 23:57 - 2013-06-21 17:32 - 00002183 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2013-06-16 21:56 - 2013-06-16 21:56 - 00000000 ____D C:\Users\Chris\AppData\Local\Macromedia
2013-06-16 21:55 - 2013-06-16 21:55 - 00001147 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-06-16 21:55 - 2013-06-16 21:55 - 00000000 ____D C:\Users\Chris\AppData\Local\Mozilla
2013-06-16 20:12 - 2013-06-16 20:12 - 00032620 ____A C:\ComboFix.txt
2013-06-16 20:05 - 2013-06-16 20:12 - 00000000 ___AD C:\Qoobox
2013-06-16 20:05 - 2013-06-16 20:11 - 00000000 ____D C:\Windows\erdnt
2013-06-16 20:05 - 2011-06-26 16:45 - 00256000 ____A C:\Windows\PEV.exe
2013-06-16 20:05 - 2010-11-08 03:20 - 00208896 ____A C:\Windows\MBR.exe
2013-06-16 20:05 - 2009-04-20 14:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2013-06-16 20:05 - 2000-08-31 10:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2013-06-16 20:05 - 2000-08-31 10:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2013-06-16 20:05 - 2000-08-31 10:00 - 00098816 ____A C:\Windows\sed.exe
2013-06-16 20:05 - 2000-08-31 10:00 - 00080412 ____A C:\Windows\grep.exe
2013-06-16 20:05 - 2000-08-31 10:00 - 00068096 ____A C:\Windows\zip.exe
2013-06-16 19:18 - 2013-06-16 19:18 - 00000984 ____A C:\Users\Chris\Desktop\JRT.txt
2013-06-16 19:15 - 2013-06-16 19:15 - 00000000 ____D C:\Windows\ERUNT
2013-06-16 19:15 - 2013-06-16 19:15 - 00000000 ____D C:\JRT
2013-06-16 19:13 - 2013-06-16 19:13 - 00003258 ____A C:\AdwCleaner[S1].txt
2013-06-16 01:43 - 2013-06-09 00:08 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-16 01:43 - 2013-06-09 00:07 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-16 01:43 - 2013-06-09 00:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-16 01:43 - 2013-06-09 00:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-16 01:43 - 2013-06-09 00:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-16 01:43 - 2013-06-08 22:28 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-16 01:43 - 2013-06-08 21:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-16 01:43 - 2013-06-08 21:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-16 01:43 - 2013-06-08 21:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-16 01:43 - 2013-06-08 21:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-16 01:43 - 2013-06-08 21:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-16 01:43 - 2013-06-08 21:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-15 16:20 - 2013-06-15 16:20 - 00000000 ____D C:\Windows\pss
2013-06-15 16:17 - 2013-06-15 16:21 - 00003072 ____A C:\Windows\SysWOW64\Cache.db
2013-06-15 16:15 - 2013-06-23 10:58 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Norton Utilities 14
2013-06-15 16:08 - 2013-06-25 23:57 - 00000000 ____D C:\Program Files (x86)\Norton Utilities 14
2013-06-15 13:37 - 2013-06-15 13:37 - 00001109 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-06-15 13:37 - 2013-06-15 13:37 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-15 13:37 - 2013-04-04 14:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-06-14 22:58 - 2013-06-14 22:58 - 00000822 ____A C:\Users\Public\Desktop\CCleaner.lnk
2013-06-14 22:58 - 2013-06-14 22:58 - 00000000 ____D C:\Program Files\CCleaner
2013-06-14 20:12 - 2013-06-23 21:26 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2013-06-13 00:42 - 2013-05-17 11:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-13 00:42 - 2013-05-17 11:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-13 00:42 - 2013-05-17 11:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-13 00:42 - 2013-05-17 11:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-13 00:42 - 2013-05-17 11:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-13 00:42 - 2013-05-17 11:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-13 00:42 - 2013-05-17 11:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-13 00:42 - 2013-05-17 11:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-13 00:42 - 2013-05-17 10:59 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-13 00:42 - 2013-05-17 10:59 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-13 00:42 - 2013-05-17 10:58 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-13 00:42 - 2013-05-17 10:58 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-13 00:42 - 2013-05-17 10:58 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-13 00:42 - 2013-05-17 10:58 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-13 00:42 - 2013-05-17 10:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-13 00:42 - 2013-05-17 10:58 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-13 00:42 - 2013-05-17 10:58 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-13 00:42 - 2013-05-14 22:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-13 00:42 - 2013-05-14 18:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-12 20:28 - 2013-05-08 16:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-12 20:23 - 2013-05-10 15:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-12 20:23 - 2013-05-10 13:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-12 20:23 - 2013-04-26 15:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-12 20:23 - 2013-04-26 14:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-12 20:23 - 2013-04-17 17:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-12 20:23 - 2013-04-17 16:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-12 20:22 - 2013-05-13 15:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-12 20:22 - 2013-05-13 15:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-12 20:22 - 2013-05-13 15:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-12 20:22 - 2013-05-13 15:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-12 20:22 - 2013-05-13 14:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-12 20:22 - 2013-05-13 14:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-12 20:22 - 2013-05-13 14:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-12 20:22 - 2013-05-13 13:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-12 20:22 - 2013-05-13 13:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-12 20:22 - 2013-05-13 13:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-12 20:22 - 2013-04-26 09:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-12 20:22 - 2013-04-01 08:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-10 20:45 - 2013-06-10 20:45 - 00000000 ____D C:\Users\Chris\AppData\Local\CRE
2013-06-10 20:33 - 2013-06-10 22:20 - 00000000 ____D C:\Users\Chris\jagexcache1
2013-06-10 20:33 - 2013-06-10 20:33 - 00000045 ____A C:\Users\Chris\jagex_cl_runescape_LIVE1.dat
2013-06-07 19:46 - 2013-06-07 19:46 - 00000000 ____D C:\Users\Chris\AppData\Local\KSafe
2013-06-07 19:45 - 2013-06-14 22:35 - 00000000 ____D C:\Program Files (x86)\Kingsoft
2013-06-07 19:45 - 2013-06-07 19:47 - 00000000 ____D C:\ProgramData\Kingsoft
2013-06-07 19:45 - 2013-06-07 19:45 - 00000000 ____D C:\Users\Chris\AppData\Roaming\kingsoft
2013-06-07 19:39 - 2013-06-07 19:39 - 00879112 ____A (shockingsoft.com ) C:\Users\Chris\Downloads\AutoClickerShocker-Setup.exe
2013-06-07 18:47 - 2013-06-07 18:47 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Malwarebytes
2013-06-07 18:47 - 2013-06-07 18:47 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-03 23:41 - 2013-06-03 23:41 - 00000000 ____D C:\Users\Chris\AppData\Roaming\asoftech
2013-06-03 23:40 - 2013-06-07 19:43 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2013-06-03 23:40 - 2013-06-03 23:40 - 02823016 ____A (Asoftech, Inc ) C:\Users\Chris\Downloads\autome.exe
2013-06-03 23:39 - 2013-06-03 23:39 - 00000000 ____D C:\Windows\Sun
2013-06-02 23:48 - 2013-06-03 00:02 - 00000000 ____D C:\Program Files (x86)\Project64 2.1
2013-05-28 01:06 - 2013-05-28 01:06 - 00002040 ____A C:\Users\Public\Desktop\FL Studio 11.lnk
2013-05-28 01:05 - 2013-06-26 22:31 - 00000000 ____D C:\Users\Chris\AppData\Roaming\FlowStone
2013-05-28 01:05 - 2013-05-28 01:05 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Image-Line
2013-05-28 01:05 - 2013-05-28 01:05 - 00000000 ____D C:\Program Files\Image-Line
2013-05-28 01:05 - 2013-05-28 01:05 - 00000000 ____D C:\Program Files (x86)\DSPRobotics
2013-05-28 01:05 - 2009-09-15 19:14 - 01554944 ____A (HMS http://hp.vector.co.jp/authors/VA012897/) C:\Windows\SysWOW64\vorbis.acm
2013-05-27 21:51 - 1999-12-17 10:13 - 00086016 ____A (MindVision Software) C:\Windows\unvise32.exe
2013-05-27 17:59 - 2013-05-27 17:59 - 00000000 ____D C:\Users\Chris\Documents\NeocoreGames

==================== One Month Modified Files and Folders =======

2013-06-26 22:54 - 2013-06-26 22:54 - 00000000 ____D C:\FRST
2013-06-26 22:31 - 2013-05-28 01:05 - 00000000 ____D C:\Users\Chris\AppData\Roaming\FlowStone
2013-06-26 22:29 - 2013-02-25 17:18 - 00000896 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-26 22:25 - 2009-07-14 15:12 - 00793720 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-26 22:24 - 2013-06-23 11:01 - 00001904 ____A C:\Windows\setupact.log
2013-06-26 22:22 - 2009-07-14 14:50 - 00020304 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-26 22:22 - 2009-07-14 14:50 - 00020304 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-26 22:19 - 2013-02-25 10:50 - 01544424 ____A C:\Windows\WindowsUpdate.log
2013-06-26 22:15 - 2013-05-22 22:11 - 00000000 ___SD C:\Users\Chris\Google Drive
2013-06-26 22:15 - 2013-02-25 17:18 - 00000892 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-26 22:15 - 2013-02-25 10:57 - 00000828 ____A C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2013-06-26 22:15 - 2013-02-25 10:55 - 00000000 ____D C:\ProgramData\NVIDIA
2013-06-26 22:15 - 2009-07-14 15:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-26 16:11 - 2013-03-01 12:21 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-26 11:54 - 2013-06-24 17:49 - 00471472 ____A C:\Windows\PFRO.log
2013-06-26 11:54 - 2013-02-28 19:39 - 00000000 ____D C:\ProgramData\Norton
2013-06-26 00:08 - 2013-06-23 15:26 - 00035026 ____A C:\Windows\DirectX.log
2013-06-25 23:57 - 2013-06-15 16:08 - 00000000 ____D C:\Program Files (x86)\Norton Utilities 14
2013-06-25 23:08 - 2013-05-22 00:27 - 00000024 ____A C:\Users\Chris\random.dat
2013-06-25 23:04 - 2013-05-22 00:27 - 00000044 ____A C:\Users\Chris\jagex_cl_runescape_LIVE.dat
2013-06-25 22:57 - 2013-06-24 23:46 - 00000000 ____D C:\Program Files (x86)\Origin
2013-06-25 22:37 - 2013-02-25 20:30 - 00000000 ____D C:\Users\Chris\AppData\Roaming\vlc
2013-06-25 21:05 - 2013-06-25 00:04 - 00291088 ____A C:\Windows\SysWOW64\PnkBstrB.exe
2013-06-25 21:05 - 2013-02-25 20:43 - 00291088 ____A C:\Windows\SysWOW64\PnkBstrB.xtr
2013-06-25 21:03 - 2013-06-25 20:58 - 00000000 ____D C:\ProgramData\SecTaskMan
2013-06-25 21:03 - 2013-02-25 20:41 - 00291088 ____A C:\Windows\SysWOW64\PnkBstrB.ex0
2013-06-25 20:58 - 2013-06-25 20:58 - 00000000 ____D C:\Program Files (x86)\Security Task Manager
2013-06-25 20:52 - 2009-07-14 13:20 - 00000000 ____D C:\Windows\System32\NDF
2013-06-25 00:18 - 2013-06-25 00:04 - 00076888 ____A C:\Windows\SysWOW64\PnkBstrA.exe
2013-06-24 23:57 - 2013-02-28 22:33 - 00000000 ____D C:\Users\Chris\AppData\Local\CrashDumps
2013-06-24 23:56 - 2013-06-24 23:54 - 00000000 ____D C:\Users\Chris\AppData\Local\Origin
2013-06-24 23:54 - 2013-02-25 17:34 - 00000000 ____D C:\ProgramData\Origin
2013-06-24 23:46 - 2013-06-24 23:46 - 00000979 ____A C:\Users\Public\Desktop\Origin.lnk
2013-06-24 23:43 - 2013-04-13 12:37 - 00000000 ____D C:\ProgramData\Sony
2013-06-24 23:43 - 2013-03-03 20:11 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-06-24 23:43 - 2013-02-25 17:18 - 00000000 ____D C:\Users\Chris\AppData\Local\Deployment
2013-06-24 23:40 - 2013-06-23 15:27 - 00000000 ____D C:\Users\Chris\AppData\Local\2K Games
2013-06-24 22:38 - 2013-06-24 22:38 - 00000000 ____D C:\Users\Default\AppData\LocalGoogle
2013-06-24 22:38 - 2013-06-24 22:38 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2013-06-24 22:38 - 2013-06-24 22:38 - 00000000 ____D C:\Users\Default User\AppData\LocalGoogle
2013-06-24 22:38 - 2013-06-24 22:38 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2013-06-24 20:13 - 2013-02-25 22:26 - 00000000 ____D C:\Users\Chris\AppData\Roaming\uTorrent
2013-06-24 19:32 - 2013-06-24 17:50 - 00000000 ____D C:\Users\Chris\AppData\Local\Xamarin
2013-06-24 19:07 - 2013-06-24 19:07 - 00001407 ____A C:\Users\Chris\AppData\Local\recently-used.xbel
2013-06-24 19:03 - 2013-06-24 19:03 - 00000000 ____D C:\Users\Chris\AppData\Local\gtk-2.0
2013-06-24 19:00 - 2013-06-24 18:58 - 00000000 ____D C:\Users\Chris\AppData\Roaming\XamarinStudio-4.0
2013-06-24 19:00 - 2013-06-24 18:46 - 00000000 ____D C:\Users\Chris\.android
2013-06-24 18:58 - 2013-06-24 18:58 - 00000000 ____D C:\Users\Chris\AppData\Roaming\stetic
2013-06-24 18:58 - 2013-06-24 18:58 - 00000000 ____D C:\Users\Chris\AppData\Local\XamarinStudio-4.0
2013-06-24 18:58 - 2013-06-24 18:58 - 00000000 ____D C:\ProgramData\Mono for Android
2013-06-24 18:58 - 2013-06-24 17:15 - 00000000 ____D C:\ProgramData\Package Cache
2013-06-24 18:53 - 2013-06-24 18:53 - 00000000 ____D C:\ProgramData\Monodoc
2013-06-24 18:53 - 2013-06-24 18:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0
2013-06-24 18:53 - 2009-07-14 15:38 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-06-24 18:49 - 2013-06-24 18:49 - 00000000 ____D C:\Program Files (x86)\Xamarin Studio
2013-06-24 18:49 - 2013-06-24 18:49 - 00000000 ____D C:\Program Files (x86)\MonoDevelop
2013-06-24 18:46 - 2013-06-24 18:46 - 00000000 ____D C:\Program Files (x86)\GtkSharp
2013-06-24 18:46 - 2013-02-25 10:51 - 00000000 ____D C:\users\Chris
2013-06-24 18:44 - 2013-06-24 18:44 - 00000000 ____D C:\Program Files\Android
2013-06-24 18:42 - 2013-06-24 18:42 - 00000000 ____D C:\Users\Chris\AppData\Local\Android
2013-06-24 17:53 - 2013-03-19 18:29 - 00000000 ____D C:\Program Files (x86)\Java
2013-06-24 17:32 - 2013-02-28 19:51 - 00777586 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2013-06-24 00:03 - 2013-03-29 23:12 - 00000000 ____D C:\Users\Chris\.gimp-2.8
2013-06-23 21:26 - 2013-06-14 20:12 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2013-06-23 15:27 - 2013-06-23 15:27 - 00000000 ____D C:\Windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
2013-06-23 13:06 - 2013-06-23 13:06 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-23 13:06 - 2013-06-23 13:06 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-23 13:06 - 2013-06-23 13:06 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-23 13:06 - 2013-06-23 13:06 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-23 13:06 - 2013-02-25 17:48 - 00867240 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-06-23 13:06 - 2013-02-25 17:48 - 00789416 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-06-23 11:41 - 2013-02-25 10:57 - 00000830 ____A C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2013-06-23 11:01 - 2013-06-23 11:01 - 00000000 ____A C:\Windows\setuperr.log
2013-06-23 11:01 - 2013-06-23 11:01 - 00000000 ____A C:\Users\Chris\agent.log
2013-06-23 10:58 - 2013-06-15 16:15 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Norton Utilities 14
2013-06-23 10:58 - 2013-05-09 21:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-23 10:58 - 2013-04-24 16:40 - 00000000 ____D C:\Users\Chris\AppData\Local\Warframe
2013-06-23 10:58 - 2013-04-13 12:31 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Sony
2013-06-23 10:58 - 2013-03-25 16:40 - 00000000 ____D C:\Program Files (x86)\VirtualDJ
2013-06-23 10:58 - 2013-03-19 00:12 - 00000000 ____D C:\Users\Chris\AppData\Roaming\.minecraft
2013-06-23 10:58 - 2013-02-26 02:37 - 00000000 ____D C:\Windows\Panther
2013-06-23 10:58 - 2013-02-25 10:53 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-06-23 10:58 - 2013-02-25 10:51 - 00000000 ____D C:\TempEI4
2013-06-23 10:58 - 2009-07-14 13:20 - 00000000 ____D C:\Windows\System32\Msdtc
2013-06-21 17:32 - 2013-06-16 23:57 - 00002183 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2013-06-18 23:17 - 2013-03-30 00:37 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Mumble
2013-06-18 22:31 - 2013-06-18 22:31 - 00000000 ____D C:\Users\Chris\AppData\Local\ESN Sonar
2013-06-17 17:30 - 2013-02-25 18:08 - 00000000 ____D C:\Users\Chris\AppData\Local\PunkBuster
2013-06-16 23:57 - 2013-02-25 17:18 - 00000000 ____D C:\Users\Chris\AppData\Local\Google
2013-06-16 23:57 - 2013-02-25 17:18 - 00000000 ____D C:\Program Files (x86)\Google
2013-06-16 22:29 - 2013-03-31 18:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-06-16 21:56 - 2013-06-16 21:56 - 00000000 ____D C:\Users\Chris\AppData\Local\Macromedia
2013-06-16 21:55 - 2013-06-16 21:55 - 00001147 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-06-16 21:55 - 2013-06-16 21:55 - 00000000 ____D C:\Users\Chris\AppData\Local\Mozilla
2013-06-16 21:55 - 2013-03-31 18:26 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Mozilla
2013-06-16 20:13 - 2013-02-25 13:13 - 00000000 ____D C:\Users\Chris\AppData\Local\Apps\2.0
2013-06-16 20:12 - 2013-06-16 20:12 - 00032620 ____A C:\ComboFix.txt
2013-06-16 20:12 - 2013-06-16 20:05 - 00000000 ___AD C:\Qoobox
2013-06-16 20:11 - 2013-06-16 20:05 - 00000000 ____D C:\Windows\erdnt
2013-06-16 20:11 - 2009-07-14 12:34 - 00000215 ____A C:\Windows\system.ini
2013-06-16 20:02 - 2013-02-27 12:17 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Winamp
2013-06-16 19:18 - 2013-06-16 19:18 - 00000984 ____A C:\Users\Chris\Desktop\JRT.txt
2013-06-16 19:15 - 2013-06-16 19:15 - 00000000 ____D C:\Windows\ERUNT
2013-06-16 19:15 - 2013-06-16 19:15 - 00000000 ____D C:\JRT
2013-06-16 19:13 - 2013-06-16 19:13 - 00003258 ____A C:\AdwCleaner[S1].txt
2013-06-15 17:11 - 2013-02-25 10:51 - 00000000 ____D C:\Users\Chris\AppData\Local\VirtualStore
2013-06-15 16:21 - 2013-06-15 16:17 - 00003072 ____A C:\Windows\SysWOW64\Cache.db
2013-06-15 16:20 - 2013-06-15 16:20 - 00000000 ____D C:\Windows\pss
2013-06-15 13:37 - 2013-06-15 13:37 - 00001109 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-06-15 13:37 - 2013-06-15 13:37 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-14 22:58 - 2013-06-14 22:58 - 00000822 ____A C:\Users\Public\Desktop\CCleaner.lnk
2013-06-14 22:58 - 2013-06-14 22:58 - 00000000 ____D C:\Program Files\CCleaner
2013-06-14 22:35 - 2013-06-07 19:45 - 00000000 ____D C:\Program Files (x86)\Kingsoft
2013-06-13 22:17 - 2013-03-31 18:26 - 00000000 ____D C:\Users\Chris\AppData\Local\Thunderbird
2013-06-13 22:17 - 2013-03-29 14:10 - 00000000 ____D C:\Program Files (x86)\VstPlugins
2013-06-13 22:15 - 2013-03-31 18:21 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Dropbox
2013-06-13 21:02 - 2013-02-25 11:33 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-12 11:12 - 2013-03-01 12:21 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-12 11:12 - 2013-03-01 12:21 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-10 22:20 - 2013-06-10 20:33 - 00000000 ____D C:\Users\Chris\jagexcache1
2013-06-10 20:45 - 2013-06-10 20:45 - 00000000 ____D C:\Users\Chris\AppData\Local\CRE
2013-06-10 20:33 - 2013-06-10 20:33 - 00000045 ____A C:\Users\Chris\jagex_cl_runescape_LIVE1.dat
2013-06-10 12:41 - 2013-05-22 00:27 - 00000000 ____D C:\Users\Chris\jagexcache
2013-06-09 00:08 - 2013-06-16 01:43 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-09 00:07 - 2013-06-16 01:43 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-09 00:06 - 2013-06-16 01:43 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-09 00:06 - 2013-06-16 01:43 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-09 00:06 - 2013-06-16 01:43 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-08 22:28 - 2013-06-16 01:43 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-08 21:42 - 2013-06-16 01:43 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-08 21:40 - 2013-06-16 01:43 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-08 21:40 - 2013-06-16 01:43 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-08 21:40 - 2013-06-16 01:43 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-08 21:40 - 2013-06-16 01:43 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-08 21:13 - 2013-06-16 01:43 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-07 22:21 - 2013-02-25 17:36 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Origin
2013-06-07 20:52 - 2013-04-17 13:28 - 00000000 ____D C:\Program Files (x86)\Creative
2013-06-07 20:38 - 2013-04-16 00:04 - 00000000 ____D C:\Program Files (x86)\RaidCall
2013-06-07 19:49 - 2013-04-28 21:32 - 00000000 ____D C:\iOrgSoft AVCHD Video Converter OutPut
2013-06-07 19:49 - 2013-04-28 21:30 - 00000000 ____D C:\Program Files (x86)\iOrgSoft
2013-06-07 19:47 - 2013-06-07 19:45 - 00000000 ____D C:\ProgramData\Kingsoft
2013-06-07 19:46 - 2013-06-07 19:46 - 00000000 ____D C:\Users\Chris\AppData\Local\KSafe
2013-06-07 19:46 - 2013-02-28 19:04 - 00000000 ___RD C:\MSOCache
2013-06-07 19:45 - 2013-06-07 19:45 - 00000000 ____D C:\Users\Chris\AppData\Roaming\kingsoft
2013-06-07 19:43 - 2013-06-03 23:40 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2013-06-07 19:39 - 2013-06-07 19:39 - 00879112 ____A (shockingsoft.com ) C:\Users\Chris\Downloads\AutoClickerShocker-Setup.exe
2013-06-07 18:50 - 2013-05-06 17:43 - 00000000 ____D C:\ProgramData\Freemake
2013-06-07 18:50 - 2013-05-06 17:43 - 00000000 ____D C:\Program Files (x86)\Freemake
2013-06-07 18:47 - 2013-06-07 18:47 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Malwarebytes
2013-06-07 18:47 - 2013-06-07 18:47 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-07 18:37 - 2011-04-12 17:43 - 00000000 ____D C:\Windows\ShellNew
2013-06-07 17:49 - 2009-07-14 14:50 - 00362952 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-07 00:43 - 2013-02-25 10:57 - 00093936 ____A C:\Users\Chris\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-06 19:25 - 2013-05-18 17:28 - 00000000 ____D C:\Users\Chris\AppData\Roaming\FAHClient
2013-06-06 19:25 - 2013-03-31 18:22 - 00000000 ___RD C:\Users\Chris\Dropbox
2013-06-03 23:41 - 2013-06-03 23:41 - 00000000 ____D C:\Users\Chris\AppData\Roaming\asoftech
2013-06-03 23:40 - 2013-06-03 23:40 - 02823016 ____A (Asoftech, Inc ) C:\Users\Chris\Downloads\autome.exe
2013-06-03 23:39 - 2013-06-03 23:39 - 00000000 ____D C:\Windows\Sun
2013-06-03 00:02 - 2013-06-02 23:48 - 00000000 ____D C:\Program Files (x86)\Project64 2.1
2013-06-01 02:01 - 2013-05-22 01:14 - 00000044 ____A C:\Users\Chris\jagex_cl_oldschool_LIVE.dat
2013-05-28 01:06 - 2013-05-28 01:06 - 00002040 ____A C:\Users\Public\Desktop\FL Studio 11.lnk
2013-05-28 01:05 - 2013-05-28 01:05 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Image-Line
2013-05-28 01:05 - 2013-05-28 01:05 - 00000000 ____D C:\Program Files\Image-Line
2013-05-28 01:05 - 2013-05-28 01:05 - 00000000 ____D C:\Program Files (x86)\DSPRobotics
2013-05-28 01:04 - 2013-03-29 14:09 - 00000000 ____D C:\Program Files (x86)\Image-Line
2013-05-27 17:59 - 2013-05-27 17:59 - 00000000 ____D C:\Users\Chris\Documents\NeocoreGames

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-07 02:01

==================== End Of Log ============================


Farbar Recovery Scan Tool (x64) Version: 25-06-2013 02
Ran by Chris at 2013-06-26 22:55:54
Running from F:\Users\Chris\Downloads
Boot Mode: Normal

================== Search: "services.exe" ===================

C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
[2009-07-14 09:19] - [2009-07-14 11:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB

C:\Windows\System32\services.exe
[2009-07-14 09:19] - [2009-07-14 11:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB

C:\Windows\erdnt\cache64\services.exe
[2013-06-16 20:11] - [2009-07-14 11:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB

====== End Of Search ======
Back to Top
 
New Topic Post reply to : Slow Internet Connection Printable version of : Slow Internet Connection
29 posts in this thread.
Viewing Page :
 1  2 
 
Forum Information
Currently it is Tuesday, September 16, 2014 8:31 PM (GMT +3)
There are a total of 60,601 posts in 13,318 threads.
In the last 3 days there were 2 new threads and 6 reply posts. View Active Threads
Who's Online
This forum has 36360 registered members. Please welcome our newest member, LovelyOne.
3 Guest(s), 0 Registered Member(s) are currently online.  Details
5 Latest Threads
Kitchen Cheap Cheshire (0)9/16/2014 3:44:38 PM (LovelyOne)
Unable to access Hotmail or other email providers (0)9/16/2014 2:20:27 PM (Robert Mateescu)
Bullguard 2014 Firewall and high DPC latency (19)9/16/2014 5:21:49 AM (klimek69)
Slow Performance Since Installing Bullguard (3)9/15/2014 12:41:35 PM (Robert Mateescu)