Slow Internet Connection

Posted 6/15/2013 7:32 AM
#95790
User avatar

Steelstring13 Valued member

Date Joined Nov 2016
Total Posts: 14
Hello, <br/> <br/>I have recently had quite a few issues with my internet lately. At first I thought it was my Internet Provider, but after using a few other devices (phones, Ipads) and seeing that they can easily connect through our router to browse I realized it must be something on my actual PC. I have run scans with Norton as well as CCleaner, MalwareBytes and only picked up browser cookies for deletion. I think I may have some kind of virus or malware on my computer but am really unsure. <br/> <br/>I can browse most sites with no slowing down issues or anything. Though when I use a google search or connect to ANY online game my computer's connection speed chugs so slowly. <br/> <br/>I have used these Bullguard forums in the past (few years ago) and you guys fixed my problem so professionally. I'm getting desperate now and have no clue on what to do. <br/> <br/>Thank you in advance for your help. <br/> <br/> <br/>Logfile of HijackThis v1.99.1 <br/>Scan saved at 5:11:34 PM, on 15/06/2013 <br/>Platform: Unknown Windows (WinNT 6.01.3505 SP1) <br/>MSIE: Internet Explorer v10.0 (10.00.9200.16611) <br/> <br/>Running processes: <br/>C:\Program Files (x86)\Google\Drive\googledrivesync.exe <br/>C:\Program Files (x86)\Google\Drive\googledrivesync.exe <br/>C:\Program Files (x86)\Norton Utilities 14\RMTray.exe <br/>C:\Windows\SysWOW64\rundll32.exe <br/>C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe <br/>C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe <br/>C:\Program Files (x86)\Winamp\winampa.exe <br/>C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe <br/>C:\Program Files (x86)\iTunes\iTunesHelper.exe <br/>C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe <br/>C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe <br/>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>F:\Users\Chris\Downloads\hijackthis\HijackThis.exe <br/> <br/>R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 <br/>R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/ <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 <br/>R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?ptr=100&crg=3.1010000.10039&barid={F43E38D7-CF58-11E2-BE19-4C72B997E360} <br/>R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = <br/>R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = <br/>R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm <br/>R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local <br/>R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = <br/>F2 - REG:system.ini: UserInit=userinit.exe, <br/>O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\coIEPlg.dll <br/>O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\IPSBHO.DLL <br/>O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll <br/>O2 - BHO: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.3.19\coIEPlg.dll <br/>O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL <br/>O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll <br/>O3 - Toolbar: Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.3.19\coIEPlg.dll <br/>O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\coIEPlg.dll <br/>O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" <br/>O4 - HKLM\..\Run: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry <br/>O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" <br/>O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" <br/>O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe <br/>O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe" <br/>O4 - HKLM\..\Run: [IntelSBA] C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\SBALaunchDelay.exe "C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe -minimized" 60 <br/>O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" <br/>O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" <br/>O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" <br/>O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s <br/>O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart <br/>O4 - HKCU\..\Run: [DisplayFusion] "C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe" <br/>O4 - HKCU\..\Run: [NortonUtilities] C:\Program Files (x86)\Norton Utilities 14\RMTray.exe /S <br/>O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 <br/>O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 <br/>O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll <br/>O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll <br/>O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll <br/>O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll <br/>O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll <br/>O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll <br/>O10 - Unknown file in Winsock LSP: c:\program files (x86)\bonjour\mdnsnsp.dll <br/>O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics <br/>O11 - Options group: [INTERNATIONAL] International <br/>O13 - Gopher Prefix: <br/>O15 - Trusted Zone: *.clonewarsadventures.com <br/>O15 - Trusted Zone: *.freerealms.com <br/>O15 - Trusted Zone: *.soe.com <br/>O15 - Trusted Zone: *.sony.com <br/>O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} - <br/>O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll <br/>O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL <br/>O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe <br/>O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe <br/>O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) <br/>O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe <br/>O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe <br/>O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe <br/>O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) <br/>O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) <br/>O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - %windir%\system32\svchost.exe (file missing) <br/>O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc (file missing) <br/>O23 - Service: Google Update Service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc (file missing) <br/>O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe <br/>O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe <br/>O23 - Service: Intel(R) ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe <br/>O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing) <br/>O23 - Service: Intel(R) Small Business Advantage - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe <br/>O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe <br/>O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe <br/>O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) <br/>O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe <br/>O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe <br/>O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) <br/>O23 - Service: Norton Identity Safe (NCO) - Unknown owner - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.3.19\ccSvcHst.exe" /s "NCO" /m "C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.3.19\diMaster.dll" /prefetch:1 (file missing) <br/>O23 - Service: NetBalancerService - SeriousBit - C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe <br/>O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) <br/>O23 - Service: Norton Internet Security (NIS) - Unknown owner - C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\diMaster.dll" /prefetch:1 (file missing) <br/>O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) <br/>O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe <br/>O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe <br/>O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing) <br/>O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) <br/>O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) <br/>O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe <br/>O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe <br/>O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) <br/>O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe <br/>O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) <br/>O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) <br/>O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) <br/>O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) <br/>O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe (file missing)
Posted 6/15/2013 7:39 AM
#95791
User avatar

Steelstring13 Valued member

Date Joined Nov 2016
Total Posts: 14
Malwarebytes Anti-Malware 1.75.0.1300 <br/>www.malwarebytes.org <br/> <br/>Database version: v2013.06.14.08 <br/> <br/>Windows 7 Service Pack 1 x64 NTFS <br/>Internet Explorer 10.0.9200.16614 <br/>Chris :: CHRIS-PC [administrator] <br/> <br/>15/06/2013 1:47:10 PM <br/>mbam-log-2013-06-15 (13-47-10).txt <br/> <br/>Scan type: Full scan (C:\|D:\|E:\|F:\|G:\|) <br/>Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM <br/>Scan options disabled: P2P <br/>Objects scanned: 677670 <br/>Time elapsed: 1 hour(s), 34 minute(s), 29 second(s) <br/> <br/>Memory Processes Detected: 0 <br/>(No malicious items detected) <br/> <br/>Memory Modules Detected: 0 <br/>(No malicious items detected) <br/> <br/>Registry Keys Detected: 0 <br/>(No malicious items detected) <br/> <br/>Registry Values Detected: 0 <br/>(No malicious items detected) <br/> <br/>Registry Data Items Detected: 0 <br/>(No malicious items detected) <br/> <br/>Folders Detected: 0 <br/>(No malicious items detected) <br/> <br/>Files Detected: 0 <br/>(No malicious items detected) <br/> <br/>(end) <br/> <br/> <br/>DDS (Ver_2012-11-20.01) - NTFS_AMD64 <br/>Internet Explorer: 10.0.9200.16611 BrowserJavaVersion: 10.21.2 <br/>Run by Chris at 17:17:58 on 2013-06-15 <br/>Microsoft Windows 7 Ultimate N 6.1.7601.1.1252.61.1033.18.8142.5369 [GMT 10:00] <br/>. <br/>AV: Norton Internet Security *Enabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855} <br/>SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} <br/>SP: Norton Internet Security *Enabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8} <br/>FW: Norton Internet Security *Enabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E} <br/>. <br/>============== Running Processes =============== <br/>. <br/>C:\Windows\system32\lsm.exe <br/>C:\Windows\system32\svchost.exe -k DcomLaunch <br/>C:\Windows\system32\nvvsvc.exe <br/>C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe <br/>C:\Windows\system32\svchost.exe -k RPCSS <br/>C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted <br/>C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted <br/>C:\Windows\system32\svchost.exe -k LocalService <br/>C:\Windows\system32\svchost.exe -k netsvcs <br/>C:\Windows\system32\svchost.exe -k GPSvcGroup <br/>C:\Windows\system32\svchost.exe -k NetworkService <br/>C:\Windows\System32\spoolsv.exe <br/>C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork <br/>C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe <br/>C:\Windows\system32\nvvsvc.exe <br/>C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe <br/>C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe <br/>C:\Program Files\Bonjour\mDNSResponder.exe <br/>C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation <br/>C:\Program Files\Intel\iCLS Client\HeciServer.exe <br/>C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe <br/>C:\Windows\system32\IProsetMonitor.exe <br/>C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe <br/>C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.3.19\ccSvcHst.exe <br/>C:\Windows\system32\Dwm.exe <br/>C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe <br/>C:\Windows\Explorer.EXE <br/>C:\Windows\SysWOW64\PnkBstrA.exe <br/>C:\Windows\system32\svchost.exe -k imgsvc <br/>C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe <br/>C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.3.19\ccSvcHst.exe <br/>C:\Program Files (x86)\Google\Drive\googledrivesync.exe <br/>C:\Windows\system32\wbem\wmiprvse.exe <br/>C:\Program Files (x86)\Google\Drive\googledrivesync.exe <br/>C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe <br/>C:\Program Files (x86)\Norton Utilities 14\RMTray.exe <br/>C:\Windows\SysWOW64\rundll32.exe <br/>C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe <br/>C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe <br/>C:\Program Files (x86)\Winamp\winampa.exe <br/>C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe <br/>C:\Program Files (x86)\iTunes\iTunesHelper.exe <br/>C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe <br/>C:\Program Files\NVIDIA Corporation\Display\nvtray.exe <br/>C:\Program Files\iPod\bin\iPodService.exe <br/>C:\Program Files (x86)\DisplayFusion\DisplayFusionHookx86.exe <br/>C:\Windows\system32\SearchIndexer.exe <br/>C:\Program Files\Windows Media Player\wmpnetwk.exe <br/>C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe <br/>C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe <br/>C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe <br/>C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe <br/>C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe <br/>C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe <br/>C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe <br/>C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe <br/>C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE <br/>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>C:\Windows\system32\msiexec.exe <br/>C:\Windows\system32\SearchProtocolHost.exe <br/>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>C:\Windows\system32\SearchFilterHost.exe <br/>C:\Windows\System32\cscript.exe <br/>. <br/>============== Pseudo HJT Report =============== <br/>. <br/>uStart Page = hxxp://google.com/ <br/>mStart Page = hxxp://home.sweetim.com/?ptr=100&crg=3.1010000.10039&barid={F43E38D7-CF58-11E2-BE19-4C72B997E360} <br/>mWinlogon: Userinit = userinit.exe, <br/>BHO: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\CoIEPlg.dll <br/>BHO: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\IPSBHO.dll <br/>BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll <br/>BHO: Norton Identity Protection: {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.3.19\CoIEPlg.dll <br/>BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL <br/>BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll <br/>TB: Norton Identity Safe Toolbar: {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.3.19\CoIEPlg.dll <br/>TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\CoIEPlg.dll <br/>uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart <br/>uRun: [DisplayFusion] "C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe" <br/>uRun: [NortonUtilities] C:\Program Files (x86)\Norton Utilities 14\RMTray.exe /S <br/>mRun: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" <br/>mRun: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry <br/>mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" <br/>mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" <br/>mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe <br/>mRun: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe" <br/>mRun: [IntelSBA] C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\SBALaunchDelay.exe "C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe -minimized" 60 <br/>mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" <br/>mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" <br/>mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" <br/>mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s <br/>dRun: [Exetender] "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup <br/>mPolicies-Explorer: NoActiveDesktop = dword:1 <br/>mPolicies-Explorer: NoActiveDesktopChanges = dword:1 <br/>mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 <br/>mPolicies-System: ConsentPromptBehaviorUser = dword:3 <br/>mPolicies-System: EnableUIADesktopToggle = dword:0 <br/>IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 <br/>IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 <br/>IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll <br/>IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll <br/>Trusted Zone: clonewarsadventures.com <br/>Trusted Zone: freerealms.com <br/>Trusted Zone: soe.com <br/>Trusted Zone: sony.com <br/>DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} - <br/>TCP: NameServer = 10.0.0.138 <br/>TCP: Interfaces\{CA30882D-7DFF-4007-9B30-C4C94A292333} : DHCPNameServer = 10.0.0.138 <br/>TCP: Interfaces\{CA30882D-7DFF-4007-9B30-C4C94A292333}\4556C637472716739373536453F5548545 : DHCPNameServer = 10.0.0.138 <br/>TCP: Interfaces\{CA30882D-7DFF-4007-9B30-C4C94A292333}\77962756C6563737 : DHCPNameServer = 192.168.1.1 <br/>TCP: Interfaces\{CA30882D-7DFF-4007-9B30-C4C94A292333}\8496D4963627F6 : DHCPNameServer = 192.168.0.1 <br/>TCP: Interfaces\{CA30882D-7DFF-4007-9B30-C4C94A292333}\E4544574541425F5548545 : DHCPNameServer = 192.168.1.250 <br/>Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL <br/>SSODL: WebCheck - <orphaned> <br/>mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome <br/>x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL <br/>x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s <br/>x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll <br/>x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll <br/>x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL <br/>x64-SSODL: WebCheck - <orphaned> <br/>. <br/>============= SERVICES / DRIVERS =============== <br/>. <br/>R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2013-2-25 16152] <br/>R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NISx64\1100000.088\SymDS64.sys [2013-6-15 433200] <br/>R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NISx64\1100000.088\SymEFA64.sys [2013-6-15 217136] <br/>R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20090829.001\BHDrvx64.sys [2013-6-15 641584] <br/>R1 ccHP;Symantec Hash Provider;C:\Windows\System32\drivers\NISx64\1100000.088\ccHPx64.sys [2013-6-15 615040] <br/>R1 ccSet_NST;Norton Identity Safe Settings Manager;C:\Windows\System32\drivers\NSTx64\7DD03030.013\ccSetx64.sys [2013-6-15 168096] <br/>R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20090828.002\IDSVia64.sys [2013-6-15 467504] <br/>R1 nbdrv;NetBalancer LightWeight Filter;C:\Windows\System32\drivers\nbdrv.sys [2013-4-18 41392] <br/>R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NISx64\1100000.088\Ironx64.sys [2013-6-15 146992] <br/>R1 SYMTDIV;Symantec Vista Network Dispatch Driver;C:\Windows\System32\drivers\NISx64\1100000.088\symtdiv.sys [2013-6-15 450608] <br/>R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-3-12 13592] <br/>R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-2-2 628448] <br/>R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-2-25 128280] <br/>R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2013-2-26 189608] <br/>R2 Intel(R) Small Business Advantage;Intel(R) Small Business Advantage;C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [2013-2-26 49376] <br/>R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2013-2-25 161560] <br/>R2 NCO;Norton Identity Safe;C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.3.19\ccSvcHst.exe [2013-6-15 144520] <br/>R2 NetBalancerService;NetBalancerService;C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe [2013-4-18 10752] <br/>R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe [2013-6-15 126392] <br/>R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-3-14 383264] <br/>R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2013-2-25 363800] <br/>R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2013-2-25 356120] <br/>R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2013-2-25 787736] <br/>S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] <br/>S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] <br/>S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2013-4-17 79360] <br/>S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168] <br/>S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-2-25 19456] <br/>S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2011-4-12 88960] <br/>S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2013-2-25 29696] <br/>S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-2-25 57856] <br/>S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-2-25 30208] <br/>S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2011-4-12 117248] <br/>S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784] <br/>S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-2-25 1255736] <br/>S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464] <br/>. <br/>=============== Created Last 30 ================ <br/>. <br/>2013-06-15 06:29:57 168096 ----a-r- C:\Windows\System32\drivers\NSTx64\7DD03030.013\ccSetx64.sys <br/>2013-06-15 06:29:54 -------- d-----w- C:\Windows\System32\drivers\NSTx64\7DD03030.013 <br/>2013-06-15 06:29:54 -------- d-----w- C:\Windows\System32\drivers\NSTx64 <br/>2013-06-15 06:29:54 -------- d-----w- C:\Program Files (x86)\Norton Identity Safe <br/>2013-06-15 06:20:06 -------- d-----w- C:\Windows\pss <br/>2013-06-15 06:15:03 -------- d-----w- C:\Users\Chris\AppData\Roaming\Norton Utilities 14 <br/>2013-06-15 06:10:29 880640 ----a-w- C:\Windows\SysWow64\UniBox10.ocx <br/>2013-06-15 06:10:29 212992 ----a-w- C:\Windows\SysWow64\UniBoxVB12.ocx <br/>2013-06-15 06:10:29 1101824 ----a-w- C:\Windows\SysWow64\UniBox210.ocx <br/>2013-06-15 06:09:25 -------- d-----w- C:\ProgramData\Norton Installer <br/>2013-06-15 06:08:58 506368 ----a-w- C:\Windows\SysWow64\msxml.dll <br/>2013-06-15 06:08:57 -------- d-----w- C:\Program Files (x86)\Norton Utilities 14 <br/>2013-06-15 03:37:52 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys <br/>2013-06-15 03:37:52 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware <br/>2013-06-14 12:58:45 -------- d-----w- C:\Program Files\CCleaner <br/>2013-06-14 10:12:32 -------- d-----w- C:\Program Files (x86)\Battlelog Web Plugins <br/>2013-06-12 10:28:51 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys <br/>2013-06-12 10:23:39 751104 ----a-w- C:\Windows\System32\win32spl.dll <br/>2013-06-12 10:23:39 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll <br/>2013-06-12 10:23:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll <br/>2013-06-12 10:23:27 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll <br/>2013-06-12 10:23:22 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll <br/>2013-06-12 10:23:22 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll <br/>2013-06-12 10:22:25 903168 ----a-w- C:\Windows\SysWow64\certutil.exe <br/>2013-06-12 10:22:25 52224 ----a-w- C:\Windows\System32\certenc.dll <br/>2013-06-12 10:22:25 43008 ----a-w- C:\Windows\SysWow64\certenc.dll <br/>2013-06-12 10:22:25 184320 ----a-w- C:\Windows\System32\cryptsvc.dll <br/>2013-06-12 10:22:25 1464320 ----a-w- C:\Windows\System32\crypt32.dll <br/>2013-06-12 10:22:25 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll <br/>2013-06-12 10:22:25 139776 ----a-w- C:\Windows\System32\cryptnet.dll <br/>2013-06-12 10:22:25 1192448 ----a-w- C:\Windows\System32\certutil.exe <br/>2013-06-12 10:22:25 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll <br/>2013-06-12 10:22:25 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll <br/>2013-06-12 10:22:09 1887232 ----a-w- C:\Windows\System32\d3d11.dll <br/>2013-06-12 10:22:09 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll <br/>2013-06-10 10:45:28 -------- d-----w- C:\Users\Chris\AppData\Local\CRE <br/>2013-06-10 10:33:37 -------- d-----w- C:\Users\Chris\jagexcache1 <br/>2013-06-07 10:14:49 -------- d-----w- C:\Program Files (x86)\Asoftech <br/>2013-06-07 10:08:32 634880 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\iKernel.dll <br/>2013-06-07 10:08:32 57344 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\ctor.dll <br/>2013-06-07 10:08:32 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\DotNetInstaller.exe <br/>2013-06-07 10:08:32 270468 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\Setup.dll <br/>2013-06-07 10:08:32 237568 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\iscript.dll <br/>2013-06-07 10:08:32 159876 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\IGdi.dll <br/>2013-06-07 10:08:32 151552 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\iuser.dll <br/>2013-06-07 10:03:14 -------- d-----w- C:\Users\Chris\AppData\Local\Bundled software uninstaller <br/>2013-06-07 09:59:38 -------- d-----w- C:\Windows\SysWow64\WNLT <br/>2013-06-07 09:46:55 -------- d-----w- C:\Users\Chris\AppData\Local\KSafe <br/>2013-06-07 09:45:55 -------- d-----w- C:\Users\Chris\AppData\Roaming\kingsoft <br/>2013-06-07 09:45:52 -------- d-----w- C:\ProgramData\Kingsoft <br/>2013-06-07 09:45:50 -------- d-----w- C:\Program Files (x86)\Kingsoft <br/>2013-06-07 08:47:17 -------- d-----w- C:\Users\Chris\AppData\Roaming\Malwarebytes <br/>2013-06-07 08:47:06 -------- d-----w- C:\ProgramData\Malwarebytes <br/>2013-06-03 13:41:22 -------- d-----w- C:\Users\Chris\AppData\Roaming\asoftech <br/>2013-06-03 13:40:13 -------- d-----w- C:\Program Files (x86)\MyPC Backup <br/>2013-06-02 13:48:19 -------- d-----w- C:\Program Files (x86)\Project64 2.1 <br/>2013-05-27 15:05:45 -------- d-----w- C:\Users\Chris\AppData\Roaming\Image-Line <br/>2013-05-27 15:05:44 -------- d-----w- C:\Program Files\Image-Line <br/>2013-05-27 15:05:35 1554944 ----a-w- C:\Windows\SysWow64\vorbis.acm <br/>2013-05-27 15:05:34 -------- d-----w- C:\Users\Chris\AppData\Roaming\FlowStone <br/>2013-05-27 15:05:34 -------- d-----w- C:\Program Files (x86)\DSPRobotics <br/>2013-05-27 12:46:30 -------- d-----w- C:\Program Files (x86)\Common Files\digidesign <br/>2013-05-27 11:51:56 86016 ----a-w- C:\Windows\unvise32.exe <br/>2013-05-26 12:39:39 -------- d-----w- C:\Users\Chris\AppData\Roaming\NetBeans <br/>2013-05-26 12:39:39 -------- d-----w- C:\Users\Chris\AppData\Local\NetBeans <br/>2013-05-26 12:32:43 -------- d-----w- C:\Program Files (x86)\NetBeans 7.3 <br/>2013-05-22 12:11:15 -------- d-s---w- C:\Users\Chris\Google Drive <br/>2013-05-21 14:27:55 -------- d-----w- C:\Users\Chris\jagexcache <br/>2013-05-18 07:28:56 -------- d-----w- C:\Users\Chris\AppData\Roaming\FAHClient <br/>2013-05-16 14:13:04 -------- d-----w- C:\Users\Chris\AppData\Local\Mumble <br/>2013-05-16 10:27:08 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys <br/>2013-05-16 10:27:08 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys <br/>2013-05-16 10:27:08 144384 ----a-w- C:\Windows\System32\cdd.dll <br/>2013-05-16 10:26:48 1930752 ----a-w- C:\Windows\System32\authui.dll <br/>2013-05-16 10:26:47 70144 ----a-w- C:\Windows\System32\appinfo.dll <br/>2013-05-16 10:26:47 1796096 ----a-w- C:\Windows\SysWow64\authui.dll <br/>2013-05-16 10:26:47 111448 ----a-w- C:\Windows\System32\consent.exe <br/>2013-05-16 10:26:31 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll <br/>2013-05-16 10:26:31 230400 ----a-w- C:\Windows\System32\wwansvc.dll <br/>2013-05-16 10:26:28 3153920 ----a-w- C:\Windows\System32\win32k.sys <br/>. <br/>==================== Find3M ==================== <br/>. <br/>2013-06-15 06:44:28 173104 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS <br/>2013-06-15 03:23:07 291088 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr <br/>2013-06-15 03:23:07 291088 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe <br/>2013-06-15 03:22:54 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0 <br/>2013-06-12 01:12:55 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl <br/>2013-06-12 01:12:55 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe <br/>2013-05-17 01:25:57 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll <br/>2013-05-17 01:25:27 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll <br/>2013-05-17 01:25:26 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll <br/>2013-05-17 01:25:26 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll <br/>2013-05-17 00:59:03 2241024 ----a-w- C:\Windows\System32\wininet.dll <br/>2013-05-17 00:58:10 3958784 ----a-w- C:\Windows\System32\jscript9.dll <br/>2013-05-17 00:58:08 67072 ----a-w- C:\Windows\System32\iesetup.dll <br/>2013-05-17 00:58:08 136704 ----a-w- C:\Windows\System32\iesysprep.dll <br/>2013-05-14 13:14:01 2706432 ----a-w- C:\Windows\System32\mshtml.tlb <br/>2013-05-14 12:23:25 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe <br/>2013-05-14 09:23:31 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb <br/>2013-05-14 08:40:13 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe <br/>2013-05-04 11:53:12 466456 ----a-w- C:\Windows\System32\wrap_oal.dll <br/>2013-05-04 11:53:12 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll <br/>2013-05-04 11:53:12 122904 ----a-w- C:\Windows\System32\OpenAL32.dll <br/>2013-05-04 11:53:12 109080 ----a-w- C:\Windows\SysWow64\OpenAL32.dll <br/>2013-04-28 02:33:22 231376 ----a-w- C:\Windows\System32\drivers\truecrypt.sys <br/>2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll <br/>2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll <br/>2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll <br/>2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll <br/>2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll <br/>2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll <br/>2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys <br/>2013-04-03 19:35:05 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll <br/>2013-03-19 08:29:08 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll <br/>2013-03-19 08:29:08 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll <br/>2013-03-19 06:04:06 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe <br/>2013-03-19 05:46:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll <br/>2013-03-19 05:04:13 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe <br/>2013-03-19 05:04:10 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe <br/>2013-03-19 04:47:50 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll <br/>2013-03-19 03:06:33 112640 ----a-w- C:\Windows\System32\smss.exe <br/>2013-03-17 09:07:43 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe <br/>. <br/>============= FINISH: 17:18:10.23 =============== <br/> <br/> <br/>. <br/>UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. <br/>IF REQUESTED, ZIP IT UP & ATTACH IT <br/>. <br/>DDS (Ver_2012-11-20.01) <br/>. <br/>Microsoft Windows 7 Ultimate N <br/>Boot Device: \Device\HarddiskVolume1 <br/>Install Date: 25/02/2013 11:51:00 AM <br/>System Uptime: 15/06/2013 4:31:06 PM (1 hours ago) <br/>. <br/>Motherboard: Intel Corporation | | DB75EN <br/>Processor: Intel(R) Core(TM) i5-3330 CPU @ 3.00GHz | CPU 1 | 3001/100mhz <br/>. <br/>==== Disk Partitions ========================= <br/>. <br/>C: is FIXED (NTFS) - 119 GiB total, 25.866 GiB free. <br/>D: is CDROM () <br/>E: is CDROM () <br/>F: is FIXED (NTFS) - 233 GiB total, 105.104 GiB free. <br/>G: is FIXED (NTFS) - 699 GiB total, 457.692 GiB free. <br/>. <br/>==== Disabled Device Manager Items ============= <br/>. <br/>Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} <br/>Description: X5XSEx_Pr143 <br/>Device ID: ROOT\LEGACY_X5XSEX_PR143\0000 <br/>Manufacturer: <br/>Name: X5XSEx_Pr143 <br/>PNP Device ID: ROOT\LEGACY_X5XSEX_PR143\0000 <br/>Service: X5XSEx_Pr143 <br/>. <br/>==== System Restore Points =================== <br/>. <br/>RP122: 13/06/2013 12:42:18 AM - Windows Update <br/>RP123: 13/06/2013 9:02:08 PM - Windows Update <br/>RP124: 13/06/2013 10:21:08 PM - TrueCrypt uninstallation <br/>RP125: 13/06/2013 10:21:51 PM - Removed SweetIM for Messenger 3.7 <br/>RP126: 14/06/2013 8:43:19 PM - Norton 360 Registry Clean <br/>RP127: 15/06/2013 4:16:16 PM - Made by Norton Utilities <br/>RP128: 15/06/2013 4:18:23 PM - Made by Norton Utilities <br/>. <br/>==== Installed Programs ====================== <br/>. <br/>Adobe Flash Player 11 Plugin <br/>Adobe Reader X (10.1.7) <br/>Antichamber <br/>Apple Application Support <br/>Apple Mobile Device Support <br/>Apple Software Update <br/>ASIO4ALL <br/>µTorrent <br/>Audacity 2.0.3 <br/>AutoMe <br/>Battlefield 3™ <br/>Battlelog Web Plugins <br/>Bonjour <br/>Borderlands 2 <br/>CCleaner <br/>Curse Client <br/>Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition <br/>DisplayFusion 3.1.6 <br/>DLC Quest <br/>Droid Assault <br/>Dust: An Elysian Tail <br/>EDGE <br/>ESN Sonar <br/>Evoland <br/>Far Cry® 3 <br/>Far Cry® 3 Blood Dragon <br/>FEZ <br/>FL Studio 11 <br/>FlowStone FL 3.0 <br/>Fraps (remove only) <br/>G-Force <br/>GameSpy Comrade <br/>GIMP 2.8.4 <br/>Google Chrome <br/>Google Drive <br/>Google Update Helper <br/>Hardcore <br/>Hydra VSTi/DXi v1.2 <br/>IL Download Manager <br/>IL Shared Libraries <br/>Intel(R) Control Center <br/>Intel(R) Desktop Utilities <br/>Intel(R) Integrator Toolkit 5 <br/>Intel(R) Manageability Engine Firmware Recovery Agent <br/>Intel(R) Management Engine Components <br/>Intel(R) Network Connections 16.8.46.0 <br/>Intel(R) Rapid Storage Technology <br/>Intel(R) Small Business Advantage <br/>Intel(R) Update Manager <br/>Intel(R) USB 3.0 eXtensible Host Controller Driver <br/>Intel® Trusted Connect Service Client <br/>iTunes <br/>Java 7 Update 21 <br/>Java Auto Updater <br/>Java SE Development Kit 7 Update 21 <br/>Malwarebytes Anti-Malware version 1.75.0.1300 <br/>Mark of the Ninja <br/>Microsoft .NET Framework 1.1 <br/>Microsoft .NET Framework 4 Client Profile <br/>Microsoft .NET Framework 4 Extended <br/>Microsoft .NET Framework 4 Multi-Targeting Pack <br/>Microsoft Application Error Reporting <br/>Microsoft Games for Windows - LIVE Redistributable <br/>Microsoft Help Viewer 1.0 <br/>Microsoft Office 2010 Service Pack 1 (SP1) <br/>Microsoft Office Access MUI (English) 2010 <br/>Microsoft Office Access Setup Metadata MUI (English) 2010 <br/>Microsoft Office Excel MUI (English) 2010 <br/>Microsoft Office Home and Student 2010 <br/>Microsoft Office Office 64-bit Components 2010 <br/>Microsoft Office OneNote MUI (English) 2010 <br/>Microsoft Office Outlook MUI (English) 2010 <br/>Microsoft Office PowerPoint MUI (English) 2010 <br/>Microsoft Office Proof (English) 2010 <br/>Microsoft Office Proof (French) 2010 <br/>Microsoft Office Proof (Spanish) 2010 <br/>Microsoft Office Proofing (English) 2010 <br/>Microsoft Office Publisher MUI (English) 2010 <br/>Microsoft Office Shared 64-bit MUI (English) 2010 <br/>Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 <br/>Microsoft Office Shared MUI (English) 2010 <br/>Microsoft Office Shared Setup Metadata MUI (English) 2010 <br/>Microsoft Office Single Image 2010 <br/>Microsoft Office Word MUI (English) 2010 <br/>Microsoft Silverlight <br/>Microsoft SQL Server 2008 R2 Management Objects <br/>Microsoft SQL Server Compact 3.5 SP2 ENU <br/>Microsoft SQL Server Compact 3.5 SP2 x64 ENU <br/>Microsoft SQL Server System CLR Types <br/>Microsoft Visual C# 2010 Express - ENU <br/>Microsoft Visual C++ 2005 Redistributable <br/>Microsoft Visual C++ 2005 Redistributable (x64) <br/>Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 <br/>Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 <br/>Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 <br/>Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 <br/>Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 <br/>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 <br/>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 <br/>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 <br/>Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 <br/>Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 <br/>Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 <br/>Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools <br/>Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU <br/>Microsoft XNA Framework Redistributable 3.1 <br/>Microsoft XNA Framework Redistributable 4.0 <br/>Microsoft XNA Framework Redistributable 4.0 Refresh <br/>Microsoft XNA Game Studio 4.0 <br/>Microsoft XNA Game Studio 4.0 (ARP entry) <br/>Microsoft XNA Game Studio 4.0 (Redists) <br/>Microsoft XNA Game Studio 4.0 (Shared Components) <br/>Microsoft XNA Game Studio 4.0 (Visual Studio) <br/>Microsoft XNA Game Studio 4.0 (XnaLiveProxy) <br/>Microsoft XNA Game Studio 4.0 Documentation <br/>Microsoft XNA Game Studio Platform Tools <br/>Mozilla Maintenance Service <br/>MSVCRT Redists <br/>MSXML 4.0 SP2 (KB954430) <br/>MSXML 4.0 SP2 (KB973688) <br/>MSXML 4.0 SP2 Parser and SDK <br/>Mumble 1.2.3 <br/>My Game Long Name <br/>NetBalancer <br/>NetBeans IDE 7.3 <br/>Norton Identity Safe <br/>Norton Internet Security <br/>Norton Utilities <br/>NVIDIA 3D Vision Controller Driver 314.22 <br/>NVIDIA 3D Vision Driver 314.22 <br/>NVIDIA Control Panel 314.22 <br/>NVIDIA Graphics Driver 314.22 <br/>NVIDIA HD Audio Driver 1.3.23.1 <br/>NVIDIA Install Application <br/>NVIDIA PhysX <br/>NVIDIA PhysX System Software 9.12.1031 <br/>NVIDIA Stereoscopic 3D Driver <br/>NVIDIA Update 1.12.12 <br/>NVIDIA Update Components <br/>Ohm Force - Ohmicide VST <br/>OpenAL <br/>Origin <br/>PoiZone <br/>Project 64 version 2.1.0.1 <br/>Puddle <br/>PunkBuster Services <br/>Realtek High Definition Audio Driver <br/>Reus <br/>RUSH <br/>Sawer <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) <br/>Security Update for Microsoft .NET Framework 4 Extended (KB2487367) <br/>Security Update for Microsoft .NET Framework 4 Extended (KB2656351) <br/>Security Update for Microsoft .NET Framework 4 Extended (KB2736428) <br/>Security Update for Microsoft .NET Framework 4 Extended (KB2742595) <br/>Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition <br/>Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition <br/>Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition <br/>Security Update for Microsoft Office 2010 (KB2553091) <br/>Security Update for Microsoft Office 2010 (KB2553096) <br/>Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition <br/>Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition <br/>Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition <br/>Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition <br/>Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition <br/>Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition <br/>Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition <br/>Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition <br/>Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition <br/>Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition <br/>Security Update for Microsoft Visual C# 2010 Express - ENU (KB2251489) <br/>Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition <br/>Simple Shutdown Timer <br/>Symphony <br/>They Bleed Pixels <br/>Toki Tori <br/>Toxic Biohazard <br/>Update for Microsoft .NET Framework 4 Client Profile (KB2468871) <br/>Update for Microsoft .NET Framework 4 Client Profile (KB2533523) <br/>Update for Microsoft .NET Framework 4 Client Profile (KB2600217) <br/>Update for Microsoft .NET Framework 4 Extended (KB2468871) <br/>Update for Microsoft .NET Framework 4 Extended (KB2533523) <br/>Update for Microsoft .NET Framework 4 Extended (KB2600217) <br/>Update for Microsoft Office 2010 (KB2553065) <br/>Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition <br/>Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition <br/>Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition <br/>Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition <br/>Update for Microsoft Office 2010 (KB2566458) <br/>Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition <br/>Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition <br/>Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition <br/>Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition <br/>Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition <br/>Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition <br/>Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition <br/>Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition <br/>Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition <br/>Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition <br/>Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition <br/>Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition <br/>Uplay <br/>Vegas Pro 12.0 (64-bit) <br/>Virtual DJ Pro Full - Atomix Productions <br/>VirtualCloneDrive <br/>Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU <br/>Visual Studio 2010 x64 Redistributables <br/>VLC media player 2.0.5 <br/>Waves Diamond Bundle v5.2 <br/>Winamp <br/>Winamp Detector Plug-in <br/>WinRAR 4.20 (64-bit) <br/>. <br/>==== Event Viewer Messages From Past Week ======== <br/>. <br/>15/06/2013 4:33:16 PM, Error: Service Control Manager [7038] - The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: Logon failure: the specified account password has expired. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). <br/>15/06/2013 4:33:16 PM, Error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The service did not start due to a logon failure. <br/>15/06/2013 4:31:13 PM, Error: Service Control Manager [7000] - The X5XSEx_Pr143 service failed to start due to the following error: The system cannot find the path specified. <br/>15/06/2013 4:23:28 PM, Error: VDS Basic Provider [1] - Unexpected failure. Error code: 490@01010004 <br/>14/06/2013 9:59:46 PM, Error: Service Control Manager [7000] - The DisplayFusionService service failed to start due to the following error: The system cannot find the file specified. <br/>13/06/2013 12:42:56 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070002: Windows Malicious Software Removal Tool x64 - June 2013 (KB890830). <br/>12/06/2013 11:03:56 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect. <br/>12/06/2013 11:03:56 PM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. <br/>. <br/>==== End Of File ===========================
Posted 6/15/2013 11:53 PM
#95793
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
Hi Steelstring13 :smile: </div> <br/> <br/> <br/>[color="#0066cc"]http://oldtimer.geekstogo.com/OTL.exe[/color]</a> <br/> <br/><span lang="DA"> <br/> <br/>  <br/> <br/>  <br/> <br/> <br/><ul> <br/><span lang="EN-GB">* Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted. <br/> <br/> <br/>* Select <span lang="X-NONE">All Users <br/> <br/></ul> <br/> <br/> <br/><ul> <br/><span lang="DA">* <br/> <br/> <br/>* Click the Quick Scan button. Do not change any settings unless otherwise told to do so. <span lang="DA">The scan wont take long. <br/> <br/></ul> <br/> <br/><span lang="EN-GB">When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL. <br/> <br/> <br/> <br/><span lang="DA">Post both logs

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 6/16/2013 2:05 AM
#95794
User avatar

Steelstring13 Valued member

Date Joined Nov 2016
Total Posts: 14
Hello Touch, <br/> <br/>I believe you're the person who sorted me out last time :) <br/> <br/>OTL logfile created on: 16/06/2013 11:59:19 AM - Run 1 <br/>OTL by OldTimer - Version 3.2.69.0 Folder = F:\Users\Chris\Downloads <br/>64bit- Ultimate Edition N Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation <br/>Internet Explorer (Version = 9.10.9200.16614) <br/>Locale: 00000c09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy <br/> <br/>7.95 Gb Total Physical Memory | 5.47 Gb Available Physical Memory | 68.84% Memory free <br/>19.87 Gb Paging File | 17.28 Gb Available in Paging File | 86.96% Paging File free <br/>Paging file location(s): g:\pagefile.sys 12211 12211 [binary data] <br/> <br/>%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) <br/>Drive C: | 119.14 Gb Total Space | 23.27 Gb Free Space | 19.53% Space Free | Partition Type: NTFS <br/>Drive F: | 232.88 Gb Total Space | 104.95 Gb Free Space | 45.07% Space Free | Partition Type: NTFS <br/>Drive G: | 698.54 Gb Total Space | 457.69 Gb Free Space | 65.52% Space Free | Partition Type: NTFS <br/> <br/>Computer Name: CHRIS-PC | User Name: Chris | Logged in as Administrator. <br/>Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans <br/>Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days <br/> <br/>[color=#E56717]========== Processes (SafeList) ==========[/color] <br/> <br/>PRC - [2013/06/16 11:55:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- F:\Users\Chris\Downloads\OTL.exe <br/>PRC - [2013/05/29 15:27:40 | 000,825,808 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>PRC - [2013/05/10 17:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe <br/>PRC - [2013/04/16 16:10:44 | 019,662,744 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe <br/>PRC - [2013/03/17 19:07:43 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe <br/>PRC - [2013/03/14 21:07:46 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe <br/>PRC - [2012/12/24 14:33:30 | 000,144,520 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.3.19\ccSvcHst.exe <br/>PRC - [2012/06/29 01:40:52 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe <br/>PRC - [2012/02/27 12:02:16 | 004,243,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe <br/>PRC - [2012/02/27 12:01:00 | 000,049,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe <br/>PRC - [2012/02/07 20:05:04 | 000,363,800 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe <br/>PRC - [2012/02/07 20:05:04 | 000,277,784 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe <br/>PRC - [2012/02/07 20:04:54 | 000,128,280 | R--- | M] () -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe <br/>PRC - [2012/02/07 20:04:44 | 000,161,560 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe <br/>PRC - [2012/01/27 03:40:44 | 000,291,608 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe <br/>PRC - [2011/11/29 19:04:56 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe <br/>PRC - [2011/11/29 19:04:54 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe <br/>PRC - [2010/02/26 10:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\17.7.0.12\ccsvchst.exe <br/>PRC - [2009/11/29 01:09:32 | 000,092,848 | ---- | M] (Binary Fortress Software) -- C:\Program Files (x86)\DisplayFusion\DisplayFusionHookx86.exe <br/>PRC - [2009/09/14 10:53:32 | 000,279,912 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Utilities 14\RMTray.exe <br/> <br/> <br/>[color=#E56717]========== Modules (No Company Name) ==========[/color] <br/> <br/>MOD - [2013/06/16 11:54:42 | 001,175,040 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\wx._core_.pyd <br/>MOD - [2013/06/16 11:54:42 | 001,153,024 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\_ssl.pyd <br/>MOD - [2013/06/16 11:54:42 | 001,062,400 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\wx._controls_.pyd <br/>MOD - [2013/06/16 11:54:42 | 001,022,416 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\windows._cacheinvalidation.pyd <br/>MOD - [2013/06/16 11:54:42 | 000,811,008 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\wx._windows_.pyd <br/>MOD - [2013/06/16 11:54:42 | 000,805,888 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\wx._gdi_.pyd <br/>MOD - [2013/06/16 11:54:42 | 000,735,232 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\wx._misc_.pyd <br/>MOD - [2013/06/16 11:54:42 | 000,711,680 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\_hashlib.pyd <br/>MOD - [2013/06/16 11:54:42 | 000,686,080 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\unicodedata.pyd <br/>MOD - [2013/06/16 11:54:42 | 000,557,056 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\pysqlite2._sqlite.pyd <br/>MOD - [2013/06/16 11:54:42 | 000,364,544 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\pythoncom27.dll <br/>MOD - [2013/06/16 11:54:42 | 000,320,512 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\win32com.shell.shell.pyd <br/>MOD - [2013/06/16 11:54:42 | 000,128,512 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\_elementtree.pyd <br/>MOD - [2013/06/16 11:54:42 | 000,127,488 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\pyexpat.pyd <br/>MOD - [2013/06/16 11:54:42 | 000,122,368 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\wx._wizard.pyd <br/>MOD - [2013/06/16 11:54:42 | 000,119,808 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\win32file.pyd <br/>MOD - [2013/06/16 11:54:42 | 000,110,080 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\PyWinTypes27.dll <br/>MOD - [2013/06/16 11:54:42 | 000,108,544 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\win32security.pyd <br/>MOD - [2013/06/16 11:54:42 | 000,098,816 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\win32api.pyd <br/>MOD - [2013/06/16 11:54:42 | 000,087,040 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\_ctypes.pyd <br/>MOD - [2013/06/16 11:54:42 | 000,070,656 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\wx._html2.pyd <br/>MOD - [2013/06/16 11:54:42 | 000,044,032 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\_socket.pyd <br/>MOD - [2013/06/16 11:54:42 | 000,038,912 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\win32inet.pyd <br/>MOD - [2013/06/16 11:54:42 | 000,035,840 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\win32process.pyd <br/>MOD - [2013/06/16 11:54:42 | 000,026,624 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\_multiprocessing.pyd <br/>MOD - [2013/06/16 11:54:42 | 000,025,600 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\win32pdh.pyd <br/>MOD - [2013/06/16 11:54:42 | 000,022,528 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\win32ts.pyd <br/>MOD - [2013/06/16 11:54:42 | 000,018,432 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\win32event.pyd <br/>MOD - [2013/06/16 11:54:42 | 000,017,408 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\win32profile.pyd <br/>MOD - [2013/06/16 11:54:42 | 000,011,264 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\win32crypt.pyd <br/>MOD - [2013/06/16 11:54:42 | 000,010,240 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI31802\select.pyd <br/>MOD - [2013/05/29 15:27:38 | 000,393,168 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ppgooglenaclpluginchrome.dll <br/>MOD - [2013/05/29 15:27:35 | 004,051,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\pdf.dll <br/>MOD - [2013/05/29 15:26:40 | 000,599,504 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\libglesv2.dll <br/>MOD - [2013/05/29 15:26:39 | 000,124,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\libegl.dll <br/>MOD - [2013/05/29 15:26:36 | 001,597,392 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ffmpegsumo.dll <br/>MOD - [2013/05/17 08:32:49 | 000,330,240 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\5b0667dad44a1069048497e7f4ae6f12\System.Management.Instrumentation.ni.dll <br/>MOD - [2013/05/17 08:31:49 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\3c2ed368e1f3889997dfb42a5ca77284\System.Core.ni.dll <br/>MOD - [2013/05/17 08:11:15 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\af525b4bec3b9941b7be8ffbf813da80\PresentationFramework.ni.dll <br/>MOD - [2013/05/17 08:11:07 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll <br/>MOD - [2013/05/17 08:11:01 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7eac0dbe9aa20b55e37235f8ee030e6b\PresentationCore.ni.dll <br/>MOD - [2013/05/17 08:10:54 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\716959df79685a1eae0fc14275a32b0f\WindowsBase.ni.dll <br/>MOD - [2013/05/17 08:10:53 | 000,687,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\23673bbebe3c0ca7c894e614bb3ffd1a\System.Security.ni.dll <br/>MOD - [2013/05/17 08:10:52 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll <br/>MOD - [2013/03/17 13:12:58 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll <br/>MOD - [2013/03/17 13:12:39 | 000,185,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\a7424b1be331f4b534ea24e0c21dbe47\UIAutomationTypes.ni.dll <br/>MOD - [2013/03/17 13:12:39 | 000,060,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\23da92e38ffc0bbf6673adb1892aa0f4\UIAutomationProvider.ni.dll <br/>MOD - [2013/03/17 02:05:43 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\302207b4fa3083899fd8ab4db98cecc5\System.Management.ni.dll <br/>MOD - [2013/03/17 02:05:32 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll <br/>MOD - [2013/03/17 02:05:28 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll <br/>MOD - [2013/03/17 02:05:27 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\389a1832a3da11e1b409cd6ae60cb9fa\IAStorCommon.ni.dll <br/>MOD - [2013/03/17 02:05:25 | 000,487,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\7ffdaee3a54ffd1a5e3b008a5bde5ecf\IAStorUtil.ni.dll <br/>MOD - [2013/03/17 02:05:25 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\7ff638de44686eab4afaa8b3c8a9cfca\System.ServiceProcess.ni.dll <br/>MOD - [2013/03/17 02:05:19 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll <br/>MOD - [2013/03/17 02:05:17 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll <br/>MOD - [2013/03/17 02:05:14 | 000,141,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\1ea01658676f73cf48ebde8e904a0464\System.Configuration.Install.ni.dll <br/>MOD - [2013/03/17 02:05:08 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll <br/>MOD - [2013/03/17 02:05:03 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll <br/>MOD - [2013/01/28 12:08:56 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll <br/>MOD - [2013/01/28 12:08:28 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll <br/>MOD - [2012/05/31 01:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.3.19\wincfi39.dll <br/>MOD - [2012/02/27 12:02:14 | 000,215,264 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\System.ComponentModel.Composition.dll <br/>MOD - [2012/02/27 12:02:10 | 000,051,424 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\Interop.TaskScheduler.dll <br/> <br/> <br/>[color=#E56717]========== Services (SafeList) ==========[/color] <br/> <br/>SRV:64bit: - [2013/03/25 20:06:36 | 000,010,752 | ---- | M] (SeriousBit) [Auto | Running] -- C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe -- (NetBalancerService) <br/>SRV:64bit: - [2012/02/02 21:29:52 | 000,628,448 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R) <br/>SRV:64bit: - [2011/11/09 16:38:06 | 000,189,608 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel(R) <br/>SRV:64bit: - [2009/07/14 11:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) <br/>SRV:64bit: - [2009/07/14 11:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) <br/>SRV - [2013/06/12 11:12:56 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) <br/>SRV - [2013/06/07 08:06:24 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) <br/>SRV - [2013/05/10 17:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) <br/>SRV - [2013/04/17 13:29:05 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service) <br/>SRV - [2013/03/17 19:07:43 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) <br/>SRV - [2013/03/15 15:53:06 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) <br/>SRV - [2013/03/14 21:07:46 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) <br/>SRV - [2013/03/08 17:52:21 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) <br/>SRV - [2012/12/24 14:33:30 | 000,144,520 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.3.19\ccSvcHst.exe -- (NCO) <br/>SRV - [2012/02/27 12:01:00 | 000,049,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe -- (Intel(R) <br/>SRV - [2012/02/07 20:05:04 | 000,363,800 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) <br/>SRV - [2012/02/07 20:05:04 | 000,277,784 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) <br/>SRV - [2012/02/07 20:04:54 | 000,128,280 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R) <br/>SRV - [2012/02/07 20:04:44 | 000,161,560 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service) <br/>SRV - [2011/11/29 19:04:56 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) <br/>SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) <br/>SRV - [2010/02/26 10:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe -- (NIS) <br/>SRV - [2009/06/11 07:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) <br/> <br/> <br/>[color=#E56717]========== Driver Services (SafeList) ==========[/color] <br/> <br/>DRV:64bit: - [2013/06/15 16:44:28 | 000,173,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent) <br/>DRV:64bit: - [2013/01/17 00:39:12 | 000,041,392 | ---- | M] (SeriousBit) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\nbdrv.sys -- (nbdrv) <br/>DRV:64bit: - [2012/12/19 15:41:52 | 000,194,488 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) <br/>DRV:64bit: - [2012/12/13 12:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) <br/>DRV:64bit: - [2012/11/16 13:18:04 | 000,168,096 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NSTx64\7DD03030.013\ccSetx64.sys -- (ccSet_NST) <br/>DRV:64bit: - [2012/08/24 00:12:16 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt) <br/>DRV:64bit: - [2012/08/24 00:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) <br/>DRV:64bit: - [2012/08/24 00:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) <br/>DRV:64bit: - [2012/08/24 00:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) <br/>DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) <br/>DRV:64bit: - [2012/07/17 17:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) <br/>DRV:64bit: - [2012/03/01 16:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) <br/>DRV:64bit: - [2012/01/27 03:39:34 | 000,787,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc) <br/>DRV:64bit: - [2012/01/27 03:39:34 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub) <br/>DRV:64bit: - [2012/01/27 03:39:34 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs) <br/>DRV:64bit: - [2012/01/11 12:32:28 | 000,358,576 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress) <br/>DRV:64bit: - [2011/11/29 18:40:32 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) <br/>DRV:64bit: - [2011/03/11 16:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) <br/>DRV:64bit: - [2011/03/11 16:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) <br/>DRV:64bit: - [2011/01/16 02:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone) <br/>DRV:64bit: - [2010/12/17 08:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO) <br/>DRV:64bit: - [2010/11/21 13:24:16 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub) <br/>DRV:64bit: - [2010/11/21 13:24:16 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc) <br/>DRV:64bit: - [2010/11/21 13:24:15 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) <br/>DRV:64bit: - [2010/11/21 13:24:15 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) <br/>DRV:64bit: - [2010/05/06 14:01:59 | 000,451,120 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\symtdiv.sys -- (SYMTDIv) <br/>DRV:64bit: - [2010/04/29 15:03:51 | 000,150,064 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\ironx64.sys -- (SymIRON) <br/>DRV:64bit: - [2010/04/22 13:02:20 | 000,221,232 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\symefa64.sys -- (SymEFA) <br/>DRV:64bit: - [2010/04/22 12:29:51 | 000,505,392 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\srtsp64.sys -- (SRTSP) <br/>DRV:64bit: - [2010/04/22 12:29:51 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\srtspx64.sys -- (SRTSPX) <br/>DRV:64bit: - [2010/02/26 10:22:52 | 000,615,040 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\cchpx64.sys -- (ccHP) <br/>DRV:64bit: - [2009/10/16 16:44:56 | 001,309,696 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\P17.sys -- (P17) <br/>DRV:64bit: - [2009/10/05 15:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) <br/>DRV:64bit: - [2009/08/30 10:17:18 | 000,433,200 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\symds64.sys -- (SymDS) <br/>DRV:64bit: - [2009/08/13 21:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21) <br/>DRV:64bit: - [2009/07/14 11:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) <br/>DRV:64bit: - [2009/07/14 11:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) <br/>DRV:64bit: - [2009/07/14 11:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) <br/>DRV:64bit: - [2009/06/11 06:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) <br/>DRV:64bit: - [2009/06/11 06:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) <br/>DRV:64bit: - [2009/06/11 06:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) <br/>DRV:64bit: - [2009/06/11 06:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) <br/>DRV:64bit: - [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM) <br/>DRV - [2013/06/15 18:26:01 | 002,098,776 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20130614.023\ex64.sys -- (NAVEX15) <br/>DRV - [2013/06/15 18:26:01 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl) <br/>DRV - [2013/06/15 18:26:01 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) <br/>DRV - [2013/06/15 18:26:01 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20130614.023\eng64.sys -- (NAVENG) <br/>DRV - [2013/06/14 14:20:38 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20130614.001\IDSviA64.sys -- (IDSVia64) <br/>DRV - [2013/05/31 17:15:28 | 001,393,240 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20130531.001\BHDrvx64.sys -- (BHDrvx64) <br/>DRV - [2009/07/14 11:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) <br/> <br/> <br/>[color=#E56717]========== Standard Registry (SafeList) ==========[/color] <br/> <br/> <br/>[color=#E56717]========== Internet Explorer ==========[/color] <br/> <br/>IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} <br/>IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC <br/>IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm <br/>IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?ptr=100&crg=3.1010000.10039&barid={F43E38D7-CF58-11E2-BE19-4C72B997E360} <br/>IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847} <br/>IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC <br/>IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&ptr=100&q={searchTerms}&crg=3.1010000.10039&barid={F43E38D7-CF58-11E2-BE19-4C72B997E360} <br/> <br/> <br/>IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 <br/> <br/>IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 <br/> <br/> <br/> <br/>IE - HKU\S-1-5-21-2686758744-1141044052-442096660-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/ <br/>IE - HKU\S-1-5-21-2686758744-1141044052-442096660-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ninemsn.com.au/?ocid=iehp <br/>IE - HKU\S-1-5-21-2686758744-1141044052-442096660-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-AU <br/>IE - HKU\S-1-5-21-2686758744-1141044052-442096660-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = DA 23 01 3F 28 13 CE 01 [binary data] <br/>IE - HKU\S-1-5-21-2686758744-1141044052-442096660-1000\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847} <br/>IE - HKU\S-1-5-21-2686758744-1141044052-442096660-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&ptr=100&q={searchTerms}&crg=3.1010000.10039&barid={F43E38D7-CF58-11E2-BE19-4C72B997E360} <br/>IE - HKU\S-1-5-21-2686758744-1141044052-442096660-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 <br/>IE - HKU\S-1-5-21-2686758744-1141044052-442096660-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local <br/> <br/> <br/>[color=#E56717]========== FireFox ==========[/color] <br/> <br/>FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found <br/>FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found <br/>FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) <br/>FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) <br/>FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll () <br/>FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found <br/>FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () <br/>FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) <br/>FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.4: C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll (ESN Social Software AB) <br/>FF - HKLM\Software\MozillaPlugins\@exent.com/npExentCtl,version=7.0.0.0: File not found <br/>FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) <br/>FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) <br/>FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) <br/>FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found <br/>FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) <br/>FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) <br/>FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) <br/>FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) <br/>FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) <br/>FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) <br/>FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) <br/>FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: F:\Program Files (x86)\VLC\npvlc.dll (VideoLAN) <br/>FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) <br/>FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft) <br/> <br/>FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F04D2D30-776C-4d02-8627-8E4385ECA58D}: C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2013.3.3.19\coFFPlgn\ <br/>FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\ [2013/06/15 16:44:33 | 000,000,000 | ---D | M] <br/>FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\ [2013/06/16 11:54:42 | 000,000,000 | ---D | M] <br/> <br/>[2013/06/03 23:39:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\Mozilla\Extensions <br/>[2013/05/09 21:53:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions <br/> <br/>[color=#E56717]========== Chrome ==========[/color] <br/> <br/>CHR - default_search_provider: Google (Enabled) <br/>CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} <br/>CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}, <br/>CHR - homepage: http://www.google.com.au/ <br/>CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll <br/>CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer <br/>CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll <br/>CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\pdf.dll <br/>CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll <br/>CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll <br/>CHR - plugin: Intel Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll <br/>CHR - plugin: Intel Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll <br/>CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll <br/>CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll <br/>CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll <br/>CHR - Extension: Theme Creator = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpelnjfckgfiplcikojhomllgombffc\2.5_0\ <br/>CHR - Extension: Google Docs = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\ <br/>CHR - Extension: Google Drive = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ <br/>CHR - Extension: YouTube = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ <br/>CHR - Extension: RuneScape = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfgmipjabpfjdgflgbjjpgekdejokfci\2.3.19.11_0\ <br/>CHR - Extension: Google Search = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ <br/>CHR - Extension: KB SSL Enforcer = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\flcpelgcagfhfoegekianiofphddckof\2.0.0_0\ <br/>CHR - Extension: AdBlock = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.64_0\ <br/>CHR - Extension: FVD Video Downloader = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp\5.2.0_0\ <br/>CHR - Extension: Reload All Tabs = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpkdnfkjhdkcpimadpdcgapffceacjem\1.2.12_0\ <br/>CHR - Extension: MuteTab = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmkbaaijgpppbokgnhhoakihofedkgcc\2.0.2_0\ <br/>CHR - Extension: ScriptSafe = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf\1.0.6.13_0\ <br/>CHR - Extension: Battlefield 3 = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pagmklehiaheilihklokljahmoihkjni\1_0\ <br/>CHR - Extension: Gmail = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ <br/> <br/>O1 HOSTS File: ([2009/06/11 07:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts <br/>O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.7.0.12\coieplg.dll (Symantec Corporation) <br/>O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\17.7.0.12\ipsbho.dll (Symantec Corporation) <br/>O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) <br/>O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) <br/>O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.7.0.12\coieplg.dll (Symantec Corporation) <br/>O3 - HKU\S-1-5-21-2686758744-1141044052-442096660-1000\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found. <br/>O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) <br/>O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) <br/>O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) <br/>O4 - HKLM..\Run: [IMSS] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe (Intel Corporation) <br/>O4 - HKLM..\Run: [IntelSBA] C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\SBALaunchDelay.exe (Intel Corporation) <br/>O4 - HKLM..\Run: [P17RunE] C:\Windows\SysWow64\P17RunE.dll (Creative Technology Ltd.) <br/>O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation) <br/>O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.) <br/>O4 - HKU\.DEFAULT..\Run: [Exetender] "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup File not found <br/>O4 - HKU\S-1-5-18..\Run: [Exetender] "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup File not found <br/>O4 - HKU\S-1-5-19..\Run: [Exetender] "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup File not found <br/>O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) <br/>O4 - HKU\S-1-5-20..\Run: [Exetender] "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup File not found <br/>O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) <br/>O4 - HKU\S-1-5-21-2686758744-1141044052-442096660-1000..\Run: [DisplayFusion] C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe (Binary Fortress Software) <br/>O4 - HKU\S-1-5-21-2686758744-1141044052-442096660-1000..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google) <br/>O4 - HKU\S-1-5-21-2686758744-1141044052-442096660-1000..\Run: [NortonUtilities] C:\Program Files (x86)\Norton Utilities 14\RMTray.exe (Symantec Corporation) <br/>O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found <br/>O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found <br/>O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 <br/>O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 <br/>O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 <br/>O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 <br/>O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) <br/>O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) <br/>O1364bit: - gopher Prefix: missing <br/>O13 - gopher Prefix: missing <br/>O15 - HKU\S-1-5-21-2686758744-1141044052-442096660-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites) <br/>O15 - HKU\S-1-5-21-2686758744-1141044052-442096660-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites) <br/>O15 - HKU\S-1-5-21-2686758744-1141044052-442096660-1000\..Trusted Domains: soe.com ([]* in Trusted sites) <br/>O15 - HKU\S-1-5-21-2686758744-1141044052-442096660-1000\..Trusted Domains: sony.com ([]* in Trusted sites) <br/>O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (Reg Error: Key error.) <br/>O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138 <br/>O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CA30882D-7DFF-4007-9B30-C4C94A292333}: DhcpNameServer = 10.0.0.138 <br/>O18:64bit: - Protocol\Handler\ms-help - No CLSID value found <br/>O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) <br/>O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) <br/>O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) <br/>O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) <br/>O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. <br/>O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. <br/>O32 - HKLM CDRom: AutoRun - 1 <br/>O33 - MountPoints2\{0d4929f5-8b71-11e2-b178-4c72b997e360}\Shell - "" = AutoRun <br/>O33 - MountPoints2\{0d4929f5-8b71-11e2-b178-4c72b997e360}\Shell\AutoRun\command - "" = E:\Start.exe <br/>O33 - MountPoints2\{66d01a4c-7eca-11e2-8a23-806e6f6e6963}\Shell - "" = AutoRun <br/>O33 - MountPoints2\{66d01a4c-7eca-11e2-8a23-806e6f6e6963}\Shell\AutoRun\command - "" = D:\EIProcessCaller.exe <br/>O33 - MountPoints2\D\Shell - "" = AutoRun <br/>O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\CTRun\Start.EXE <br/>O34 - HKLM BootExecute: (autocheck autochk *) <br/>O35:64bit: - HKLM\..comfile [open] -- "%1" %* <br/>O35:64bit: - HKLM\..exefile [open] -- "%1" %* <br/>O35 - HKLM\..comfile [open] -- "%1" %* <br/>O35 - HKLM\..exefile [open] -- "%1" %* <br/>O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* <br/>O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* <br/>O37 - HKLM\...com [@ = comfile] -- "%1" %* <br/>O37 - HKLM\...exe [@ = exefile] -- "%1" %* <br/>O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) <br/>O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) <br/>O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) <br/> <br/>[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] <br/> <br/>[2013/06/16 01:43:16 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll <br/>[2013/06/16 01:43:16 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll <br/>[2013/06/15 19:27:22 | 000,615,040 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\cchpx64.sys <br/>[2013/06/15 19:27:22 | 000,505,392 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\srtsp64.sys <br/>[2013/06/15 19:27:22 | 000,451,120 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\symtdiv.sys <br/>[2013/06/15 19:27:22 | 000,433,200 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\symds64.sys <br/>[2013/06/15 19:27:22 | 000,221,232 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\symefa64.sys <br/>[2013/06/15 19:27:22 | 000,150,064 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\ironx64.sys <br/>[2013/06/15 19:27:22 | 000,032,304 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\srtspx64.sys <br/>[2013/06/15 19:27:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NISx64\1107000.00C <br/>[2013/06/15 17:16:07 | 000,000,000 | ---D | C] -- f:\Users\Chris\Desktop\Logs <br/>[2013/06/15 16:44:28 | 000,173,104 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS <br/>[2013/06/15 16:44:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared <br/>[2013/06/15 16:44:28 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec <br/>[2013/06/15 16:44:20 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NISx64 <br/>[2013/06/15 16:44:19 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security <br/>[2013/06/15 16:44:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Internet Security <br/>[2013/06/15 16:29:57 | 000,168,096 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NSTx64\7DD03030.013\ccSetx64.sys <br/>[2013/06/15 16:29:54 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Identity Safe <br/>[2013/06/15 16:29:54 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSTx64 <br/>[2013/06/15 16:29:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Identity Safe <br/>[2013/06/15 16:29:54 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSTx64\7DD03030.013 <br/>[2013/06/15 16:20:06 | 000,000,000 | ---D | C] -- C:\Windows\pss <br/>[2013/06/15 16:15:03 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Norton Utilities 14 <br/>[2013/06/15 16:10:29 | 001,101,824 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\SysWow64\UniBox210.ocx <br/>[2013/06/15 16:10:29 | 000,880,640 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\SysWow64\UniBox10.ocx <br/>[2013/06/15 16:10:29 | 000,212,992 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\SysWow64\UniBoxVB12.ocx <br/>[2013/06/15 16:09:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton Installer <br/>[2013/06/15 16:09:07 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP <br/>[2013/06/15 16:09:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Utilities 14 <br/>[2013/06/15 16:08:58 | 000,506,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml.dll <br/>[2013/06/15 16:08:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Utilities 14 <br/>[2013/06/15 13:37:52 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys <br/>[2013/06/15 13:37:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware <br/>[2013/06/15 13:37:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware <br/>[2013/06/14 22:58:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner <br/>[2013/06/14 22:58:45 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner <br/>[2013/06/14 20:12:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battlelog Web Plugins <br/>[2013/06/13 22:22:13 | 000,000,000 | -HSD | C] -- C:\Config.Msi <br/>[2013/06/13 00:42:44 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll <br/>[2013/06/13 00:42:44 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll <br/>[2013/06/13 00:42:44 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe <br/>[2013/06/13 00:42:44 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe <br/>[2013/06/13 00:42:44 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll <br/>[2013/06/13 00:42:44 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll <br/>[2013/06/13 00:42:44 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe <br/>[2013/06/13 00:42:44 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll <br/>[2013/06/13 00:42:44 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll <br/>[2013/06/13 00:42:43 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll <br/>[2013/06/13 00:42:43 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll <br/>[2013/06/13 00:42:43 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll <br/>[2013/06/13 00:42:42 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll <br/>[2013/06/12 20:23:39 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll <br/>[2013/06/12 20:23:39 | 000,492,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll <br/>[2013/06/12 20:23:27 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptdlg.dll <br/>[2013/06/12 20:23:27 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptdlg.dll <br/>[2013/06/12 20:23:22 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll <br/>[2013/06/12 20:22:25 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll <br/>[2013/06/12 20:22:25 | 001,192,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe <br/>[2013/06/12 20:22:25 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe <br/>[2013/06/12 20:22:25 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll <br/>[2013/06/12 20:22:25 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll <br/>[2013/06/12 20:22:25 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certenc.dll <br/>[2013/06/12 20:22:09 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll <br/>[2013/06/12 20:22:09 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll <br/>[2013/06/10 20:45:28 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\CRE <br/>[2013/06/10 20:33:37 | 000,000,000 | ---D | C] -- C:\Users\Chris\jagexcache1 <br/>[2013/06/07 20:14:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoMe <br/>[2013/06/07 20:14:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Asoftech <br/>[2013/06/07 20:03:14 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\Bundled software uninstaller <br/>[2013/06/07 19:59:38 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\WNLT <br/>[2013/06/07 19:46:55 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\KSafe <br/>[2013/06/07 19:45:55 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\kingsoft <br/>[2013/06/07 19:45:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Kingsoft <br/>[2013/06/07 19:45:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kingsoft <br/>[2013/06/07 18:47:17 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Malwarebytes <br/>[2013/06/07 18:47:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes <br/>[2013/06/03 23:41:22 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\asoftech <br/>[2013/06/03 23:40:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyPC Backup <br/>[2013/06/03 23:39:28 | 000,000,000 | ---D | C] -- C:\Windows\Sun <br/>[2013/06/02 23:48:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project 64 2.0 <br/>[2013/06/02 23:48:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Project64 2.1 <br/>[2013/05/28 01:05:45 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Image-Line <br/>[2013/05/28 01:05:44 | 000,000,000 | ---D | C] -- C:\Program Files\Image-Line <br/>[2013/05/28 01:05:35 | 001,554,944 | ---- | C] (HMS http://hp.vector.co.jp/authors/VA012897/) -- C:\Windows\SysWow64\vorbis.acm <br/>[2013/05/28 01:05:34 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\FlowStone <br/>[2013/05/28 01:05:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DSPRobotics <br/>[2013/05/27 22:46:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line <br/>[2013/05/27 22:46:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\digidesign <br/>[2013/05/27 22:33:08 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Waves <br/>[2013/05/27 22:33:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves <br/>[2013/05/27 22:03:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synapse Audio <br/>[2013/05/27 21:51:56 | 000,086,016 | ---- | C] (MindVision Software) -- C:\Windows\unvise32.exe <br/>[2013/05/27 21:51:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ohm Force <br/>[2013/05/27 17:59:24 | 000,000,000 | ---D | C] -- C:\Users\Chris\Documents <br/>[2013/05/26 22:39:39 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\NetBeans <br/>[2013/05/26 22:39:39 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\NetBeans <br/>[2013/05/26 22:33:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBeans <br/>[2013/05/26 22:32:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NetBeans 7.3 <br/>[2013/05/22 22:11:15 | 000,000,000 | --SD | C] -- C:\Users\Chris\Google Drive <br/>[2013/05/22 22:10:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive <br/>[2013/05/22 00:27:55 | 000,000,000 | ---D | C] -- C:\Users\Chris\jagexcache <br/>[2013/05/18 21:24:32 | 000,000,000 | ---D | C] -- f:\Users\Chris\Documents\Reus <br/>[2013/05/18 17:28:56 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\FAHClient <br/>[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] <br/> <br/>[color=#E56717]========== Files - Modified Within 30 Days ==========[/color] <br/> <br/>[2013/06/16 12:00:00 | 000,792,118 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI <br/>[2013/06/16 12:00:00 | 000,673,088 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat <br/>[2013/06/16 12:00:00 | 000,129,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat <br/>[2013/06/16 11:56:44 | 000,020,304 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 <br/>[2013/06/16 11:56:44 | 000,020,304 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 <br/>[2013/06/16 11:54:47 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job <br/>[2013/06/16 11:54:41 | 000,000,828 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job <br/>[2013/06/16 11:54:40 | 000,002,489 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk <br/>[2013/06/16 11:54:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat <br/>[2013/06/16 11:54:34 | 2108,153,855 | -HS- | M] () -- C:\hiberfil.sys <br/>[2013/06/16 11:54:34 | 001,831,158 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\Cat.DB <br/>[2013/06/16 01:29:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job <br/>[2013/06/16 01:11:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job <br/>[2013/06/15 18:13:38 | 000,000,222 | ---- | M] () -- f:\Users\Chris\Desktop\Unepic.url <br/>[2013/06/15 16:44:28 | 000,173,104 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS <br/>[2013/06/15 16:44:28 | 000,007,440 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT <br/>[2013/06/15 16:44:28 | 000,000,854 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF <br/>[2013/06/15 16:21:56 | 000,003,072 | ---- | M] () -- C:\Windows\SysWow64\Cache.db <br/>[2013/06/15 16:10:33 | 000,001,048 | ---- | M] () -- C:\Users\Public\Desktop\Norton Utilities.lnk <br/>[2013/06/15 15:53:21 | 000,000,024 | ---- | M] () -- C:\Users\Chris\random.dat <br/>[2013/06/15 15:51:22 | 000,000,044 | ---- | M] () -- C:\Users\Chris\jagex_cl_runescape_LIVE.dat <br/>[2013/06/15 13:37:53 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk <br/>[2013/06/15 13:23:07 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr <br/>[2013/06/15 13:23:07 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe <br/>[2013/06/15 13:22:54 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0 <br/>[2013/06/14 23:22:20 | 000,002,279 | ---- | M] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk <br/>[2013/06/14 23:22:20 | 000,002,255 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk <br/>[2013/06/14 22:58:46 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk <br/>[2013/06/13 21:58:35 | 000,002,688 | ---- | M] () -- f:\Users\Chris\Desktop\WNetWatcher.cfg <br/>[2013/06/13 21:56:13 | 001,024,000 | ---- | M] () -- f:\Users\Chris\Desktop\PROF_SAVE_body <br/>[2013/06/12 11:41:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job <br/>[2013/06/12 11:12:55 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe <br/>[2013/06/12 11:12:55 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl <br/>[2013/06/10 20:33:37 | 000,000,045 | ---- | M] () -- C:\Users\Chris\jagex_cl_runescape_LIVE1.dat <br/>[2013/06/09 00:06:58 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll <br/>[2013/06/08 21:40:02 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll <br/>[2013/06/07 20:14:57 | 000,000,790 | ---- | M] () -- C:\Users\Public\Desktop\AutoMe.lnk <br/>[2013/06/07 17:49:05 | 000,362,952 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT <br/>[2013/06/04 01:12:30 | 000,001,351 | ---- | M] () -- f:\Users\Chris\Documents\AutoHotkey.ahk <br/>[2013/06/01 02:01:49 | 000,000,044 | ---- | M] () -- C:\Users\Chris\jagex_cl_oldschool_LIVE.dat <br/>[2013/05/28 21:14:41 | 000,000,202 | ---- | M] () -- f:\Users\Chris\Desktop\Dust An Elysian Tail.url <br/>[2013/05/28 01:06:01 | 000,002,040 | ---- | M] () -- C:\Users\Public\Desktop\FL Studio 11.lnk <br/>[2013/05/26 22:33:43 | 000,002,061 | ---- | M] () -- C:\Users\Public\Desktop\NetBeans IDE 7.3.lnk <br/>[2013/05/24 00:51:07 | 000,010,866 | ---- | M] () -- f:\Users\Chris\Desktop\Shotgun Fire.mp3 <br/>[2013/05/24 00:40:05 | 015,862,944 | ---- | M] () -- f:\Users\Chris\Desktop\Level 1.wav <br/>[2013/05/22 22:11:23 | 000,000,973 | ---- | M] () -- f:\Users\Chris\Desktop\GoogleDrive.lnk <br/>[2013/05/22 22:11:23 | 000,000,973 | ---- | M] () -- C:\Users\Chris\Google Drive - Shortcut.lnk <br/>[2013/05/18 21:24:21 | 000,777,586 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI <br/>[2013/05/18 20:46:38 | 000,000,222 | ---- | M] () -- f:\Users\Chris\Desktop\Reus.url <br/>[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] <br/> <br/>[color=#E56717]========== Files Created - No Company Name ==========[/color] <br/> <br/>[2013/06/16 11:54:27 | 001,831,158 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\Cat.DB <br/>[2013/06/15 19:27:22 | 000,007,829 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\symefa64.cat <br/>[2013/06/15 19:27:22 | 000,007,787 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\symnetv64.cat <br/>[2013/06/15 19:27:22 | 000,007,414 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\srtspx64.cat <br/>[2013/06/15 19:27:22 | 000,007,410 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\srtsp64.cat <br/>[2013/06/15 19:27:22 | 000,007,406 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\symds64.cat <br/>[2013/06/15 19:27:22 | 000,007,402 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\iron.cat <br/>[2013/06/15 19:27:22 | 000,007,368 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\symnet64.cat <br/>[2013/06/15 19:27:22 | 000,007,358 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\cchpx64.cat <br/>[2013/06/15 19:27:22 | 000,003,373 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\symefa.inf <br/>[2013/06/15 19:27:22 | 000,002,793 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\symds.inf <br/>[2013/06/15 19:27:22 | 000,001,838 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\cchpx64.inf <br/>[2013/06/15 19:27:22 | 000,001,473 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\symnetv.inf <br/>[2013/06/15 19:27:22 | 000,001,445 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\symnet.inf <br/>[2013/06/15 19:27:22 | 000,001,437 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\srtsp64.inf <br/>[2013/06/15 19:27:22 | 000,001,421 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\srtspx64.inf <br/>[2013/06/15 19:27:22 | 000,000,771 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\iron.inf <br/>[2013/06/15 19:27:18 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\isolate.ini <br/>[2013/06/15 18:13:38 | 000,000,222 | ---- | C] () -- f:\Users\Chris\Desktop\Unepic.url <br/>[2013/06/15 16:44:28 | 000,007,440 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT <br/>[2013/06/15 16:44:28 | 000,002,489 | ---- | C] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk <br/>[2013/06/15 16:44:28 | 000,000,854 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF <br/>[2013/06/15 16:29:54 | 000,007,611 | R--- | C] () -- C:\Windows\SysNative\drivers\NSTx64\7DD03030.013\ccsetx64.cat <br/>[2013/06/15 16:29:54 | 000,000,853 | R--- | C] () -- C:\Windows\SysNative\drivers\NSTx64\7DD03030.013\ccSetx64.inf <br/>[2013/06/15 16:29:54 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NSTx64\7DD03030.013\isolate.ini <br/>[2013/06/15 16:17:45 | 000,003,072 | ---- | C] () -- C:\Windows\SysWow64\Cache.db <br/>[2013/06/15 16:09:02 | 000,001,048 | ---- | C] () -- C:\Users\Public\Desktop\Norton Utilities.lnk <br/>[2013/06/15 13:37:53 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk <br/>[2013/06/14 22:58:45 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk <br/>[2013/06/10 20:33:37 | 000,000,045 | ---- | C] () -- C:\Users\Chris\jagex_cl_runescape_LIVE1.dat <br/>[2013/06/07 20:14:57 | 000,000,790 | ---- | C] () -- C:\Users\Public\Desktop\AutoMe.lnk <br/>[2013/06/04 01:12:30 | 000,001,351 | ---- | C] () -- f:\Users\Chris\Documents\AutoHotkey.ahk <br/>[2013/05/28 21:14:41 | 000,000,202 | ---- | C] () -- f:\Users\Chris\Desktop\Dust An Elysian Tail.url <br/>[2013/05/28 01:06:01 | 000,002,040 | ---- | C] () -- C:\Users\Public\Desktop\FL Studio 11.lnk <br/>[2013/05/28 01:05:43 | 000,002,052 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FL Studio 11.lnk <br/>[2013/05/26 22:33:43 | 000,002,061 | ---- | C] () -- C:\Users\Public\Desktop\NetBeans IDE 7.3.lnk <br/>[2013/05/24 00:51:07 | 000,010,866 | ---- | C] () -- f:\Users\Chris\Desktop\Shotgun Fire.mp3 <br/>[2013/05/24 00:39:58 | 015,862,944 | ---- | C] () -- f:\Users\Chris\Desktop\Level 1.wav <br/>[2013/05/22 22:11:31 | 000,000,973 | ---- | C] () -- f:\Users\Chris\Desktop\GoogleDrive.lnk <br/>[2013/05/22 22:11:23 | 000,000,973 | ---- | C] () -- C:\Users\Chris\Google Drive - Shortcut.lnk <br/>[2013/05/22 01:14:29 | 000,000,044 | ---- | C] () -- C:\Users\Chris\jagex_cl_oldschool_LIVE.dat <br/>[2013/05/22 00:27:55 | 000,000,044 | ---- | C] () -- C:\Users\Chris\jagex_cl_runescape_LIVE.dat <br/>[2013/05/22 00:27:55 | 000,000,024 | ---- | C] () -- C:\Users\Chris\random.dat <br/>[2013/05/18 20:46:38 | 000,000,222 | ---- | C] () -- f:\Users\Chris\Desktop\Reus.url <br/>[2013/05/09 21:53:13 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat <br/>[2013/04/25 14:55:30 | 000,021,764 | ---- | C] () -- C:\Users\Chris\AppData\Local\recently-used.xbel <br/>[2013/04/17 13:28:35 | 000,166,912 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL <br/>[2013/04/17 13:28:35 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL <br/>[2013/04/17 13:28:33 | 000,002,177 | ---- | C] () -- C:\Windows\P17EP.ini <br/>[2013/04/17 13:28:33 | 000,001,578 | ---- | C] () -- C:\Windows\P17EPLS.ini <br/>[2013/04/17 13:28:33 | 000,001,489 | ---- | C] () -- C:\Windows\P17EP51.ini <br/>[2013/02/28 19:52:57 | 000,000,093 | ---- | C] () -- C:\Users\Chris\AppData\Local\fusioncache.dat <br/>[2013/02/28 19:51:50 | 000,777,586 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI <br/>[2013/02/27 13:37:05 | 000,000,641 | ---- | C] () -- C:\Users\Chris\Downloads - Shortcut.lnk <br/>[2013/02/25 20:41:11 | 000,291,088 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe <br/>[2013/02/25 20:41:10 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe <br/>[2013/02/25 20:41:09 | 000,669,184 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe <br/>[2012/07/03 06:11:02 | 000,016,384 | ---- | C] () -- C:\Windows\SysWow64\theowl.dll <br/>[2012/02/03 13:00:58 | 000,139,264 | ---- | C] () -- C:\Windows\SysWow64\TCPClient.dll <br/>[2012/02/02 21:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll <br/> <br/>[color=#E56717]========== ZeroAccess Check ==========[/color] <br/> <br/>[2009/07/14 15:00:09 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini <br/> <br/>[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 <br/> <br/>[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] <br/> <br/>[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 <br/> <br/>[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] <br/> <br/>[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 <br/>"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 15:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation) <br/>"ThreadingModel" = Apartment <br/> <br/>[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] <br/>"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 14:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) <br/>"ThreadingModel" = Apartment <br/> <br/>[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 <br/>"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 11:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) <br/>"ThreadingModel" = Free <br/> <br/>[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] <br/>"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 13:24:46 | 000,606,208 | ---- | M] (Microsoft Corporation) <br/>"ThreadingModel" = Free <br/> <br/>[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 <br/>"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 11:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) <br/>"ThreadingModel" = Both <br/> <br/>[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] <br/> <br/>[color=#E56717]========== Alternate Data Streams ==========[/color] <br/> <br/>@Alternate Data Stream - 179 bytes -> C:\ProgramData\TEMP:D287FACF <br/> <br/>< End of report > <br/> <br/> <br/>OTL Extras logfile created on: 16/06/2013 11:59:19 AM - Run 1 <br/>OTL by OldTimer - Version 3.2.69.0 Folder = F:\Users\Chris\Downloads <br/>64bit- Ultimate Edition N Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation <br/>Internet Explorer (Version = 9.10.9200.16614) <br/>Locale: 00000c09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy <br/> <br/>7.95 Gb Total Physical Memory | 5.47 Gb Available Physical Memory | 68.84% Memory free <br/>19.87 Gb Paging File | 17.28 Gb Available in Paging File | 86.96% Paging File free <br/>Paging file location(s): g:\pagefile.sys 12211 12211 [binary data] <br/> <br/>%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) <br/>Drive C: | 119.14 Gb Total Space | 23.27 Gb Free Space | 19.53% Space Free | Partition Type: NTFS <br/>Drive F: | 232.88 Gb Total Space | 104.95 Gb Free Space | 45.07% Space Free | Partition Type: NTFS <br/>Drive G: | 698.54 Gb Total Space | 457.69 Gb Free Space | 65.52% Space Free | Partition Type: NTFS <br/> <br/>Computer Name: CHRIS-PC | User Name: Chris | Logged in as Administrator. <br/>Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans <br/>Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days <br/> <br/>[color=#E56717]========== Extra Registry (SafeList) ==========[/color] <br/> <br/> <br/>[color=#E56717]========== File Associations ==========[/color] <br/> <br/>64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] <br/>.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) <br/>.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] <br/>.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) <br/>.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) <br/> <br/>[HKEY_USERS\S-1-5-21-2686758744-1141044052-442096660-1000\SOFTWARE\Classes\<extension>] <br/>.html [@ = ChromeHTML] -- Reg Error: Key error. File not found <br/> <br/>[color=#E56717]========== Shell Spawning ==========[/color] <br/> <br/>64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] <br/>batfile [open] -- "%1" %* <br/>cmdfile [open] -- "%1" %* <br/>comfile [open] -- "%1" %* <br/>exefile [open] -- "%1" %* <br/>helpfile [open] -- Reg Error: Key error. <br/>htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) <br/>htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) <br/>htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" <br/>http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) <br/>https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) <br/>inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) <br/>InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) <br/>InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) <br/>piffile [open] -- "%1" %* <br/>regfile [merge] -- Reg Error: Key error. <br/>scrfile [config] -- "%1" <br/>scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l <br/>scrfile [open] -- "%1" /S <br/>txtfile [edit] -- Reg Error: Key error. <br/>Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 <br/>Directory [AddToPlaylistVLC] -- "F:\Program Files (x86)\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) <br/>Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) <br/>Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) <br/>Directory [PlayWithVLC] -- "F:\Program Files (x86)\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) <br/>Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) <br/>Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) <br/>Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) <br/>Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) <br/>Folder [explore] -- Reg Error: Value error. <br/>Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) <br/>Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) <br/>CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] <br/>batfile [open] -- "%1" %* <br/>cmdfile [open] -- "%1" %* <br/>comfile [open] -- "%1" %* <br/>cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) <br/>exefile [open] -- "%1" %* <br/>helpfile [open] -- Reg Error: Key error. <br/>htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) <br/>htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) <br/>htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" <br/>http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) <br/>https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) <br/>inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) <br/>piffile [open] -- "%1" %* <br/>regfile [merge] -- Reg Error: Key error. <br/>scrfile [config] -- "%1" <br/>scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l <br/>scrfile [open] -- "%1" /S <br/>txtfile [edit] -- Reg Error: Key error. <br/>Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 <br/>Directory [AddToPlaylistVLC] -- "F:\Program Files (x86)\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) <br/>Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) <br/>Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) <br/>Directory [PlayWithVLC] -- "F:\Program Files (x86)\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) <br/>Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) <br/>Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) <br/>Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) <br/>Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) <br/>Folder [explore] -- Reg Error: Value error. <br/>Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) <br/>Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) <br/>CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. <br/> <br/>[color=#E56717]========== Security Center Settings ==========[/color] <br/> <br/>64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] <br/>"cval" = 1 <br/> <br/>64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] <br/> <br/>64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] <br/>"VistaSp1" = 61 01 DA 5A 41 04 CA 01 [binary data] <br/>"AntiVirusOverride" = 0 <br/>"AntiSpywareOverride" = 0 <br/>"FirewallOverride" = 0 <br/> <br/>64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] <br/> <br/>[color=#E56717]========== Firewall Settings ==========[/color] <br/> <br/>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] <br/>"EnableFirewall" = 0 <br/>"DisableNotifications" = 0 <br/> <br/>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] <br/>"EnableFirewall" = 0 <br/>"DisableNotifications" = 0 <br/> <br/>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] <br/>"EnableFirewall" = 0 <br/>"DisableNotifications" = 0 <br/> <br/>[color=#E56717]========== Authorized Applications List ==========[/color] <br/> <br/> <br/>[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] <br/> <br/>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] <br/> <br/>[color=#E56717]========== Vista Active Application Exception List ==========[/color] <br/> <br/>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] <br/>"{12C3EE2A-3728-45C5-93CA-BCD21F2ACE7D}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\fez\fez.exe | <br/>"{153A247F-F1C8-4F2D-975F-C0D2DA7EDD69}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | <br/>"{15FB98D6-06AD-4DFD-ADD8-22A54009424D}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\they bleed pixels\they bleed pixels pc.exe | <br/>"{1688A857-F6F8-4CA1-B095-76AFCF400AB5}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\far cry 3 blood dragon\bin\fc3_blooddragon_d3d11.exe | <br/>"{1C3DED2D-CAA2-4908-BD58-BB102734A536}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\tower wars\tw.exe | <br/>"{22240288-9DE6-4310-A8FC-8A03E41EE785}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | <br/>"{22EEE2EF-51BA-4995-8DC5-609A054962D9}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe | <br/>"{24D77089-89B8-4371-8CAE-0EDA19333B74}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\far cry 3\bin\farcry3_d3d11.exe | <br/>"{29039712-5C46-4E93-9849-BB26E1DCE565}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\dlc quest\dlc.exe | <br/>"{30F23CDC-9F59-41DC-90FE-FA45A141AD3C}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\antichamber\binaries\win32\udk.exe | <br/>"{322CE691-200A-4C83-8E19-1F1FB03A880C}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\rush\rush.exe | <br/>"{3318E0E7-5AE1-4CC1-9CCE-18A99CC2F9E5}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\edge\edge.exe | <br/>"{335B3F61-91A0-4EDD-B27C-400734026446}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\far cry 3\bin\fc3updatersteam.exe | <br/>"{3505E624-B2F0-4B99-A1CD-3AB1AEE5C8DE}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe | <br/>"{3AFE22DA-26E7-4FB6-88DE-6843DF9C71D9}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe | <br/>"{3C7A1992-7657-4688-8C54-1DB229B081EC}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | <br/>"{3F3A1522-8096-4B62-9CA1-86797C0A88BE}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\far cry 3\bin\farcry3.exe | <br/>"{3FB00AB4-BAAE-4BC5-9749-72AAC14E7D2B}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | <br/>"{401E1DAC-97C1-4E56-A656-AFB192D196EC}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | <br/>"{41F81DD5-FBA5-46D8-A1D8-60DA83083AC3}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\far cry 3\bin\fc3updatersteam.exe | <br/>"{46F12682-9B9F-4DA4-B8FD-1E223CC7B0FF}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\symphony\symphony.exe | <br/>"{49168C0D-A7E6-4D88-A9FD-56552E6FDCB0}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\toki tori\tokitori.exe | <br/>"{4B00E989-8D9C-43BD-BB0A-87DF0D014315}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\dlc quest\dlc.exe | <br/>"{4E89B7F3-6E36-4342-9956-294EE6FD2C9E}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\far cry 3 blood dragon\bin\fc3bdupdatersteam.exe | <br/>"{5E496E65-3451-43BE-A886-3CD9581AE265}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | <br/>"{5F76B6D0-7FDF-4E56-A876-F2A1EA4AB1A5}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | <br/>"{6146AEE6-30C3-467F-B176-A74D4941FDAF}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\toki tori\tokitori.exe | <br/>"{64D94B16-81BE-4954-9D70-6DB596B9C27D}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\far cry 3 blood dragon\bin\fc3bdupdatersteam.exe | <br/>"{6A1809B1-52DD-4C4E-9C46-67F19EF9136C}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\beat hazard\beathazard.exe | <br/>"{6C0DEAFB-A1F2-4BA1-AF16-F5097C121EE3}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe | <br/>"{6D33F9F6-B234-4DFA-8128-4ACC84A339C0}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\fez\fez.exe | <br/>"{76DEA8D5-8830-4AB6-89F9-57641040266D}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\beat hazard\beathazard.exe | <br/>"{78558D45-56DB-4FE1-BE95-D031AE49A195}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\evoland\evoland.exe | <br/>"{81D275D4-8464-467F-BCD2-C23EE2003950}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\tower wars\tw.exe | <br/>"{86E94D2A-CC3B-4B14-A630-1EE0DDF401F8}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\edge\edge.exe | <br/>"{8D492F28-8597-46E0-BF6A-A98DECF508EC}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | <br/>"{8E7B8BE6-0FE9-4DBA-AA06-0704963C8C38}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe | <br/>"{9674FAF9-BAA5-42C0-94D4-2771CF1ED3A9}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steam.exe | <br/>"{97921DDC-7802-4A76-9780-22F014D94DE8}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\mark_of_the_ninja\bin\game.exe | <br/>"{99A52DE8-0634-4012-A11B-C4DDDC019320}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\mark_of_the_ninja\bin\game.exe | <br/>"{9A032F15-9287-4BFD-A115-9B3C2B6518BA}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe | <br/>"{9B162E95-FA05-45F3-B37D-6CC4A33102F8}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steam.exe | <br/>"{A268B277-A705-4F9F-96BF-2988A5181447}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | <br/>"{A2A32B72-94C6-490E-A118-652427C905B4}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\unepic\unepic.exe | <br/>"{A9137125-0D86-4C45-9791-B3493E082BA9}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\puddle\launcher.exe | <br/>"{B13FEBA7-069C-4469-8C92-BD59C30F34FB}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\antichamber\binaries\win32\udk.exe | <br/>"{B4DFB13A-C0B5-4B3D-A0E3-5EAD6E07185F}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | <br/>"{B5DAC367-B552-4F88-9866-F69225727184}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\dust an elysian tail\dustaet.exe | <br/>"{B6DA1F37-BD39-4115-BE5D-E7DDB3E0195C}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenautslauncher.exe | <br/>"{BC5A5A12-1DD6-457F-A4DF-210EB41D67ED}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\reus\reus.exe | <br/>"{BD109427-6D8A-4E37-ADDF-7D97BAC4AB3F}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | <br/>"{BF70EEA1-F7DF-4D19-AD99-1B5747C2955D}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\far cry 3\bin\farcry3.exe | <br/>"{D040CBD7-D056-4B57-A868-34044003486C}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\dust an elysian tail\dustaet.exe | <br/>"{D07AB8DB-80EC-4D12-8272-8221BA2C8389}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\puddle\launcher.exe | <br/>"{D297EC63-4ABF-40C8-85AB-CC219C5DDE5D}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | <br/>"{D3198E6B-4F1F-4A63-8AD0-D37F7FA211F5}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\unepic\unepic.exe | <br/>"{D4911397-CCF6-4845-996E-00F0B9D75C9D}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\they bleed pixels\they bleed pixels pc.exe | <br/>"{D53B1FF1-D763-4D7C-A988-DECF697645F0}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\evoland\evoland.exe | <br/>"{D62E5690-F9E4-45BD-BCB3-FEF7823A008B}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\dust an elysian tail\dustaet.exe | <br/>"{DD14B513-8440-4DDD-888E-A37F4093AFBB}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\dust an elysian tail\dustaet.exe | <br/>"{DD4430F3-8F92-4574-AF0D-185D79971AEE}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\rush\rush.exe | <br/>"{DE07C913-0020-44C4-9D6F-499E5ABE1035}" = dir=in | app=c:\program files (x86)\common files\microsoft shared\xna\xnatrans\v3.0\xnatransx.exe | <br/>"{E04E425E-3E1F-4B0A-92FC-0D6CF5A67248}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\droid assault\droidassault.exe | <br/>"{E57FB69F-2718-4B75-8560-6DB7771A85B6}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\beat hazard\runme.exe | <br/>"{E5932F65-92E1-4EAA-B1D4-F26E4B082DBD}" = protocol=17 | dir=in | app=f:\program files (x86)\utorrent.exe | <br/>"{E6A6007B-025A-4670-B23B-0F18A0989819}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | <br/>"{EE97921E-37EB-4777-BEAE-0D98A1736239}" = dir=in | app=c:\program files (x86)\microsoft xna\xna game studio\v4.0\bin\xnaliveproxy.exe | <br/>"{F685DD5B-28C0-4477-8EEB-631B6C7F7D77}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\far cry 3 blood dragon\bin\fc3_blooddragon.exe | <br/>"{F716E5D4-6AC9-4164-87E4-C39A6AB652DB}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\far cry 3 blood dragon\bin\fc3_blooddragon_d3d11.exe | <br/>"{F7C1B3A8-307A-4798-AD9F-5A3E3747996F}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\far cry 3\bin\farcry3_d3d11.exe | <br/>"{FB0B69BC-5A2F-460F-A964-FA25708E04F0}" = protocol=6 | dir=in | app=f:\program files (x86)\utorrent.exe | <br/>"{FC065DD9-596B-49BB-9606-404390226077}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\far cry 3 blood dragon\bin\fc3_blooddragon.exe | <br/>"{FCC531BF-D2E4-4DC4-87A2-4EC507DD5CAC}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | <br/>"{FD87B617-D298-4294-A79B-2071D46935EA}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\symphony\symphony.exe | <br/>"{FD8AE7B9-6E34-448B-81A5-0E33A445D787}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\reus\reus.exe | <br/>"{FEEF1E54-2F34-4138-8C0B-F963EF52352C}" = protocol=17 | dir=in | app=f:\program files (x86)\steam\steamapps\common\beat hazard\runme.exe | <br/>"{FF139F20-7F58-4C42-B095-BFF3A0288A3B}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenautslauncher.exe | <br/>"{FFE8D7EF-6912-4B5B-8D43-8CAA1EC83FDB}" = protocol=6 | dir=in | app=f:\program files (x86)\steam\steamapps\common\droid assault\droidassault.exe | <br/> <br/>[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] <br/> <br/>64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] <br/>"{0225AD21-F3E2-4916-BFF3-65D3F9052582}" = iTunes <br/>"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) <br/>"{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client <br/>"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 <br/>"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables <br/>"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support <br/>"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 <br/>"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 <br/>"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 <br/>"{6438A99C-A37E-4758-A0AE-95F8A63AAFF5}" = Intel(R) Network Connections 16.8.46.0 <br/>"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour <br/>"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64) <br/>"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 <br/>"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight <br/>"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended <br/>"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010 <br/>"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010 <br/>"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 <br/>"{94D70749-4281-39AC-AD90-B56A0E0A402E}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 <br/>"{A7500970-FE98-11E1-B560-F04DA23A5C58}" = Vegas Pro 12.0 (64-bit) <br/>"{AB085680-FE98-11E1-A232-F04DA23A5C58}" = MSVCRT Redists <br/>"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) <br/>"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 314.22 <br/>"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 314.22 <br/>"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 314.22 <br/>"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 314.22 <br/>"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.1031 <br/>"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.12.12 <br/>"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.23.1 <br/>"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application <br/>"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components <br/>"{BCA26999-EC22-3007-BB79-638913079C9A}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU <br/>"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU <br/>"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile <br/>"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0 <br/>"CCleaner" = CCleaner <br/>"GIMP-2_is1" = GIMP 2.8.4 <br/>"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile <br/>"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended <br/>"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0 <br/>"NetBalancer_is1" = NetBalancer <br/>"PROSetDX" = Intel(R) Network Connections 16.8.46.0 <br/>"UDK-9b3ff701-46ad-4089-983f-3ca6133e0f55" = My Game Long Name <br/>"WinRAR archiver" = WinRAR 4.20 (64-bit) <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] <br/>"{01C79EF3-DE84-4B56-B638-8BEA0D507506}" = Microsoft XNA Game Studio 4.0 (XnaLiveProxy) <br/>"{0666E46E-A860-4353-BE6D-13AA72FABB57}" = Microsoft XNA Game Studio Platform Tools <br/>"{08C84CC6-E7FD-4B2D-BBF9-B02CC90EE031}" = Microsoft XNA Game Studio 4.0 (Shared Components) <br/>"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU <br/>"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools <br/>"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1 <br/>"{1C3DA126-D523-4089-BCCA-FA46FE34D6F8}" = Google Drive <br/>"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 <br/>"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver <br/>"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21 <br/>"{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types <br/>"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0 <br/>"{32A3A4F4-B792-11D6-A78A-00B0D0170210}" = Java SE Development Kit 7 Update 21 <br/>"{39FC5346-05D2-44C0-B350-CC01A00ED9B4}" = AutoMe <br/>"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU <br/>"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology <br/>"{3F4EB5FE-B5BE-4069-A5A8-6D9262E1B379}" = Microsoft XNA Game Studio 4.0 Documentation <br/>"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support <br/>"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater <br/>"{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects <br/>"{59F24743-2EA1-3A45-B8C2-6E0E1E078FA8}" = Microsoft Visual C# 2010 Express - ENU <br/>"{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}" = GameSpy Comrade <br/>"{608E1B9B-A2E8-4A1F-8BAB-874EB0DD25E3}" = Intel(R) Update Manager <br/>"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components <br/>"{68BD57D3-D606-411E-A7E0-3EB6EA5660F6}" = Microsoft XNA Game Studio 4.0 (Redists) <br/>"{6A6D86CD-B004-46b7-8951-7BB75A776F8C}" = Intel(R) Small Business Advantage <br/>"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable <br/>"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK <br/>"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable <br/>"{73BE04D9-BA0E-4BAF-9C9D-677278BDB3DC}" = Microsoft XNA Game Studio 4.0 (ARP entry) <br/>"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™ <br/>"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update <br/>"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable <br/>"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX <br/>"{8C496FBF-DB4A-468D-A3A1-15E127382218}" = Microsoft XNA Game Studio 4.0 (Visual Studio) <br/>"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable <br/>"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010 <br/>"{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) <br/>"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010 <br/>"{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) <br/>"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010 <br/>"{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) <br/>"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010 <br/>"{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) <br/>"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010 <br/>"{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) <br/>"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010 <br/>"{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) <br/>"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 <br/>"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1) <br/>"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 <br/>"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1) <br/>"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010 <br/>"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1) <br/>"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1) <br/>"{90140000-002A-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1) <br/>"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010 <br/>"{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1) <br/>"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010 <br/>"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1) <br/>"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010 <br/>"{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1) <br/>"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010 <br/>"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) <br/>"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010 <br/>"{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1) <br/>"{90140000-0116-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1) <br/>"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010 <br/>"{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) <br/>"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting <br/>"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 <br/>"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 <br/>"{A6C48A9F-694A-4234-B3AA-62590B668927}" = Intel(R) Manageability Engine Firmware Recovery Agent <br/>"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper <br/>"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.7) <br/>"{B4E343DD-BAAB-4D59-AD9C-DEA0AFE09DF1}" = Mumble 1.2.3 <br/>"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 <br/>"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack <br/>"{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}" = Microsoft XNA Framework Redistributable 4.0 Refresh <br/>"{E7597FFE-2C87-4939-89E6-38EF01C247DF}" = Intel(R) Integrator Toolkit 5 <br/>"{F01CBA59-B5BD-4608-A834-1CBE8C292A71}" = Intel(R) Desktop Utilities <br/>"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 <br/>"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver <br/>"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center <br/>"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 <br/>"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin <br/>"ASIO4ALL" = ASIO4ALL <br/>"Audacity_is1" = Audacity 2.0.3 <br/>"B076073A-5527-4f4f-B46B-B10692277DA2_is1" = DisplayFusion 3.1.6 <br/>"Battlelog Web Plugins" = Battlelog Web Plugins <br/>"ESN Sonar-0.70.4" = ESN Sonar <br/>"FL Studio 11" = FL Studio 11 <br/>"FlowStone" = FlowStone FL 3.0 <br/>"Fraps" = Fraps (remove only) <br/>"G-Force" = G-Force <br/>"Google Chrome" = Google Chrome <br/>"Hardcore" = Hardcore <br/>"IL Download Manager" = IL Download Manager <br/>"IL Shared Libraries" = IL Shared Libraries <br/>"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300 <br/>"Microsoft Visual C# 2010 Express - ENU" = Microsoft Visual C# 2010 Express - ENU <br/>"MozillaMaintenanceService" = Mozilla Maintenance Service <br/>"nbi-nb-base-7.3.0.0.201302132200" = NetBeans IDE 7.3 <br/>"NIS" = Norton Internet Security <br/>"Norton Utilities_is1" = Norton Utilities <br/>"NST" = Norton Identity Safe <br/>"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver <br/>"Office14.SingleImage" = Microsoft Office Home and Student 2010 <br/>"Ohmicide VST" = Ohm Force - Ohmicide VST <br/>"OpenAL" = OpenAL <br/>"Origin" = Origin <br/>"PoiZone" = PoiZone <br/>"Project 64_is1" = Project 64 version 2.1.0.1 <br/>"PunkBusterSvc" = PunkBuster Services <br/>"Sawer" = Sawer <br/>"Simple Shutdown Timer1.1.2" = Simple Shutdown Timer <br/>"Steam App 207750" = Symphony <br/>"Steam App 211260" = They Bleed Pixels <br/>"Steam App 214560" = Mark of the Ninja <br/>"Steam App 219200" = Droid Assault <br/>"Steam App 219890" = Antichamber <br/>"Steam App 220240" = Far Cry® 3 <br/>"Steam App 222140" = Puddle <br/>"Steam App 222730" = Reus <br/>"Steam App 224760" = FEZ <br/>"Steam App 230050" = DLC Quest <br/>"Steam App 233270" = Far Cry® 3 Blood Dragon <br/>"Steam App 233470" = Evoland <br/>"Steam App 233980" = Unepic <br/>"Steam App 236090" = Dust: An Elysian Tail <br/>"Steam App 38700" = Toki Tori <br/>"Steam App 38720" = RUSH <br/>"Steam App 38740" = EDGE <br/>"Steam App 49520" = Borderlands 2 <br/>"SynapseHydra_is1" = Hydra VSTi/DXi v1.2 <br/>"Toxic Biohazard" = Toxic Biohazard <br/>"Uplay" = Uplay <br/>"uTorrent" = µTorrent <br/>"Virtual DJ Pro Full - Atomix Productions" = Virtual DJ Pro Full - Atomix Productions <br/>"VirtualCloneDrive" = VirtualCloneDrive <br/>"VLC media player" = VLC media player 2.0.5 <br/>"Waves Diamond Bundle v5.2" = Waves Diamond Bundle v5.2 <br/>"Winamp" = Winamp <br/>"XNA Game Studio 4.0" = Microsoft XNA Game Studio 4.0 <br/> <br/>[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] <br/> <br/>[HKEY_USERS\S-1-5-21-2686758744-1141044052-442096660-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] <br/>"101a9f93b8f0bb6f" = Curse Client <br/>"Winamp Detect" = Winamp Detector Plug-in <br/> <br/>[color=#E56717]========== Last 20 Event Log Errors ==========[/color] <br/> <br/>[ Application Events ] <br/>Error - 14/06/2013 5:56:23 AM | Computer Name = Chris-PC | Source = WinMgmt | ID = 10 <br/>Description = <br/> <br/>Error - 14/06/2013 8:00:51 AM | Computer Name = Chris-PC | Source = WinMgmt | ID = 10 <br/>Description = <br/> <br/>Error - 14/06/2013 9:32:22 AM | Computer Name = Chris-PC | Source = WinMgmt | ID = 10 <br/>Description = <br/> <br/>Error - 14/06/2013 10:46:47 AM | Computer Name = Chris-PC | Source = WinMgmt | ID = 10 <br/>Description = <br/> <br/>Error - 14/06/2013 11:02:48 PM | Computer Name = Chris-PC | Source = WinMgmt | ID = 10 <br/>Description = <br/> <br/>Error - 14/06/2013 11:28:39 PM | Computer Name = Chris-PC | Source = NetBalancer 6.5.4 | ID = 0 <br/>Description = System.UnauthorizedAccessException: Access to the registry key 'HKEY_CLASSES_ROOT\CLSID\{12275AF4-E724-470c-8B28-9121FBD34B89}\InprocServer32' <br/> is denied. at Microsoft.Win32.RegistryKey.Win32Error(Int32 errorCode, String <br/>str) at Microsoft.Win32.RegistryKey.CreateSubKey(String subkey, RegistryKeyPermissionCheck <br/> permissionCheck, RegistrySecurity registrySecurity) at fl.f[a](String a, a A) <br/> <br/>Error - 14/06/2013 11:47:58 PM | Computer Name = Chris-PC | Source = WinMgmt | ID = 10 <br/>Description = <br/> <br/>Error - 15/06/2013 2:18:22 AM | Computer Name = Chris-PC | Source = WinMgmt | ID = 10 <br/>Description = <br/> <br/>Error - 15/06/2013 2:32:18 AM | Computer Name = Chris-PC | Source = WinMgmt | ID = 10 <br/>Description = <br/> <br/>Error - 15/06/2013 9:55:48 PM | Computer Name = Chris-PC | Source = WinMgmt | ID = 10 <br/>Description = <br/> <br/>[ System Events ] <br/>Error - 15/06/2013 2:17:17 AM | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7000 <br/>Description = The X5XSEx_Pr143 service failed to start due to the following error: <br/> %%3 <br/> <br/>Error - 15/06/2013 2:19:19 AM | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7038 <br/>Description = The nvUpdatusService service was unable to log on as .\UpdatusUser <br/> with the currently configured password due to the following error: %%1330 To ensure <br/> that the service is configured properly, use the Services snap-in in Microsoft <br/>Management Console (MMC). <br/> <br/>Error - 15/06/2013 2:19:19 AM | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7000 <br/>Description = The NVIDIA Update Service Daemon service failed to start due to the <br/> following error: %%1069 <br/> <br/>Error - 15/06/2013 2:23:28 AM | Computer Name = Chris-PC | Source = VDS Basic Provider | ID = 33554433 <br/>Description = <br/> <br/>Error - 15/06/2013 2:31:13 AM | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7000 <br/>Description = The X5XSEx_Pr143 service failed to start due to the following error: <br/> %%3 <br/> <br/>Error - 15/06/2013 2:33:16 AM | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7038 <br/>Description = The nvUpdatusService service was unable to log on as .\UpdatusUser <br/> with the currently configured password due to the following error: %%1330 To ensure <br/> that the service is configured properly, use the Services snap-in in Microsoft <br/>Management Console (MMC). <br/> <br/>Error - 15/06/2013 2:33:16 AM | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7000 <br/>Description = The NVIDIA Update Service Daemon service failed to start due to the <br/> following error: %%1069 <br/> <br/>Error - 15/06/2013 9:54:39 PM | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7000 <br/>Description = The X5XSEx_Pr143 service failed to start due to the following error: <br/> %%3 <br/> <br/>Error - 15/06/2013 9:56:41 PM | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7038 <br/>Description = The nvUpdatusService service was unable to log on as .\UpdatusUser <br/> with the currently configured password due to the following error: %%1330 To ensure <br/> that the service is configured properly, use the Services snap-in in Microsoft <br/>Management Console (MMC). <br/> <br/>Error - 15/06/2013 9:56:41 PM | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7000 <br/>Description = The NVIDIA Update Service Daemon service failed to start due to the <br/> following error: %%1069 <br/> <br/> <br/>< End of report >
Posted 6/16/2013 9:05 AM
#95795
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
Please dowload adwcleaner. <br/>http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner <br/>Double click on AdwCleaner.exe to run the tool. <br/>***Note: Windows Vista and Windows 7 users: <br/>Right click in the adwCleaner.exe and select – Run as admin <br/>Click Delete. <br/>Everything that was found will be deleted. <br/>Save any open files and approve the reboot. A text file will open after the restart. <br/> <br/>Next - <br/>Junkware Removal Tool by thisisu <br/>Download: http://www.bleepingcomputer.com/download/junkware-removal-tool/ <br/>Disable your Antivirus program if required <br/>For vista and windows 7 right click on the tool and select run as administrator <br/> <br/>After the scan is completed, post the generated log here, along with adwcleaner log.

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 6/16/2013 9:18 AM
#95796
User avatar

Steelstring13 Valued member

Date Joined Nov 2016
Total Posts: 14
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ <br/>Junkware Removal Tool (JRT) by Thisisu <br/>Version: 4.9.4 (05.06.2013:1) <br/>OS: Windows 7 Ultimate N x64 <br/>Ran by Chris on Sun 16/06/2013 at 19:15:36.15 <br/>~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ <br/> <br/> <br/> <br/> <br/>~~~ Services <br/> <br/> <br/> <br/>~~~ Registry Values <br/> <br/> <br/> <br/>~~~ Registry Keys <br/> <br/>Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim <br/>Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim <br/> <br/> <br/> <br/>~~~ Files <br/> <br/> <br/> <br/>~~~ Folders <br/> <br/>Successfully deleted: [Folder] "C:\Program Files (x86)\splashtop" <br/> <br/> <br/> <br/>~~~ Chrome <br/> <br/>Successfully deleted: [Registry Key] hkey_local_machine\software\policies\google\chrome\extensioninstallforcelist <br/> <br/> <br/> <br/>~~~ Event Viewer Logs were cleared <br/> <br/> <br/> <br/> <br/> <br/>~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ <br/>Scan was completed on Sun 16/06/2013 at 19:18:03.04 <br/>End of JRT log <br/>~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ <br/> <br/> <br/> <br/> <br/># AdwCleaner v2.303 - Logfile created 06/16/2013 at 19:13:01 <br/># Updated 08/06/2013 by Xplode <br/># Operating system : Windows 7 Ultimate N Service Pack 1 (64 bits) <br/># User : Chris - CHRIS-PC <br/># Boot Mode : Normal <br/># Running from : F:\Users\Chris\Downloads\adwcleaner.exe <br/># Option [Delete] <br/> <br/> <br/>***** [Services] ***** <br/> <br/> <br/>***** [Files / Folders] ***** <br/> <br/>Folder Deleted : C:\ProgramData\Babylon <br/>Folder Deleted : C:\ProgramData\Free Ride Games <br/>Folder Deleted : C:\ProgramData\Tarma Installer <br/>Folder Deleted : C:\Users\Chris\AppData\Local\Bundled software uninstaller <br/>Folder Deleted : C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfgmipjabpfjdgflgbjjpgekdejokfci <br/>Folder Deleted : C:\Users\Chris\AppData\Roaming\Babylon <br/>Folder Deleted : C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Ride Games <br/>Folder Deleted : C:\Windows\SysWOW64\WNLT <br/> <br/>***** [Registry] ***** <br/> <br/>Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider <br/>Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar <br/>Key Deleted : HKCU\Software\BabSolution <br/>Key Deleted : HKCU\Software\BI <br/>Key Deleted : HKCU\Software\DataMngr <br/>Key Deleted : HKCU\Software\Google\Chrome\Extensions\cfgmipjabpfjdgflgbjjpgekdejokfci <br/>Key Deleted : HKCU\Software\ImInstaller <br/>Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} <br/>Key Deleted : HKLM\Software\Babylon <br/>Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} <br/>Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap <br/>Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{103DFC4E-147A-5606-9B4E-1C216DF227A1} <br/>Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} <br/>Key Deleted : HKLM\Software\Conduit <br/>Key Deleted : HKLM\Software\DataMngr <br/>Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{44d07caa-4fc4-5a84-9951-a485ad808d0e} <br/>Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} <br/>Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} <br/>Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cfgmipjabpfjdgflgbjjpgekdejokfci <br/>Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} <br/>Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} <br/>Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} <br/>Key Deleted : HKLM\SOFTWARE\Tarma Installer <br/>Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}] <br/> <br/>***** [Internet Browsers] ***** <br/> <br/>-\\ Internet Explorer v10.0.9200.16611 <br/> <br/>Replaced : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?ptr=100&crg=3.1010000.10039&barid={F43E38D7-CF58-11E2-BE19-4C72B997E360} --> hxxp://www.google.com <br/> <br/>-\\ Google Chrome v27.0.1453.110 <br/> <br/>File : C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Preferences <br/> <br/>[OK] File is clean. <br/> <br/>************************* <br/> <br/>AdwCleaner[S1].txt - [3137 octets] - [16/06/2013 19:13:01] <br/> <br/>########## EOF - C:\AdwCleaner[S1].txt - [3197 octets] ##########
Posted 6/16/2013 9:53 AM
#95797
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
Next step..........</div> <br/> <br/> <br/> <br/><span lang="DA">Please download Combofix from: <br/> <br/>http://download.bleepingcomputer.com/sUBs/ComboFix.exe <br/> <br/> <br/><font face="Verdana"><span lang="EN-GB"> And save to the desktop. <br/> <br/>  <br/> <br/></font><font face="Arial">After the download is complete, perform the following tasks before using the ComboFix tool to scan your PC: <br/> <br/>Exit all windows that are currently open on your computer. <br/> <br/>To prevent interference, temporarily disable your antivirus, antispyware, firewall and other security tools that may be running on your computer. <br/> <br/> <br/> <br/></font><font face="Verdana"><span lang="X-NONE">  <br/> <br/><span lang="EN-GB">Double-click on the combofix icon found on your desktop. <br/> <br/>  <br/> <br/><b>Please note, that once you start combofix you should not click anywhere on the combofix window as it can cause the program to stall. <br/>In fact, when combofix is running, do not touch your computer at all and just take a break as it may take a while for it to complete. <br/> <br/></b> <br/> <br/> When finished, it will produce a logfile located at C:\combofix.txt. <br/> <br/>  <br/> <br/> <br/> <br/>Post the contents of that log in your next reply <br/> <br/> <br/> <br/><span lang="X-NONE">The logs will be reasonably large so you may have to divide them into sections and make several posts to post them. <br/> <br/> <br/></font>

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 6/16/2013 10:17 AM
#95798
User avatar

Steelstring13 Valued member

Date Joined Nov 2016
Total Posts: 14
Thank you so much for all you have done so far. <br/> <br/>Here is the Combofix log: <br/> <br/> <br/> <br/> <br/> <br/> <br/> <br/>ComboFix 13-06-15.01 - Chris 16/06/2013 20:06:46.1.4 - x64 <br/>Microsoft Windows 7 Ultimate N 6.1.7601.1.1252.61.1033.18.8142.5868 [GMT 10:00] <br/>Running from: f:\users\Chris\Downloads\ComboFix.exe <br/>AV: Norton Internet Security *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855} <br/>FW: Norton Internet Security *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E} <br/>SP: Norton Internet Security *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8} <br/>SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} <br/>. <br/>. <br/>((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) <br/>. <br/>. <br/>c:\users\Chris\AppData\Local\Temp\_MEI30202\_ctypes.pyd <br/>c:\users\Chris\AppData\Local\Temp\_MEI30202\_elementtree.pyd <br/>c:\users\Chris\AppData\Local\Temp\_MEI30202\_hashlib.pyd <br/>c:\users\Chris\AppData\Local\Temp\_MEI30202\_multiprocessing.pyd <br/>c:\users\Chris\AppData\Local\Temp\_MEI30202\_socket.pyd <br/>c:\users\Chris\AppData\Local\Temp\_MEI30202\_ssl.pyd <br/>c:\users\Chris\AppData\Local\Temp\_MEI30202\pyexpat.pyd <br/>c:\users\Chris\AppData\Local\Temp\_MEI30202\pysqlite2._sqlite.pyd <br/>c:\users\Chris\AppData\Local\Temp\_MEI30202\python27.dll <br/>c:\users\Chris\AppData\Local\Temp\_MEI30202\pythoncom27.dll <br/>c:\users\Chris\AppData\Local\Temp\_MEI30202\PyWinTypes27.dll <br/>c:\users\Chris\AppData\Local\Temp\_MEI30202\select.pyd <br/>c:\users\Chris\AppData\Local\Temp\_MEI30202\unicodedata.pyd <br/>c:\users\Chris\AppData\Local\Temp\_MEI30202\win32api.pyd <br/>c:\users\Chris\AppData\Local\Temp\_MEI30202\win32com.shell.shell.pyd <br/>c:\users\Chris\AppData\Local\Temp\_MEI30202\win32crypt.pyd <br/>c:\users\Chris\AppData\Local\Temp\_MEI30202\win32event.pyd <br/>c:\users\Chris\AppData\Local\Temp\_MEI30202\win32file.pyd <br/>c:\users\Chris\AppData\Local\Temp\_MEI30202\win32inet.pyd <br/>c:\users\Chris\AppData\Local\Temp\_MEI30202\win32pdh.pyd <br/>c:\users\Chris\AppData\Local\Temp\_MEI30202\win32process.pyd <br/>c:\users\Chris\AppData\Local\Temp\_MEI30202\win32profile.pyd <br/>c:\users\Chris\AppData\Local\Temp\_MEI30202\win32security.pyd <br/>c:\users\Chris\AppData\Local\Temp\_MEI30202\win32ts.pyd <br/>c:\users\Chris\AppData\Local\Temp\_MEI30202\windows._cacheinvalidation.pyd <br/>c:\users\Chris\AppData\Local\Temp\_MEI30202\wx._controls_.pyd <br/>c:\users\Chris\AppData\Local\Temp\_MEI30202\wx._core_.pyd <br/>c:\users\Chris\AppData\Local\Temp\_MEI30202\wx._gdi_.pyd <br/>c:\users\Chris\AppData\Local\Temp\_MEI30202\wx._html2.pyd <br/>c:\users\Chris\AppData\Local\Temp\_MEI30202\wx._misc_.pyd <br/>c:\users\Chris\AppData\Local\Temp\_MEI30202\wx._windows_.pyd <br/>c:\users\Chris\AppData\Local\Temp\_MEI30202\wx._wizard.pyd <br/>c:\users\Chris\AppData\Local\Temp\_MEI30202\wxbase294u_net_vc90.dll <br/>c:\users\Chris\AppData\Local\Temp\_MEI30202\wxbase294u_vc90.dll <br/>c:\users\Chris\AppData\Local\Temp\_MEI30202\wxmsw294u_adv_vc90.dll <br/>c:\users\Chris\AppData\Local\Temp\_MEI30202\wxmsw294u_core_vc90.dll <br/>c:\users\Chris\AppData\Local\Temp\_MEI30202\wxmsw294u_html_vc90.dll <br/>c:\users\Chris\AppData\Local\Temp\_MEI30202\wxmsw294u_webview_vc90.dll <br/>c:\windows\SysWow64\frapsvid.dll <br/>G:\install.exe <br/>. <br/>. <br/>((((((((((((((((((((((((( Files Created from 2013-05-16 to 2013-06-16 ))))))))))))))))))))))))))))))) <br/>. <br/>. <br/>2013-06-16 10:10 . 2013-06-16 10:10 -------- d-----w- c:\users\matt\AppData\Local\temp <br/>2013-06-16 10:10 . 2013-06-16 10:10 -------- d-----w- c:\users\Default\AppData\Local\temp <br/>2013-06-16 09:15 . 2013-06-16 09:15 -------- d-----w- c:\windows\ERUNT <br/>2013-06-16 09:15 . 2013-06-16 09:15 -------- d-----w- C:\JRT <br/>2013-06-15 06:44 . 2013-06-15 06:44 173104 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS <br/>2013-06-15 06:44 . 2013-06-15 06:44 -------- d-----w- c:\program files\Symantec <br/>2013-06-15 06:44 . 2013-06-15 06:44 -------- d-----w- c:\program files\Common Files\Symantec Shared <br/>2013-06-15 06:44 . 2013-06-16 09:14 -------- d-----w- c:\windows\system32\drivers\NISx64 <br/>2013-06-15 06:44 . 2013-06-15 06:44 -------- d-----w- c:\program files (x86)\Norton Internet Security <br/>2013-06-15 06:29 . 2013-06-15 06:29 -------- d-----w- c:\program files (x86)\Norton Identity Safe <br/>2013-06-15 06:29 . 2013-06-15 06:29 -------- d-----w- c:\windows\system32\drivers\NSTx64 <br/>2013-06-15 06:15 . 2013-06-15 06:17 -------- d-----w- c:\users\Chris\AppData\Roaming\Norton Utilities 14 <br/>2013-06-15 06:10 . 2008-04-02 05:54 1101824 ----a-w- c:\windows\SysWow64\UniBox210.ocx <br/>2013-06-15 06:10 . 2008-04-02 05:53 212992 ----a-w- c:\windows\SysWow64\UniBoxVB12.ocx <br/>2013-06-15 06:10 . 2008-04-02 05:53 880640 ----a-w- c:\windows\SysWow64\UniBox10.ocx <br/>2013-06-15 06:09 . 2013-06-15 06:09 -------- d-----w- c:\programdata\Norton Installer <br/>2013-06-15 06:08 . 2004-08-03 22:00 506368 ----a-w- c:\windows\SysWow64\msxml.dll <br/>2013-06-15 06:08 . 2013-06-15 06:31 -------- d-----w- c:\program files (x86)\Norton Utilities 14 <br/>2013-06-15 03:37 . 2013-06-15 03:37 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware <br/>2013-06-15 03:37 . 2013-04-04 04:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys <br/>2013-06-14 12:58 . 2013-06-14 12:58 -------- d-----w- c:\program files\CCleaner <br/>2013-06-14 10:12 . 2013-06-16 09:14 -------- d-----w- c:\program files (x86)\Battlelog Web Plugins <br/>2013-06-12 10:28 . 2013-05-08 06:39 1910632 ----a-w- c:\windows\system32\drivers\tcpip.sys <br/>2013-06-12 10:23 . 2013-04-26 05:51 751104 ----a-w- c:\windows\system32\win32spl.dll <br/>2013-06-12 10:23 . 2013-04-26 04:55 492544 ----a-w- c:\windows\SysWow64\win32spl.dll <br/>2013-06-12 10:23 . 2013-05-10 05:49 30720 ----a-w- c:\windows\system32\cryptdlg.dll <br/>2013-06-12 10:23 . 2013-05-10 03:20 24576 ----a-w- c:\windows\SysWow64\cryptdlg.dll <br/>2013-06-12 10:23 . 2013-04-17 07:02 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll <br/>2013-06-12 10:23 . 2013-04-17 06:24 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll <br/>2013-06-12 10:22 . 2013-05-13 05:51 184320 ----a-w- c:\windows\system32\cryptsvc.dll <br/>2013-06-12 10:22 . 2013-05-13 05:51 1464320 ----a-w- c:\windows\system32\crypt32.dll <br/>2013-06-12 10:22 . 2013-05-13 05:51 139776 ----a-w- c:\windows\system32\cryptnet.dll <br/>2013-06-12 10:22 . 2013-05-13 05:50 52224 ----a-w- c:\windows\system32\certenc.dll <br/>2013-06-12 10:22 . 2013-05-13 04:45 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll <br/>2013-06-12 10:22 . 2013-05-13 04:45 1160192 ----a-w- c:\windows\SysWow64\crypt32.dll <br/>2013-06-12 10:22 . 2013-05-13 04:45 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll <br/>2013-06-12 10:22 . 2013-05-13 03:43 1192448 ----a-w- c:\windows\system32\certutil.exe <br/>2013-06-12 10:22 . 2013-05-13 03:08 903168 ----a-w- c:\windows\SysWow64\certutil.exe <br/>2013-06-12 10:22 . 2013-05-13 03:08 43008 ----a-w- c:\windows\SysWow64\certenc.dll <br/>2013-06-12 10:22 . 2013-04-25 23:30 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll <br/>2013-06-12 10:22 . 2013-03-31 22:52 1887232 ----a-w- c:\windows\system32\d3d11.dll <br/>2013-06-10 10:45 . 2013-06-10 10:45 -------- d-----w- c:\users\Chris\AppData\Local\CRE <br/>2013-06-07 10:14 . 2013-06-07 10:14 -------- d-----w- c:\program files (x86)\Asoftech <br/>2013-06-07 10:08 . 2013-06-07 10:08 270468 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\Setup.dll <br/>2013-06-07 10:08 . 2013-06-07 10:08 159876 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\IGdi.dll <br/>2013-06-07 10:08 . 2002-08-05 00:46 57344 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\ctor.dll <br/>2013-06-07 10:08 . 2002-08-01 17:10 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\DotNetInstaller.exe <br/>2013-06-07 10:08 . 2002-08-01 16:20 634880 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\iKernel.dll <br/>2013-06-07 10:08 . 2002-08-01 16:20 237568 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\iscript.dll <br/>2013-06-07 10:08 . 2002-08-01 16:20 151552 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\iuser.dll <br/>2013-06-07 09:46 . 2013-06-07 09:46 -------- d-----w- c:\users\Chris\AppData\Local\KSafe <br/>2013-06-07 09:45 . 2013-06-07 09:45 -------- d-----w- c:\users\Chris\AppData\Roaming\kingsoft <br/>2013-06-07 09:45 . 2013-06-07 09:47 -------- d-----w- c:\programdata\Kingsoft <br/>2013-06-07 09:45 . 2013-06-14 12:35 -------- d-----w- c:\program files (x86)\Kingsoft <br/>2013-06-07 08:47 . 2013-06-07 08:47 -------- d-----w- c:\users\Chris\AppData\Roaming\Malwarebytes <br/>2013-06-07 08:47 . 2013-06-07 08:47 -------- d-----w- c:\programdata\Malwarebytes <br/>2013-06-03 13:41 . 2013-06-03 13:41 -------- d-----w- c:\users\Chris\AppData\Roaming\asoftech <br/>2013-06-03 13:40 . 2013-06-07 09:43 -------- d-----w- c:\program files (x86)\MyPC Backup <br/>2013-06-03 13:39 . 2013-06-03 13:39 -------- d-----w- c:\windows\Sun <br/>2013-06-02 13:48 . 2013-06-02 14:02 -------- d-----w- c:\program files (x86)\Project64 2.1 <br/>2013-05-27 15:05 . 2013-05-27 15:05 -------- d-----w- c:\users\Chris\AppData\Roaming\Image-Line <br/>2013-05-27 15:05 . 2013-05-27 15:05 -------- d-----w- c:\program files\Image-Line <br/>2013-05-27 15:05 . 2009-09-15 09:14 1554944 ----a-w- c:\windows\SysWow64\vorbis.acm <br/>2013-05-27 15:05 . 2013-06-12 13:16 -------- d-----w- c:\users\Chris\AppData\Roaming\FlowStone <br/>2013-05-27 15:05 . 2013-05-27 15:05 -------- d-----w- c:\program files (x86)\DSPRobotics <br/>2013-05-27 12:46 . 2013-05-27 12:46 -------- d-----w- c:\program files (x86)\Common Files\digidesign <br/>2013-05-27 11:51 . 1999-12-17 00:13 86016 ----a-w- c:\windows\unvise32.exe <br/>2013-05-26 12:39 . 2013-05-26 12:39 -------- d-----w- c:\users\Chris\AppData\Roaming\NetBeans <br/>2013-05-26 12:39 . 2013-05-26 12:39 -------- d-----w- c:\users\Chris\AppData\Local\NetBeans <br/>2013-05-26 12:32 . 2013-05-26 12:35 -------- d-----w- c:\program files (x86)\NetBeans 7.3 <br/>2013-05-22 12:11 . 2013-06-16 09:14 -------- d-s---w- c:\users\Chris\Google Drive <br/>2013-05-21 14:27 . 2013-06-10 02:41 -------- d-----w- c:\users\Chris\jagexcache <br/>2013-05-18 07:28 . 2013-06-06 09:25 -------- d-----w- c:\users\Chris\AppData\Roaming\FAHClient <br/>. <br/>. <br/>. <br/>(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) <br/>. <br/>2013-06-16 09:27 . 2013-02-25 10:43 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr <br/>2013-06-16 09:27 . 2013-02-25 10:41 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.exe <br/>2013-06-16 08:25 . 2013-02-25 10:41 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0 <br/>2013-06-13 11:02 . 2013-02-25 01:33 75825640 ----a-w- c:\windows\system32\MRT.exe <br/>2013-06-12 01:12 . 2013-03-01 02:21 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe <br/>2013-06-12 01:12 . 2013-03-01 02:21 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl <br/>2013-05-08 06:32 . 2013-05-08 06:32 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe <br/>2013-05-08 06:32 . 2013-05-08 06:32 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll <br/>2013-05-08 06:32 . 2013-05-08 06:32 61952 ----a-w- c:\windows\SysWow64\tdc.ocx <br/>2013-05-08 06:32 . 2013-05-08 06:32 523264 ----a-w- c:\windows\SysWow64\vbscript.dll <br/>2013-05-08 06:32 . 2013-05-08 06:32 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll <br/>2013-05-08 06:32 . 2013-05-08 06:32 38400 ----a-w- c:\windows\SysWow64\imgutil.dll <br/>2013-05-08 06:32 . 2013-05-08 06:32 361984 ----a-w- c:\windows\SysWow64\html.iec <br/>2013-05-08 06:32 . 2013-05-08 06:32 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll <br/>2013-05-08 06:32 . 2013-05-08 06:32 226304 ----a-w- c:\windows\system32\elshyph.dll <br/>2013-05-08 06:32 . 2013-05-08 06:32 185344 ----a-w- c:\windows\SysWow64\elshyph.dll <br/>2013-05-08 06:32 . 2013-05-08 06:32 158720 ----a-w- c:\windows\SysWow64\msls31.dll <br/>2013-05-08 06:32 . 2013-05-08 06:32 150528 ----a-w- c:\windows\SysWow64\iexpress.exe <br/>2013-05-08 06:32 . 2013-05-08 06:32 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl <br/>2013-05-08 06:32 . 2013-05-08 06:32 138752 ----a-w- c:\windows\SysWow64\wextract.exe <br/>2013-05-08 06:32 . 2013-05-08 06:32 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe <br/>2013-05-08 06:32 . 2013-05-08 06:32 12800 ----a-w- c:\windows\SysWow64\mshta.exe <br/>2013-05-08 06:32 . 2013-05-08 06:32 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll <br/>2013-05-08 06:32 . 2013-05-08 06:32 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe <br/>2013-05-08 06:32 . 2013-05-08 06:32 97280 ----a-w- c:\windows\system32\mshtmled.dll <br/>2013-05-08 06:32 . 2013-05-08 06:32 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe <br/>2013-05-08 06:32 . 2013-05-08 06:32 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll <br/>2013-05-08 06:32 . 2013-05-08 06:32 81408 ----a-w- c:\windows\system32\icardie.dll <br/>2013-05-08 06:32 . 2013-05-08 06:32 77312 ----a-w- c:\windows\system32\tdc.ocx <br/>2013-05-08 06:32 . 2013-05-08 06:32 762368 ----a-w- c:\windows\system32\ieapfltr.dll <br/>2013-05-08 06:32 . 2013-05-08 06:32 62976 ----a-w- c:\windows\system32\pngfilt.dll <br/>2013-05-08 06:32 . 2013-05-08 06:32 599552 ----a-w- c:\windows\system32\vbscript.dll <br/>2013-05-08 06:32 . 2013-05-08 06:32 52224 ----a-w- c:\windows\system32\msfeedsbs.dll <br/>2013-05-08 06:32 . 2013-05-08 06:32 51200 ----a-w- c:\windows\system32\imgutil.dll <br/>2013-05-08 06:32 . 2013-05-08 06:32 48640 ----a-w- c:\windows\system32\mshtmler.dll <br/>2013-05-08 06:32 . 2013-05-08 06:32 452096 ----a-w- c:\windows\system32\dxtmsft.dll <br/>2013-05-08 06:32 . 2013-05-08 06:32 441856 ----a-w- c:\windows\system32\html.iec <br/>2013-05-08 06:32 . 2013-05-08 06:32 281600 ----a-w- c:\windows\system32\dxtrans.dll <br/>2013-05-08 06:32 . 2013-05-08 06:32 27648 ----a-w- c:\windows\system32\licmgr10.dll <br/>2013-05-08 06:32 . 2013-05-08 06:32 270848 ----a-w- c:\windows\system32\iedkcs32.dll <br/>2013-05-08 06:32 . 2013-05-08 06:32 247296 ----a-w- c:\windows\system32\webcheck.dll <br/>2013-05-08 06:32 . 2013-05-08 06:32 235008 ----a-w- c:\windows\system32\url.dll <br/>2013-05-08 06:32 . 2013-05-08 06:32 216064 ----a-w- c:\windows\system32\msls31.dll <br/>2013-05-08 06:32 . 2013-05-08 06:32 197120 ----a-w- c:\windows\system32\msrating.dll <br/>2013-05-08 06:32 . 2013-05-08 06:32 173568 ----a-w- c:\windows\system32\ieUnatt.exe <br/>2013-05-08 06:32 . 2013-05-08 06:32 167424 ----a-w- c:\windows\system32\iexpress.exe <br/>2013-05-08 06:32 . 2013-05-08 06:32 1509376 ----a-w- c:\windows\system32\inetcpl.cpl <br/>2013-05-08 06:32 . 2013-05-08 06:32 149504 ----a-w- c:\windows\system32\occache.dll <br/>2013-05-08 06:32 . 2013-05-08 06:32 144896 ----a-w- c:\windows\system32\wextract.exe <br/>2013-05-08 06:32 . 2013-05-08 06:32 1400416 ----a-w- c:\windows\system32\ieapfltr.dat <br/>2013-05-08 06:32 . 2013-05-08 06:32 13824 ----a-w- c:\windows\system32\mshta.exe <br/>2013-05-08 06:32 . 2013-05-08 06:32 136192 ----a-w- c:\windows\system32\iepeers.dll <br/>2013-05-08 06:32 . 2013-05-08 06:32 135680 ----a-w- c:\windows\system32\IEAdvpack.dll <br/>2013-05-08 06:32 . 2013-05-08 06:32 12800 ----a-w- c:\windows\system32\msfeedssync.exe <br/>2013-05-08 06:32 . 2013-05-08 06:32 102912 ----a-w- c:\windows\system32\inseng.dll <br/>2013-05-04 11:53 . 2013-04-17 03:29 466456 ----a-w- c:\windows\system32\wrap_oal.dll <br/>2013-05-04 11:53 . 2013-04-17 03:29 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll <br/>2013-05-04 11:53 . 2013-04-17 03:29 122904 ----a-w- c:\windows\system32\OpenAL32.dll <br/>2013-05-04 11:53 . 2013-04-17 03:29 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll <br/>2013-04-28 02:33 . 2013-04-28 02:33 231376 ----a-w- c:\windows\system32\drivers\truecrypt.sys <br/>2013-04-13 05:49 . 2013-05-16 10:27 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll <br/>2013-04-13 05:49 . 2013-05-16 10:27 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll <br/>2013-04-13 05:49 . 2013-05-16 10:27 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll <br/>2013-04-13 05:49 . 2013-05-16 10:27 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll <br/>2013-04-13 04:45 . 2013-05-16 10:27 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll <br/>2013-04-13 04:45 . 2013-05-16 10:27 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll <br/>2013-04-12 14:45 . 2013-04-24 03:11 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys <br/>2013-04-10 06:01 . 2013-05-16 10:27 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys <br/>2013-04-10 06:01 . 2013-05-16 10:27 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys <br/>2013-04-10 03:30 . 2013-05-16 10:26 3153920 ----a-w- c:\windows\system32\win32k.sys <br/>2013-04-03 19:35 . 2013-03-19 08:29 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll <br/>2013-03-22 16:00 . 2013-03-21 11:00 190656 ----a-w- c:\programdata\Microsoft\VCSExpress\10.0\1033\ResourceCache.dll <br/>2013-03-19 08:29 . 2013-02-25 07:48 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll <br/>2013-03-19 08:29 . 2013-02-25 07:48 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll <br/>2013-03-19 06:04 . 2013-04-11 08:01 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe <br/>2013-03-19 05:53 . 2013-05-16 10:26 48640 ----a-w- c:\windows\system32\wwanprotdim.dll <br/>2013-03-19 05:53 . 2013-05-16 10:26 230400 ----a-w- c:\windows\system32\wwansvc.dll <br/>2013-03-19 05:46 . 2013-04-11 08:01 43520 ----a-w- c:\windows\system32\csrsrv.dll <br/>2013-03-19 05:04 . 2013-04-11 08:01 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe <br/>2013-03-19 05:04 . 2013-04-11 08:01 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe <br/>2013-03-19 04:47 . 2013-04-11 08:01 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll <br/>2013-03-19 03:06 . 2013-04-11 08:01 112640 ----a-w- c:\windows\system32\smss.exe <br/>. <br/>. <br/>((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) <br/>. <br/>. <br/>*Note* empty entries & legit default entries are not shown <br/>REGEDIT4 <br/>. <br/>[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <br/>"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2013-04-16 19662744] <br/>"DisplayFusion"="c:\program files (x86)\DisplayFusion\DisplayFusion.exe" [2009-12-09 645296] <br/>"NortonUtilities"="c:\program files (x86)\Norton Utilities 14\RMTray.exe" [2009-09-14 279912] <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] <br/>"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2012-02-07 133400] <br/>"P17RunE"="P17RunE.dll" [2008-03-28 14848] <br/>"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-11 253816] <br/>"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720] <br/>"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-11-29 284440] <br/>"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2012-06-28 74752] <br/>"IntelSBA"="c:\program files (x86)\Intel\Intel(R) Small Business Advantage\Service\SBALaunchDelay.exe" [2012-02-27 55520] <br/>"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-01-26 291608] <br/>"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576] <br/>"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-02-20 152392] <br/>"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456] <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] <br/>"ConsentPromptBehaviorAdmin"= 5 (0x5) <br/>"ConsentPromptBehaviorUser"= 3 (0x3) <br/>"EnableUIADesktopToggle"= 0 (0x0) <br/>. <br/>[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] <br/>"LoadAppInit_DLLs"=1 (0x1) <br/>. <br/>[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] <br/>"mixer3"=wdmaud.drv <br/>. <br/>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] <br/>@="" <br/>. <br/>R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] <br/>R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x] <br/>R2 Intel(R) Small Business Advantage;Intel(R) Small Business Advantage;c:\program files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe;c:\program files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [x] <br/>R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x] <br/>R2 X5XSEx_Pr143;X5XSEx_Pr143;c:\program files (x86)\Free Ride Games\X5XSEx_Pr143.Sys;c:\program files (x86)\Free Ride Games\X5XSEx_Pr143.Sys [x] <br/>R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x] <br/>R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x] <br/>R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x] <br/>R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x] <br/>R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x] <br/>R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] <br/>R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x] <br/>R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x] <br/>R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x] <br/>R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x] <br/>R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] <br/>R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x] <br/>S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x] <br/>S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1108000.005\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1108000.005\SYMDS64.SYS [x] <br/>S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1108000.005\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1108000.005\SYMEFA64.SYS [x] <br/>S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20130531.001\BHDrvx64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20130531.001\BHDrvx64.sys [x] <br/>S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NISx64\1108000.005\ccHPx64.sys;c:\windows\SYSNATIVE\drivers\NISx64\1108000.005\ccHPx64.sys [x] <br/>S1 ccSet_NST;Norton Identity Safe Settings Manager;c:\windows\system32\drivers\NSTx64\7DD03030.013\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NSTx64\7DD03030.013\ccSetx64.sys [x] <br/>S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20130614.001\IDSvia64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20130614.001\IDSvia64.sys [x] <br/>S1 nbdrv;NetBalancer LightWeight Filter;c:\windows\system32\DRIVERS\nbdrv.sys;c:\windows\SYSNATIVE\DRIVERS\nbdrv.sys [x] <br/>S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1108000.005\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1108000.005\Ironx64.SYS [x] <br/>S1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\System32\Drivers\NISx64\1108000.005\SYMTDIV.SYS;c:\windows\SYSNATIVE\Drivers\NISx64\1108000.005\SYMTDIV.SYS [x] <br/>S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x] <br/>S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x] <br/>S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x] <br/>S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x] <br/>S2 NCO;Norton Identity Safe;c:\program files (x86)\Norton Identity Safe\Engine\2013.3.3.19\ccSvcHst.exe;c:\program files (x86)\Norton Identity Safe\Engine\2013.3.3.19\ccSvcHst.exe [x] <br/>S2 NetBalancerService;NetBalancerService;c:\program files\NetBalancer\SeriousBit.NetBalancer.Service.exe;c:\program files\NetBalancer\SeriousBit.NetBalancer.Service.exe [x] <br/>S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\17.8.0.5\ccSvcHst.exe;c:\program files (x86)\Norton Internet Security\Engine\17.8.0.5\ccSvcHst.exe [x] <br/>S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x] <br/>S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x] <br/>S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x] <br/>S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x] <br/>. <br/>. <br/>--- Other Services/Drivers In Memory --- <br/>. <br/>*NewlyCreated* - WS2IFSL <br/>. <br/>[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] <br/>2013-06-14 13:22 1165776 ----a-w- c:\program files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe <br/>. <br/>Contents of the 'Scheduled Tasks' folder <br/>. <br/>2013-06-16 c:\windows\Tasks\Adobe Flash Player Updater.job <br/>- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-01 01:12] <br/>. <br/>2013-06-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job <br/>- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-25 07:18] <br/>. <br/>2013-06-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job <br/>- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-25 07:18] <br/>. <br/>2013-06-16 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job <br/>- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 02:41] <br/>. <br/>2013-06-12 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job <br/>- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 02:41] <br/>. <br/>. <br/>--------- X64 Entries ----------- <br/>. <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay] <br/>@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}" <br/>[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}] <br/>2013-04-16 06:10 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay] <br/>@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}" <br/>[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}] <br/>2013-04-16 06:10 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay] <br/>@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}" <br/>[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}] <br/>2013-04-16 06:10 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay] <br/>@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}" <br/>[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}] <br/>2013-04-16 06:10 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <br/>"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-12-13 13263072] <br/>. <br/>------- Supplementary Scan ------- <br/>. <br/>uLocal Page = c:\windows\system32\blank.htm <br/>uStart Page = hxxp://google.com/ <br/>mStart Page = hxxp://www.google.com <br/>mLocal Page = c:\windows\SysWOW64\blank.htm <br/>uInternet Settings,ProxyOverride = *.local <br/>IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000 <br/>IE: Se&nd to OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105 <br/>Trusted Zone: clonewarsadventures.com <br/>Trusted Zone: freerealms.com <br/>Trusted Zone: soe.com <br/>Trusted Zone: sony.com <br/>TCP: DhcpNameServer = 10.0.0.138 <br/>. <br/>- - - - ORPHANS REMOVED - - - - <br/>. <br/>Wow6432Node-HKU-Default-Run-Exetender - c:\program files (x86)\Free Ride Games\GPlayer.exe <br/>HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start <br/>AddRemove-Battlelog Web Plugins - c:\program files (x86)\Battlelog Web Plugins\uninstall.exe <br/>. <br/>. <br/>. <br/>[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NCO] <br/>"ImagePath"="\"c:\program files (x86)\Norton Identity Safe\Engine\2013.3.3.19\ccSvcHst.exe\" /s \"NCO\" /m \"c:\program files (x86)\Norton Identity Safe\Engine\2013.3.3.19\diMaster.dll\" /prefetch:1" <br/>-- <br/>. <br/>[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS] <br/>"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\17.8.0.5\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\17.8.0.5\diMaster.dll\" /prefetch:1" <br/>. <br/>--------------------- LOCKED REGISTRY KEYS --------------------- <br/>. <br/>[HKEY_USERS\S-1-5-21-2686758744-1141044052-442096660-1000\Software\SecuROM\License information*] <br/>"datasecu"=hex:9b,b1,49,0a,6f,9d,2f,a3,79,fd,90,91,31,e1,72,43,ae,31,c0,d0,19, <br/> fd,52,c8,80,64,ad,64,60,04,cf,b4,ec,17,7e,0f,dc,36,89,a4,d1,e4,c1,d5,15,56,\ <br/>"rkeysecu"=hex:1e,10,e8,4a,95,d3,6c,96,66,7e,4d,8e,f0,ca,f0,4e <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*] <br/>@="?????????????????? v1" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID] <br/>@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*] <br/>@="?????????????????? v2" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID] <br/>@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee] <br/>"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, <br/> 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\ <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] <br/>@Denied: (A) (Everyone) <br/>"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] <br/>@Denied: (A) (Everyone) <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] <br/>"Key"="ActionsPane3" <br/>"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" <br/>. <br/>[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] <br/>@Denied: (Full) (Everyone) <br/>. <br/>------------------------ Other Running Processes ------------------------ <br/>. <br/>c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe <br/>c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe <br/>c:\windows\SysWOW64\PnkBstrA.exe <br/>. <br/>************************************************************************** <br/>. <br/>Completion time: 2013-06-16 20:12:26 - machine was rebooted <br/>ComboFix-quarantined-files.txt 2013-06-16 10:12 <br/>. <br/>Pre-Run: 24,633,856,000 bytes free <br/>Post-Run: 24,357,122,048 bytes free <br/>. <br/>- - End Of File - - 0135E00C35A3DEF5DA7D7969E8CAE478 <br/>D41D8CD98F00B204E9800998ECF8427E
Posted 6/17/2013 3:34 AM
#95802
User avatar

adalee Member

Date Joined Nov 2016
Total Posts: 1
That's looks so complexed.
Posted 6/17/2013 7:34 AM
#95805
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
Looks clean to me, so please tell how things are running ?

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 6/17/2013 1:42 PM
#95807
User avatar

Steelstring13 Valued member

Date Joined Nov 2016
Total Posts: 14
Yes, I can play online games again! YAY! <br/> <br/>What do you think it was? Is there something you would recommend I do to prevent this from happening again? <br/>Thank you so much again Touch. You have helped me twice now.
Posted 6/18/2013 7:41 AM
#95810
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
It seems to me, it was a mix of various infections and some Potentially unwanted program.</div> <br/> <br/> <br/><span class="hps">Potentially Unwanted Programs are not malware related, most antivirus or <br/>anti-malware program can not block it successfully, but PUP can also be <br/>prevented if you are careful enough when you surf online. <br/>Please pay <br/>special attention when you install program released by unknown <br/>authors; <br/>Choose custom installation or advanced installation instead of <br/>quick or recommended installation; <br/>Read carefully the terms and <br/>conditions before you agree to install. <br/><span class="hps"> <br/> <br/> <br/>Good luck and be secure <br/>online :smile:

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 6/19/2013 2:11 PM
#95815
User avatar

Steelstring13 Valued member

Date Joined Nov 2016
Total Posts: 14
Even though at the time of my reply things were up to regular speed. They have since declined back to the slow state at the start of this whole thing. Is there anything else I may need to do to check to see if there are any Potentially Unwanted Programs?
Posted 6/20/2013 12:12 AM
#95823
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
We need to get a comprehensive report of what is present in your system.</div> <br/>Download OTL by OldTimer, saving it to your desktop: http://oldtimer.geekstogo.com/OTL.exe <br/>Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted. <br/>Select All Users <br/>Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long. <br/> <br/>When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL. <br/> <br/>Post both logs

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 6/21/2013 7:50 AM
#95825
User avatar

Steelstring13 Valued member

Date Joined Nov 2016
Total Posts: 14
Hey Touch, <br/> <br/>The OTL by Oldtimer would only provide a OTL.Txt file when finished. No Extras.Txt was given. <br/> <br/> <br/> <br/> <br/>OTL logfile created on: 21/06/2013 5:46:01 PM - Run 4 <br/>OTL by OldTimer - Version 3.2.69.0 Folder = F:\Users\Chris\Downloads <br/>64bit- Ultimate Edition N Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation <br/>Internet Explorer (Version = 9.10.9200.16614) <br/>Locale: 00000c09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy <br/> <br/>7.95 Gb Total Physical Memory | 5.44 Gb Available Physical Memory | 68.46% Memory free <br/>19.87 Gb Paging File | 17.06 Gb Available in Paging File | 85.86% Paging File free <br/>Paging file location(s): g:\pagefile.sys 12211 12211 [binary data] <br/> <br/>%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) <br/>Drive C: | 119.14 Gb Total Space | 24.95 Gb Free Space | 20.94% Space Free | Partition Type: NTFS <br/>Drive F: | 232.88 Gb Total Space | 100.55 Gb Free Space | 43.18% Space Free | Partition Type: NTFS <br/>Drive G: | 698.54 Gb Total Space | 457.69 Gb Free Space | 65.52% Space Free | Partition Type: NTFS <br/> <br/>Computer Name: CHRIS-PC | User Name: Chris | Logged in as Administrator. <br/>Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans <br/>Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days <br/> <br/>[color=#E56717]========== Processes (SafeList) ==========[/color] <br/> <br/>PRC - [2013/06/21 17:45:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- F:\Users\Chris\Downloads\OTL (1).exe <br/>PRC - [2013/06/18 22:09:15 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe <br/>PRC - [2013/06/15 11:28:44 | 000,825,808 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>PRC - [2013/05/21 14:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccsvchst.exe <br/>PRC - [2013/05/10 17:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe <br/>PRC - [2013/04/16 16:10:44 | 019,662,744 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe <br/>PRC - [2013/03/14 21:07:46 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe <br/>PRC - [2012/06/29 01:40:52 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe <br/>PRC - [2012/02/27 12:02:16 | 004,243,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe <br/>PRC - [2012/02/27 12:01:00 | 000,049,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe <br/>PRC - [2012/02/07 20:05:04 | 000,363,800 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe <br/>PRC - [2012/02/07 20:05:04 | 000,277,784 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe <br/>PRC - [2012/02/07 20:04:54 | 000,128,280 | R--- | M] () -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe <br/>PRC - [2012/02/07 20:04:44 | 000,161,560 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe <br/>PRC - [2012/01/27 03:40:44 | 000,291,608 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe <br/>PRC - [2011/11/29 19:04:56 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe <br/>PRC - [2011/11/29 19:04:54 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe <br/>PRC - [2011/08/04 14:18:43 | 000,126,400 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccsvchst.exe <br/>PRC - [2009/11/29 01:09:32 | 000,092,848 | ---- | M] (Binary Fortress Software) -- C:\Program Files (x86)\DisplayFusion\DisplayFusionHookx86.exe <br/>PRC - [2009/09/14 10:53:32 | 000,279,912 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Utilities 14\RMTray.exe <br/> <br/> <br/>[color=#E56717]========== Modules (No Company Name) ==========[/color] <br/> <br/>MOD - [2013/06/21 17:19:57 | 001,175,040 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\wx._core_.pyd <br/>MOD - [2013/06/21 17:19:57 | 001,153,024 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\_ssl.pyd <br/>MOD - [2013/06/21 17:19:57 | 001,062,400 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\wx._controls_.pyd <br/>MOD - [2013/06/21 17:19:57 | 001,022,416 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\windows._cacheinvalidation.pyd <br/>MOD - [2013/06/21 17:19:57 | 000,811,008 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\wx._windows_.pyd <br/>MOD - [2013/06/21 17:19:57 | 000,805,888 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\wx._gdi_.pyd <br/>MOD - [2013/06/21 17:19:57 | 000,735,232 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\wx._misc_.pyd <br/>MOD - [2013/06/21 17:19:57 | 000,711,680 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\_hashlib.pyd <br/>MOD - [2013/06/21 17:19:57 | 000,686,080 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\unicodedata.pyd <br/>MOD - [2013/06/21 17:19:57 | 000,557,056 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\pysqlite2._sqlite.pyd <br/>MOD - [2013/06/21 17:19:57 | 000,364,544 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\pythoncom27.dll <br/>MOD - [2013/06/21 17:19:57 | 000,320,512 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\win32com.shell.shell.pyd <br/>MOD - [2013/06/21 17:19:57 | 000,128,512 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\_elementtree.pyd <br/>MOD - [2013/06/21 17:19:57 | 000,127,488 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\pyexpat.pyd <br/>MOD - [2013/06/21 17:19:57 | 000,122,368 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\wx._wizard.pyd <br/>MOD - [2013/06/21 17:19:57 | 000,119,808 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\win32file.pyd <br/>MOD - [2013/06/21 17:19:57 | 000,110,080 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\PyWinTypes27.dll <br/>MOD - [2013/06/21 17:19:57 | 000,108,544 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\win32security.pyd <br/>MOD - [2013/06/21 17:19:57 | 000,098,816 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\win32api.pyd <br/>MOD - [2013/06/21 17:19:57 | 000,087,040 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\_ctypes.pyd <br/>MOD - [2013/06/21 17:19:57 | 000,070,656 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\wx._html2.pyd <br/>MOD - [2013/06/21 17:19:57 | 000,044,032 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\_socket.pyd <br/>MOD - [2013/06/21 17:19:57 | 000,038,912 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\win32inet.pyd <br/>MOD - [2013/06/21 17:19:57 | 000,035,840 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\win32process.pyd <br/>MOD - [2013/06/21 17:19:57 | 000,026,624 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\_multiprocessing.pyd <br/>MOD - [2013/06/21 17:19:57 | 000,025,600 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\win32pdh.pyd <br/>MOD - [2013/06/21 17:19:57 | 000,022,528 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\win32ts.pyd <br/>MOD - [2013/06/21 17:19:57 | 000,018,432 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\win32event.pyd <br/>MOD - [2013/06/21 17:19:57 | 000,017,408 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\win32profile.pyd <br/>MOD - [2013/06/21 17:19:57 | 000,011,264 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\win32crypt.pyd <br/>MOD - [2013/06/21 17:19:57 | 000,010,240 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\_MEI35482\select.pyd <br/>MOD - [2013/06/18 16:17:10 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b6eb138c3c9be780acb767c1bef572c1\System.Runtime.Remoting.ni.dll <br/>MOD - [2013/06/15 11:28:42 | 000,393,168 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ppgooglenaclpluginchrome.dll <br/>MOD - [2013/06/15 11:28:40 | 004,051,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\pdf.dll <br/>MOD - [2013/06/15 11:27:51 | 000,599,504 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\libglesv2.dll <br/>MOD - [2013/06/15 11:27:50 | 000,124,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\libegl.dll <br/>MOD - [2013/06/15 11:27:48 | 001,597,392 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ffmpegsumo.dll <br/>MOD - [2013/05/17 08:32:49 | 000,330,240 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\5b0667dad44a1069048497e7f4ae6f12\System.Management.Instrumentation.ni.dll <br/>MOD - [2013/05/17 08:31:49 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\3c2ed368e1f3889997dfb42a5ca77284\System.Core.ni.dll <br/>MOD - [2013/05/17 08:11:15 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\af525b4bec3b9941b7be8ffbf813da80\PresentationFramework.ni.dll <br/>MOD - [2013/05/17 08:11:07 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll <br/>MOD - [2013/05/17 08:11:01 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7eac0dbe9aa20b55e37235f8ee030e6b\PresentationCore.ni.dll <br/>MOD - [2013/05/17 08:10:54 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\716959df79685a1eae0fc14275a32b0f\WindowsBase.ni.dll <br/>MOD - [2013/05/17 08:10:53 | 000,687,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\23673bbebe3c0ca7c894e614bb3ffd1a\System.Security.ni.dll <br/>MOD - [2013/05/17 08:10:52 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll <br/>MOD - [2013/03/17 13:12:58 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll <br/>MOD - [2013/03/17 13:12:39 | 000,185,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\a7424b1be331f4b534ea24e0c21dbe47\UIAutomationTypes.ni.dll <br/>MOD - [2013/03/17 13:12:39 | 000,060,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\23da92e38ffc0bbf6673adb1892aa0f4\UIAutomationProvider.ni.dll <br/>MOD - [2013/03/17 02:05:43 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\302207b4fa3083899fd8ab4db98cecc5\System.Management.ni.dll <br/>MOD - [2013/03/17 02:05:27 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\389a1832a3da11e1b409cd6ae60cb9fa\IAStorCommon.ni.dll <br/>MOD - [2013/03/17 02:05:25 | 000,487,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\7ffdaee3a54ffd1a5e3b008a5bde5ecf\IAStorUtil.ni.dll <br/>MOD - [2013/03/17 02:05:25 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\7ff638de44686eab4afaa8b3c8a9cfca\System.ServiceProcess.ni.dll <br/>MOD - [2013/03/17 02:05:19 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll <br/>MOD - [2013/03/17 02:05:17 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll <br/>MOD - [2013/03/17 02:05:14 | 000,141,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\1ea01658676f73cf48ebde8e904a0464\System.Configuration.Install.ni.dll <br/>MOD - [2013/03/17 02:05:08 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll <br/>MOD - [2013/03/17 02:05:03 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll <br/>MOD - [2013/01/28 12:08:56 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll <br/>MOD - [2013/01/28 12:08:28 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll <br/>MOD - [2012/05/31 00:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\wincfi39.dll <br/>MOD - [2012/02/27 12:02:14 | 000,215,264 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\System.ComponentModel.Composition.dll <br/>MOD - [2012/02/27 12:02:10 | 000,051,424 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\Interop.TaskScheduler.dll <br/> <br/> <br/>[color=#E56717]========== Services (SafeList) ==========[/color] <br/> <br/>SRV:64bit: - [2013/03/25 20:06:36 | 000,010,752 | ---- | M] (SeriousBit) [Auto | Running] -- C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe -- (NetBalancerService) <br/>SRV:64bit: - [2012/02/02 21:29:52 | 000,628,448 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R) <br/>SRV:64bit: - [2011/11/09 16:38:06 | 000,189,608 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel(R) <br/>SRV:64bit: - [2009/07/14 11:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) <br/>SRV:64bit: - [2009/07/14 11:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) <br/>SRV - [2013/06/18 22:09:15 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) <br/>SRV - [2013/06/12 11:12:56 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) <br/>SRV - [2013/06/07 08:06:24 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) <br/>SRV - [2013/05/21 14:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe -- (NCO) <br/>SRV - [2013/05/12 08:26:17 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) <br/>SRV - [2013/05/10 17:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) <br/>SRV - [2013/04/17 13:29:05 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service) <br/>SRV - [2013/03/15 15:53:06 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) <br/>SRV - [2013/03/14 21:07:46 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) <br/>SRV - [2012/02/27 12:01:00 | 000,049,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe -- (Intel(R) <br/>SRV - [2012/02/07 20:05:04 | 000,363,800 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) <br/>SRV - [2012/02/07 20:05:04 | 000,277,784 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) <br/>SRV - [2012/02/07 20:04:54 | 000,128,280 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R) <br/>SRV - [2012/02/07 20:04:44 | 000,161,560 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service) <br/>SRV - [2011/11/29 19:04:56 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) <br/>SRV - [2011/08/04 14:18:43 | 000,126,400 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe -- (NIS) <br/>SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) <br/>SRV - [2009/06/11 07:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) <br/> <br/> <br/>[color=#E56717]========== Driver Services (SafeList) ==========[/color] <br/> <br/>DRV:64bit: - [2013/06/15 16:44:28 | 000,173,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent) <br/>DRV:64bit: - [2013/04/16 12:41:14 | 000,169,048 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NSTx64\7DD04000.00A\ccsetx64.sys -- (ccSet_NST) <br/>DRV:64bit: - [2013/01/17 00:39:12 | 000,041,392 | ---- | M] (SeriousBit) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\nbdrv.sys -- (nbdrv) <br/>DRV:64bit: - [2012/12/19 15:41:52 | 000,194,488 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) <br/>DRV:64bit: - [2012/12/13 12:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) <br/>DRV:64bit: - [2012/08/24 00:12:16 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt) <br/>DRV:64bit: - [2012/08/24 00:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) <br/>DRV:64bit: - [2012/08/24 00:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) <br/>DRV:64bit: - [2012/08/24 00:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) <br/>DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) <br/>DRV:64bit: - [2012/07/17 17:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) <br/>DRV:64bit: - [2012/03/01 16:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) <br/>DRV:64bit: - [2012/01/27 03:39:34 | 000,787,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc) <br/>DRV:64bit: - [2012/01/27 03:39:34 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub) <br/>DRV:64bit: - [2012/01/27 03:39:34 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs) <br/>DRV:64bit: - [2012/01/11 12:32:28 | 000,358,576 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress) <br/>DRV:64bit: - [2011/11/29 18:40:32 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) <br/>DRV:64bit: - [2011/08/22 12:53:36 | 000,451,704 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\symtdiv.sys -- (SYMTDIv) <br/>DRV:64bit: - [2011/08/22 12:53:35 | 000,221,304 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\symefa64.sys -- (SymEFA) <br/>DRV:64bit: - [2011/08/04 14:19:26 | 000,593,544 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\cchpx64.sys -- (ccHP) <br/>DRV:64bit: - [2011/03/11 16:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) <br/>DRV:64bit: - [2011/03/11 16:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) <br/>DRV:64bit: - [2011/01/16 02:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone) <br/>DRV:64bit: - [2010/12/17 08:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO) <br/>DRV:64bit: - [2010/11/21 13:24:16 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub) <br/>DRV:64bit: - [2010/11/21 13:24:16 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc) <br/>DRV:64bit: - [2010/11/21 13:24:15 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) <br/>DRV:64bit: - [2010/11/21 13:24:15 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) <br/>DRV:64bit: - [2010/04/29 15:03:51 | 000,150,064 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\ironx64.sys -- (SymIRON) <br/>DRV:64bit: - [2010/04/22 12:29:51 | 000,505,392 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\srtsp64.sys -- (SRTSP) <br/>DRV:64bit: - [2010/04/22 12:29:51 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\srtspx64.sys -- (SRTSPX) <br/>DRV:64bit: - [2009/10/16 16:44:56 | 001,309,696 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\P17.sys -- (P17) <br/>DRV:64bit: - [2009/10/05 15:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) <br/>DRV:64bit: - [2009/08/30 10:17:18 | 000,433,200 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\symds64.sys -- (SymDS) <br/>DRV:64bit: - [2009/08/13 21:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21) <br/>DRV:64bit: - [2009/07/14 11:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) <br/>DRV:64bit: - [2009/07/14 11:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) <br/>DRV:64bit: - [2009/07/14 11:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) <br/>DRV:64bit: - [2009/06/11 06:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) <br/>DRV:64bit: - [2009/06/11 06:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) <br/>DRV:64bit: - [2009/06/11 06:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) <br/>DRV:64bit: - [2009/06/11 06:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) <br/>DRV:64bit: - [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM) <br/>DRV - [2013/06/15 18:26:01 | 002,098,776 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20130620.023\ex64.sys -- (NAVEX15) <br/>DRV - [2013/06/15 18:26:01 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl) <br/>DRV - [2013/06/15 18:26:01 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) <br/>DRV - [2013/06/15 18:26:01 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20130620.023\eng64.sys -- (NAVENG) <br/>DRV - [2013/06/14 14:20:38 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20130620.001\IDSviA64.sys -- (IDSVia64) <br/>DRV - [2013/05/31 17:15:28 | 001,393,240 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20130531.001\BHDrvx64.sys -- (BHDrvx64) <br/>DRV - [2009/07/14 11:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) <br/> <br/> <br/>[color=#E56717]========== Standard Registry (SafeList) ==========[/color] <br/> <br/> <br/>[color=#E56717]========== Internet Explorer ==========[/color] <br/> <br/>IE:64bit: - HKLM\..\SearchScopes,DefaultScope = <br/>IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC <br/>IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm <br/>IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com <br/>IE - HKLM\..\SearchScopes,DefaultScope = <br/>IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC <br/> <br/> <br/>IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 <br/> <br/>IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 <br/> <br/>IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = <br/> <br/>IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = <br/> <br/>IE - HKU\S-1-5-21-2686758744-1141044052-442096660-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/ <br/>IE - HKU\S-1-5-21-2686758744-1141044052-442096660-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-AU <br/>IE - HKU\S-1-5-21-2686758744-1141044052-442096660-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = DA 23 01 3F 28 13 CE 01 [binary data] <br/>IE - HKU\S-1-5-21-2686758744-1141044052-442096660-1000\..\SearchScopes,DefaultScope = <br/>IE - HKU\S-1-5-21-2686758744-1141044052-442096660-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 <br/>IE - HKU\S-1-5-21-2686758744-1141044052-442096660-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local <br/> <br/>[color=#E56717]========== FireFox ==========[/color] <br/> <br/>FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0 <br/>FF - user.js - File not found <br/> <br/>FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found <br/>FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found <br/>FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) <br/>FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) <br/>FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll () <br/>FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found <br/>FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () <br/>FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) <br/>FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.7: C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB) <br/>FF - HKLM\Software\MozillaPlugins\@exent.com/npExentCtl,version=7.0.0.0: File not found <br/>FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) <br/>FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) <br/>FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) <br/>FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found <br/>FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) <br/>FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) <br/>FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) <br/>FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) <br/>FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) <br/>FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) <br/>FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) <br/>FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: F:\Program Files (x86)\VLC\npvlc.dll (VideoLAN) <br/>FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) <br/>FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft) <br/> <br/>FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F04D2D30-776C-4d02-8627-8E4385ECA58D}: C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2013.3.3.19\coFFPlgn\ <br/>FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\ [2013/06/17 17:21:51 | 000,000,000 | ---D | M] <br/>FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn_2010_9_0_6 [2013/06/21 17:19:57 | 000,000,000 | ---D | M] <br/>FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components <br/>FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins <br/> <br/>[2013/06/03 23:39:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\Mozilla\Extensions <br/>[2013/05/09 21:53:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions <br/>[2013/06/16 21:55:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions <br/>[2013/06/16 21:55:15 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} <br/> <br/>[color=#E56717]========== Chrome ==========[/color] <br/> <br/>CHR - default_search_provider: Google (Enabled) <br/>CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} <br/>CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}, <br/>CHR - homepage: http://www.google.com/ <br/>CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll <br/>CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer <br/>CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll <br/>CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\pdf.dll <br/>CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll <br/>CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL <br/>CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL <br/>CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll <br/>CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll <br/>CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll <br/>CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll <br/>CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll <br/>CHR - plugin: Java(TM) Platform SE 7 U21 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll <br/>CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll <br/>CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll <br/>CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll <br/>CHR - plugin: Uplay PC (Enabled) = C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll <br/>CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll <br/>CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll <br/>CHR - plugin: VLC Web Plugin (Enabled) = F:\Program Files (x86)\VLC\npvlc.dll <br/>CHR - Extension: Theme Creator = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpelnjfckgfiplcikojhomllgombffc\2.5_0\ <br/>CHR - Extension: Google Docs = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\ <br/>CHR - Extension: Google Drive = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ <br/>CHR - Extension: YouTube = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ <br/>CHR - Extension: Slinky Elegant = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmanlajnpdncmhfkiccmbgeocgbncfln\19.6_0\ <br/>CHR - Extension: Google Search = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ <br/>CHR - Extension: KB SSL Enforcer = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\flcpelgcagfhfoegekianiofphddckof\2.0.0_0\ <br/>CHR - Extension: AdBlock = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.64_0\ <br/>CHR - Extension: FVD Video Downloader = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp\5.2.1_0\ <br/>CHR - Extension: Reload All Tabs = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpkdnfkjhdkcpimadpdcgapffceacjem\1.2.12_0\ <br/>CHR - Extension: MuteTab = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmkbaaijgpppbokgnhhoakihofedkgcc\2.0.2_0\ <br/>CHR - Extension: ScriptSafe = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf\1.0.6.13_0\ <br/>CHR - Extension: Gmail = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ <br/> <br/>O1 HOSTS File: ([2013/06/16 20:11:10 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts <br/>O1 - Hosts: 127.0.0.1 localhost <br/>O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coieplg.dll (Symantec Corporation) <br/>O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ipsbho.dll (Symantec Corporation) <br/>O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) <br/>O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) <br/>O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coieplg.dll (Symantec Corporation) <br/>O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) <br/>O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) <br/>O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) <br/>O4 - HKLM..\Run: [IMSS] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe (Intel Corporation) <br/>O4 - HKLM..\Run: [IntelSBA] C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\SBALaunchDelay.exe (Intel Corporation) <br/>O4 - HKLM..\Run: [P17RunE] C:\Windows\SysWow64\P17RunE.dll (Creative Technology Ltd.) <br/>O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation) <br/>O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.) <br/>O4 - HKU\S-1-5-21-2686758744-1141044052-442096660-1000..\Run: [DisplayFusion] C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe (Binary Fortress Software) <br/>O4 - HKU\S-1-5-21-2686758744-1141044052-442096660-1000..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google) <br/>O4 - HKU\S-1-5-21-2686758744-1141044052-442096660-1000..\Run: [NortonUtilities] C:\Program Files (x86)\Norton Utilities 14\RMTray.exe (Symantec Corporation) <br/>O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present <br/>O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 <br/>O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 <br/>O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 <br/>O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present <br/>O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present <br/>O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present <br/>O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present <br/>O7 - HKU\S-1-5-21-2686758744-1141044052-442096660-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present <br/>O7 - HKU\S-1-5-21-2686758744-1141044052-442096660-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 <br/>O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) <br/>O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) <br/>O13 - gopher Prefix: missing <br/>O15 - HKU\S-1-5-21-2686758744-1141044052-442096660-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites) <br/>O15 - HKU\S-1-5-21-2686758744-1141044052-442096660-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites) <br/>O15 - HKU\S-1-5-21-2686758744-1141044052-442096660-1000\..Trusted Domains: soe.com ([]* in Trusted sites) <br/>O15 - HKU\S-1-5-21-2686758744-1141044052-442096660-1000\..Trusted Domains: sony.com ([]* in Trusted sites) <br/>O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (Reg Error: Key error.) <br/>O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138 <br/>O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CA30882D-7DFF-4007-9B30-C4C94A292333}: DhcpNameServer = 10.0.0.138 <br/>O18:64bit: - Protocol\Handler\ms-help - No CLSID value found <br/>O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) <br/>O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) <br/>O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) <br/>O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) <br/>O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. <br/>O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. <br/>O32 - HKLM CDRom: AutoRun - 1 <br/>O34 - HKLM BootExecute: (autocheck autochk *) <br/>O35:64bit: - HKLM\..comfile [open] -- "%1" %* <br/>O35:64bit: - HKLM\..exefile [open] -- "%1" %* <br/>O35 - HKLM\..comfile [open] -- "%1" %* <br/>O35 - HKLM\..exefile [open] -- "%1" %* <br/>O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* <br/>O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* <br/>O37 - HKLM\...com [@ = ComFile] -- "%1" %* <br/>O37 - HKLM\...exe [@ = exefile] -- "%1" %* <br/>O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) <br/>O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) <br/>O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) <br/> <br/>[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] <br/> <br/>[2013/06/19 22:34:36 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\Temporary Projects <br/>[2013/06/18 22:31:22 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\ESN Sonar <br/>[2013/06/18 20:44:46 | 000,169,048 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NSTx64\7DD04000.00A\ccsetx64.sys <br/>[2013/06/18 20:44:44 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSTx64\7DD04000.00A <br/>[2013/06/17 17:30:52 | 000,000,000 | ---D | C] -- f:\Users\Chris\Documents\BFBC2 <br/>[2013/06/17 02:12:45 | 000,593,544 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\cchpx64.sys <br/>[2013/06/17 02:12:45 | 000,505,392 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\srtsp64.sys <br/>[2013/06/17 02:12:45 | 000,451,704 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\symtdiv.sys <br/>[2013/06/17 02:12:45 | 000,433,200 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\symds64.sys <br/>[2013/06/17 02:12:45 | 000,221,304 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\symefa64.sys <br/>[2013/06/17 02:12:45 | 000,150,064 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\ironx64.sys <br/>[2013/06/17 02:12:45 | 000,032,304 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\srtspx64.sys <br/>[2013/06/17 02:12:41 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NISx64\1109000.00C <br/>[2013/06/16 23:57:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome <br/>[2013/06/16 21:56:21 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\Macromedia <br/>[2013/06/16 21:55:18 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\Mozilla <br/>[2013/06/16 20:12:27 | 000,000,000 | ---D | C] -- C:\Windows\temp <br/>[2013/06/16 20:11:10 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN <br/>[2013/06/16 20:05:52 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe <br/>[2013/06/16 20:05:52 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe <br/>[2013/06/16 20:05:52 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe <br/>[2013/06/16 20:05:48 | 000,000,000 | ---D | C] -- C:\Qoobox <br/>[2013/06/16 20:05:42 | 000,000,000 | ---D | C] -- C:\Windows\erdnt <br/>[2013/06/16 19:15:35 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT <br/>[2013/06/16 19:15:26 | 000,000,000 | ---D | C] -- C:\JRT <br/>[2013/06/15 17:16:07 | 000,000,000 | ---D | C] -- f:\Users\Chris\Desktop\Logs <br/>[2013/06/15 16:44:28 | 000,173,104 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS <br/>[2013/06/15 16:44:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared <br/>[2013/06/15 16:44:28 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec <br/>[2013/06/15 16:44:20 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NISx64 <br/>[2013/06/15 16:44:19 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security <br/>[2013/06/15 16:44:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Internet Security <br/>[2013/06/15 16:29:54 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Identity Safe <br/>[2013/06/15 16:29:54 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSTx64 <br/>[2013/06/15 16:29:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Identity Safe <br/>[2013/06/15 16:20:06 | 000,000,000 | ---D | C] -- C:\Windows\pss <br/>[2013/06/15 16:15:03 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Norton Utilities 14 <br/>[2013/06/15 16:10:29 | 001,101,824 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\SysWow64\UniBox210.ocx <br/>[2013/06/15 16:10:29 | 000,880,640 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\SysWow64\UniBox10.ocx <br/>[2013/06/15 16:10:29 | 000,212,992 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\SysWow64\UniBoxVB12.ocx <br/>[2013/06/15 16:09:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton Installer <br/>[2013/06/15 16:09:07 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP <br/>[2013/06/15 16:09:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Utilities 14 <br/>[2013/06/15 16:08:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Utilities 14 <br/>[2013/06/15 13:37:52 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys <br/>[2013/06/15 13:37:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware <br/>[2013/06/15 13:37:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware <br/>[2013/06/14 22:58:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner <br/>[2013/06/14 22:58:45 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner <br/>[2013/06/14 20:12:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battlelog Web Plugins <br/>[2013/06/10 20:45:28 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\CRE <br/>[2013/06/10 20:33:37 | 000,000,000 | ---D | C] -- C:\Users\Chris\jagexcache1 <br/>[2013/06/07 20:14:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoMe <br/>[2013/06/07 20:14:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Asoftech <br/>[2013/06/07 19:46:55 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\KSafe <br/>[2013/06/07 19:45:55 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\kingsoft <br/>[2013/06/07 19:45:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Kingsoft <br/>[2013/06/07 19:45:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kingsoft <br/>[2013/06/07 18:47:17 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Malwarebytes <br/>[2013/06/07 18:47:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes <br/>[2013/06/03 23:41:22 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\asoftech <br/>[2013/06/03 23:40:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyPC Backup <br/>[2013/06/03 23:39:28 | 000,000,000 | ---D | C] -- C:\Windows\Sun <br/>[2013/06/02 23:48:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project 64 2.0 <br/>[2013/06/02 23:48:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Project64 2.1 <br/>[2013/05/28 01:05:45 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Image-Line <br/>[2013/05/28 01:05:44 | 000,000,000 | ---D | C] -- C:\Program Files\Image-Line <br/>[2013/05/28 01:05:34 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\FlowStone <br/>[2013/05/28 01:05:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DSPRobotics <br/>[2013/05/27 22:46:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line <br/>[2013/05/27 22:46:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\digidesign <br/>[2013/05/27 22:33:08 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Waves <br/>[2013/05/27 22:33:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves <br/>[2013/05/27 22:03:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synapse Audio <br/>[2013/05/27 21:51:56 | 000,086,016 | ---- | C] (MindVision Software) -- C:\Windows\unvise32.exe <br/>[2013/05/27 21:51:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ohm Force <br/>[2013/05/27 17:59:24 | 000,000,000 | ---D | C] -- C:\Users\Chris\Documents <br/>[2013/05/26 22:39:39 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\NetBeans <br/>[2013/05/26 22:39:39 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\NetBeans <br/>[2013/05/26 22:33:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBeans <br/>[2013/05/26 22:32:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NetBeans 7.3 <br/>[2013/05/22 22:11:15 | 000,000,000 | --SD | C] -- C:\Users\Chris\Google Drive <br/>[2013/05/22 22:10:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive <br/>[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] <br/> <br/>[color=#E56717]========== Files - Modified Within 30 Days ==========[/color] <br/> <br/>[2013/06/21 17:33:06 | 000,000,024 | ---- | M] () -- C:\Users\Chris\random.dat <br/>[2013/06/21 17:32:53 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk <br/>[2013/06/21 17:32:53 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job <br/>[2013/06/21 17:30:04 | 000,000,044 | ---- | M] () -- C:\Users\Chris\jagex_cl_runescape_LIVE.dat <br/>[2013/06/21 17:27:01 | 000,020,304 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 <br/>[2013/06/21 17:27:01 | 000,020,304 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 <br/>[2013/06/21 17:24:06 | 000,792,118 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI <br/>[2013/06/21 17:24:06 | 000,673,088 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat <br/>[2013/06/21 17:24:06 | 000,129,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat <br/>[2013/06/21 17:19:57 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job <br/>[2013/06/21 17:19:57 | 000,000,828 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job <br/>[2013/06/21 17:19:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat <br/>[2013/06/21 17:19:51 | 2108,153,855 | -HS- | M] () -- C:\hiberfil.sys <br/>[2013/06/20 23:11:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job <br/>[2013/06/20 19:57:27 | 001,836,222 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\Cat.DB <br/>[2013/06/19 22:53:44 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr <br/>[2013/06/19 22:53:44 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe <br/>[2013/06/19 22:53:20 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0 <br/>[2013/06/19 11:41:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job <br/>[2013/06/18 22:09:15 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe <br/>[2013/06/18 00:53:50 | 000,777,586 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI <br/>[2013/06/17 17:21:47 | 000,002,489 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk <br/>[2013/06/17 17:21:47 | 000,002,279 | ---- | M] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk <br/>[2013/06/16 21:55:16 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk <br/>[2013/06/16 20:11:10 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts <br/>[2013/06/15 18:13:38 | 000,000,222 | ---- | M] () -- f:\Users\Chris\Desktop\Unepic.url <br/>[2013/06/15 16:44:28 | 000,173,104 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS <br/>[2013/06/15 16:44:28 | 000,007,440 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT <br/>[2013/06/15 16:44:28 | 000,000,854 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF <br/>[2013/06/15 16:21:56 | 000,003,072 | ---- | M] () -- C:\Windows\SysWow64\Cache.db <br/>[2013/06/15 16:10:33 | 000,001,048 | ---- | M] () -- C:\Users\Public\Desktop\Norton Utilities.lnk <br/>[2013/06/15 13:37:53 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk <br/>[2013/06/14 22:58:46 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk <br/>[2013/06/13 21:56:13 | 001,024,000 | ---- | M] () -- f:\Users\Chris\Desktop\PROF_SAVE_body <br/>[2013/06/10 20:33:37 | 000,000,045 | ---- | M] () -- C:\Users\Chris\jagex_cl_runescape_LIVE1.dat <br/>[2013/06/07 20:14:57 | 000,000,790 | ---- | M] () -- C:\Users\Public\Desktop\AutoMe.lnk <br/>[2013/06/07 17:49:05 | 000,362,952 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT <br/>[2013/06/04 01:12:30 | 000,001,351 | ---- | M] () -- f:\Users\Chris\Documents\AutoHotkey.ahk <br/>[2013/06/01 02:01:49 | 000,000,044 | ---- | M] () -- C:\Users\Chris\jagex_cl_oldschool_LIVE.dat <br/>[2013/05/31 11:50:15 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\NSTx64\7DD04000.00A\isolate.ini <br/>[2013/05/28 21:14:41 | 000,000,202 | ---- | M] () -- f:\Users\Chris\Desktop\Dust An Elysian Tail.url <br/>[2013/05/28 01:06:01 | 000,002,040 | ---- | M] () -- C:\Users\Public\Desktop\FL Studio 11.lnk <br/>[2013/05/26 22:33:43 | 000,002,061 | ---- | M] () -- C:\Users\Public\Desktop\NetBeans IDE 7.3.lnk <br/>[2013/05/24 00:51:07 | 000,010,866 | ---- | M] () -- f:\Users\Chris\Desktop\Shotgun Fire.mp3 <br/>[2013/05/24 00:40:05 | 015,862,944 | ---- | M] () -- f:\Users\Chris\Desktop\Level 1.wav <br/>[2013/05/22 22:11:23 | 000,000,973 | ---- | M] () -- f:\Users\Chris\Desktop\GoogleDrive.lnk <br/>[2013/05/22 22:11:23 | 000,000,973 | ---- | M] () -- C:\Users\Chris\Google Drive - Shortcut.lnk <br/>[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] <br/> <br/>[color=#E56717]========== Files Created - No Company Name ==========[/color] <br/> <br/>[2013/06/18 22:07:55 | 000,291,088 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe <br/>[2013/06/18 22:07:55 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe <br/>[2013/06/18 20:44:44 | 000,007,667 | ---- | C] () -- C:\Windows\SysNative\drivers\NSTx64\7DD04000.00A\ccsetx64.cat <br/>[2013/06/18 20:44:44 | 000,000,853 | ---- | C] () -- C:\Windows\SysNative\drivers\NSTx64\7DD04000.00A\ccsetx64.inf <br/>[2013/06/18 20:44:44 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NSTx64\7DD04000.00A\isolate.ini <br/>[2013/06/17 17:21:40 | 001,836,222 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\Cat.DB <br/>[2013/06/17 02:12:45 | 000,007,787 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\symnetv64.cat <br/>[2013/06/17 02:12:45 | 000,007,448 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\cchpx64.cat <br/>[2013/06/17 02:12:45 | 000,007,414 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\srtspx64.cat <br/>[2013/06/17 02:12:45 | 000,007,410 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\srtsp64.cat <br/>[2013/06/17 02:12:45 | 000,007,406 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\symds64.cat <br/>[2013/06/17 02:12:45 | 000,007,402 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\iron.cat <br/>[2013/06/17 02:12:45 | 000,007,368 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\symnet64.cat <br/>[2013/06/17 02:12:45 | 000,003,373 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\symefa.inf <br/>[2013/06/17 02:12:45 | 000,002,793 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\symds.inf <br/>[2013/06/17 02:12:45 | 000,001,838 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\cchpx64.inf <br/>[2013/06/17 02:12:45 | 000,001,473 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\symnetv.inf <br/>[2013/06/17 02:12:45 | 000,001,445 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\symnet.inf <br/>[2013/06/17 02:12:45 | 000,001,437 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\srtsp64.inf <br/>[2013/06/17 02:12:45 | 000,001,421 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\srtspx64.inf <br/>[2013/06/17 02:12:45 | 000,000,771 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\iron.inf <br/>[2013/06/17 02:12:42 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\symefa64.cat <br/>[2013/06/17 02:12:41 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\isolate.ini <br/>[2013/06/16 23:57:18 | 000,002,279 | ---- | C] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk <br/>[2013/06/16 23:57:18 | 000,002,183 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk <br/>[2013/06/16 21:55:16 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk <br/>[2013/06/16 21:55:16 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk <br/>[2013/06/16 20:05:52 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe <br/>[2013/06/16 20:05:52 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe <br/>[2013/06/16 20:05:52 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe <br/>[2013/06/16 20:05:52 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe <br/>[2013/06/16 20:05:52 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe <br/>[2013/06/15 18:13:38 | 000,000,222 | ---- | C] () -- f:\Users\Chris\Desktop\Unepic.url <br/>[2013/06/15 16:44:28 | 000,007,440 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT <br/>[2013/06/15 16:44:28 | 000,002,489 | ---- | C] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk <br/>[2013/06/15 16:44:28 | 000,000,854 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF <br/>[2013/06/15 16:17:45 | 000,003,072 | ---- | C] () -- C:\Windows\SysWow64\Cache.db <br/>[2013/06/15 16:09:02 | 000,001,048 | ---- | C] () -- C:\Users\Public\Desktop\Norton Utilities.lnk <br/>[2013/06/15 13:37:53 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk <br/>[2013/06/14 22:58:45 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk <br/>[2013/06/10 20:33:37 | 000,000,045 | ---- | C] () -- C:\Users\Chris\jagex_cl_runescape_LIVE1.dat <br/>[2013/06/07 20:14:57 | 000,000,790 | ---- | C] () -- C:\Users\Public\Desktop\AutoMe.lnk <br/>[2013/06/04 01:12:30 | 000,001,351 | ---- | C] () -- f:\Users\Chris\Documents\AutoHotkey.ahk <br/>[2013/05/28 21:14:41 | 000,000,202 | ---- | C] () -- f:\Users\Chris\Desktop\Dust An Elysian Tail.url <br/>[2013/05/28 01:06:01 | 000,002,040 | ---- | C] () -- C:\Users\Public\Desktop\FL Studio 11.lnk <br/>[2013/05/28 01:05:43 | 000,002,052 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FL Studio 11.lnk <br/>[2013/05/26 22:33:43 | 000,002,061 | ---- | C] () -- C:\Users\Public\Desktop\NetBeans IDE 7.3.lnk <br/>[2013/05/24 00:51:07 | 000,010,866 | ---- | C] () -- f:\Users\Chris\Desktop\Shotgun Fire.mp3 <br/>[2013/05/24 00:39:58 | 015,862,944 | ---- | C] () -- f:\Users\Chris\Desktop\Level 1.wav <br/>[2013/05/22 22:11:31 | 000,000,973 | ---- | C] () -- f:\Users\Chris\Desktop\GoogleDrive.lnk <br/>[2013/05/22 22:11:23 | 000,000,973 | ---- | C] () -- C:\Users\Chris\Google Drive - Shortcut.lnk <br/>[2013/05/22 01:14:29 | 000,000,044 | ---- | C] () -- C:\Users\Chris\jagex_cl_oldschool_LIVE.dat <br/>[2013/05/22 00:27:55 | 000,000,044 | ---- | C] () -- C:\Users\Chris\jagex_cl_runescape_LIVE.dat <br/>[2013/05/22 00:27:55 | 000,000,024 | ---- | C] () -- C:\Users\Chris\random.dat <br/>[2013/05/09 21:53:13 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat <br/>[2013/04/25 14:55:30 | 000,021,764 | ---- | C] () -- C:\Users\Chris\AppData\Local\recently-used.xbel <br/>[2013/04/17 13:28:35 | 000,166,912 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL <br/>[2013/04/17 13:28:35 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL <br/>[2013/04/17 13:28:33 | 000,002,177 | ---- | C] () -- C:\Windows\P17EP.ini <br/>[2013/04/17 13:28:33 | 000,001,578 | ---- | C] () -- C:\Windows\P17EPLS.ini <br/>[2013/04/17 13:28:33 | 000,001,489 | ---- | C] () -- C:\Windows\P17EP51.ini <br/>[2013/02/28 19:52:57 | 000,000,093 | ---- | C] () -- C:\Users\Chris\AppData\Local\fusioncache.dat <br/>[2013/02/28 19:51:50 | 000,777,586 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI <br/>[2013/02/27 13:37:05 | 000,000,641 | ---- | C] () -- C:\Users\Chris\Downloads - Shortcut.lnk <br/>[2013/02/25 20:41:09 | 002,580,552 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe <br/>[2012/07/03 06:11:02 | 000,016,384 | ---- | C] () -- C:\Windows\SysWow64\theowl.dll <br/>[2012/02/03 13:00:58 | 000,139,264 | ---- | C] () -- C:\Windows\SysWow64\TCPClient.dll <br/>[2012/02/02 21:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll <br/> <br/>[color=#E56717]========== ZeroAccess Check ==========[/color] <br/> <br/>[2009/07/14 15:00:09 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini <br/> <br/>[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 <br/> <br/>[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] <br/> <br/>[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 <br/> <br/>[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] <br/> <br/>[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 <br/>"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 15:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation) <br/>"ThreadingModel" = Apartment <br/> <br/>[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] <br/>"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 14:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) <br/>"ThreadingModel" = Apartment <br/> <br/>[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 <br/>"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 11:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) <br/>"ThreadingModel" = Free <br/> <br/>[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] <br/>"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 13:24:46 | 000,606,208 | ---- | M] (Microsoft Corporation) <br/>"ThreadingModel" = Free <br/> <br/>[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 <br/>"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 11:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) <br/>"ThreadingModel" = Both <br/> <br/>[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] <br/> <br/>[color=#E56717]========== LOP Check ==========[/color] <br/> <br/>[2013/03/19 18:11:47 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\.minecraft <br/>[2013/06/03 23:41:25 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\asoftech <br/>[2013/05/24 00:51:12 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Audacity <br/>[2013/03/12 23:10:42 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Beat Hazard <br/>[2013/05/09 22:00:56 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Best Video Converter <br/>[2013/04/07 16:01:27 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\com.shirogames.evoland <br/>[2013/04/26 02:16:07 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\com.ynab.YNAB4.LiveCaptive <br/>[2013/03/17 22:24:49 | 000,000,000 | -HSD | M] -- C:\Users\Chris\AppData\Roaming\Common <br/>[2013/04/05 08:56:46 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Curse Advertising <br/>[2013/04/06 23:14:17 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\DisplayFusion <br/>[2013/06/13 22:15:17 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Dropbox <br/>[2013/04/18 22:46:20 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Empty Clip Studios <br/>[2013/03/13 21:19:55 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\EuroTalk <br/>[2013/06/06 19:25:36 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\FAHClient <br/>[2013/05/04 21:54:13 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\FEZ <br/>[2013/06/20 21:07:30 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\FlowStone <br/>[2013/03/29 17:17:53 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Hardcore <br/>[2013/05/28 01:05:45 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Image-Line <br/>[2013/06/07 19:45:55 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\kingsoft <br/>[2013/06/18 23:17:13 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Mumble <br/>[2013/05/26 22:39:40 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\NetBeans <br/>[2013/06/07 22:21:07 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Origin <br/>[2013/04/13 12:40:36 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Publish Providers <br/>[2013/04/16 00:04:51 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\raidcall <br/>[2013/05/09 20:53:12 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Sony <br/>[2013/04/17 02:56:36 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Sony Creative Software Inc <br/>[2013/05/06 00:28:46 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\SoundSpectrum <br/>[2013/02/26 19:29:33 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Spearit <br/>[2013/03/31 18:26:23 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Thunderbird <br/>[2013/02/25 20:24:35 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\TuneUp Software <br/>[2013/06/14 22:59:42 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\uTorrent <br/> <br/>[color=#E56717]========== Purity Check ==========[/color] <br/> <br/> <br/> <br/>[color=#E56717]========== Alternate Data Streams ==========[/color] <br/> <br/>@Alternate Data Stream - 179 bytes -> C:\ProgramData\TEMP:D287FACF <br/> <br/>< End of report >
Posted 6/22/2013 1:07 PM
#95829
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
I can´s see any infections, I´ll therefore suggest you run the following script, written by:[color="#0066cc">Arun] <br/> Microsoft MVP <br/> <br/> <br/><span class="usertitle">1.It Cleans up all temp files from C drive <br/> 2. Removes all log files from C drive <br/> 3. Runs Defrag on C drive - first consolidates the free space and then defrags and then again consolidates free space. <br/>4.Checking System File Integrity[/color] <br/> <br/> <br/> <br/> <br/><span class="usertitle">Pasting the below in bold for your reference. You can copy it into Notepad and press CTRL+S. In the filetype, select "all filetypes *.*" and give it a name with .bat extension. <br/>Such as clean.bat <br/> <br/> <br/> <br/><b>[color="#008000">@ECHO] CLS <br/> C: <br/> CD \ <br/> <br/> ECHO WARNING: Do not use the X button to close. Press CTRL+C To Abort and press Y to close... <br/> <br/> ECHO Removing all temp files from C: drive <br/> Del *.tmp /s /Q <br/> Del *.temp /s /Q <br/> <br/> ECHO Removing all log Files from C: drive <br/> Del *.log /s /Q <br/> <br/> CLS <br/> <br/> REM Defragmenting C: drive <br/> ECHO Defragmenting C drive... Press CTRL+C To Abort and press Y to close... <br/> defrag c: /h /x <br/> <br/> REM Checking System File Integrity <br/> ECHO Checking System File Integrity... Press CTRL+C To Abort and press Y to close... <br/> SFC /SCANNOW <br/> Pause <br/> CLS <br/> <br/> exit[/color] <br/>[color="#008000"> <br/>[/color]</b> <br/> <br/> <br/>[color="#008000">[/b] <br/><font]Reboot when done, and tell if there are any improvements ?[/color] <br/><span class="usertitle"> <br/> <br/><b> <br/> <br/> <br/> <br/></b>

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 6/23/2013 1:03 AM
#95830
User avatar

Steelstring13 Valued member

Date Joined Nov 2016
Total Posts: 14
I followed your instructions above. Any time I use a google search it still takes a very prolonged amount of time to complete a search.
Posted 6/24/2013 7:03 AM
#95834
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
Try to reset IE settings, as described here:</div>http://support.microsoft.com/kb/923737/en-us

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 6/24/2013 10:10 AM
#95835
User avatar

Steelstring13 Valued member

Date Joined Nov 2016
Total Posts: 14
I have reset the IE settings and it is still occurring. I use Chrome primarily and whenever I use Google search it slows down. Whenever I play on-line games it oscillates heavily as well.
Posted 6/24/2013 11:16 PM
#95839
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
That´s odd. Try deactivate Norton from msconfig, as described here:</div>http://www.netsquirrel.com/msconfig/

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 6/25/2013 11:04 AM
#95840
User avatar

Steelstring13 Valued member

Date Joined Nov 2016
Total Posts: 14
I have deactivated Norton entirely before and there has not been a change. It doesn't seem to be my internet provider, as my mobile phone connects to my wireless and it works fine. <br/>I'm starting to think the only thing I can do is a refresh install of OS?
Posted 6/25/2013 12:16 PM
#95841
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
Yes, it could end with an reinstall of windows, before you do I´ll suggest you download and run Farbar service scanner:</div> <br/>http://www.bleepingcomputer.com/download/farbar-service-scanner/ <br/> <br/> <br/>Put a checkmark next to: <br/> <br/><span lang="ZH">Internet Services <br/>Windows Firewall <br/>Other services <br/> <br/> <br/> <br/>Click Scan. <br/> <br/> <br/> <br/>it will produce a log log (FSS.txt). Please post it in next reply.............. <br/> <br/><span lang="DA">

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 6/25/2013 12:45 PM
#95842
User avatar

Steelstring13 Valued member

Date Joined Nov 2016
Total Posts: 14
I hope I don't have to :) <br/> <br/>Farbar Service Scanner Version: 16-06-2013 <br/>Ran by Chris (administrator) on 25-06-2013 at 22:45:12 <br/>Running from "F:\Users\Chris\Downloads" <br/>Windows 7 Ultimate N Service Pack 1 (X64) <br/>Boot Mode: Normal <br/>**************************************************************** <br/> <br/>Internet Services: <br/>============ <br/> <br/>Connection Status: <br/>============== <br/>Localhost is accessible. <br/>LAN connected. <br/>Google IP is accessible. <br/>Google.com is accessible. <br/>Yahoo.com is accessible. <br/> <br/> <br/>Windows Firewall: <br/>============= <br/> <br/>Firewall Disabled Policy: <br/>================== <br/>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] <br/>"EnableFirewall"=DWORD:0 <br/> <br/> <br/>Other Services: <br/>============== <br/> <br/> <br/>File Check: <br/>======== <br/>C:\Windows\System32\nsisvc.dll => MD5 is legit <br/>C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit <br/>C:\Windows\System32\dhcpcore.dll => MD5 is legit <br/>C:\Windows\System32\drivers\afd.sys => MD5 is legit <br/>C:\Windows\System32\drivers\tdx.sys => MD5 is legit <br/>C:\Windows\System32\Drivers\tcpip.sys <br/>[2013-06-12 20:28] - [2013-05-08 16:39] - 1910632 ____A (Microsoft Corporation) 9849EA3843A2ADBDD1497E97A85D8CAE <br/> <br/>C:\Windows\System32\dnsrslvr.dll => MD5 is legit <br/>C:\Windows\System32\mpssvc.dll => MD5 is legit <br/>C:\Windows\System32\bfe.dll => MD5 is legit <br/>C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit <br/>C:\Windows\System32\ipnathlp.dll => MD5 is legit <br/>C:\Windows\System32\iphlpsvc.dll => MD5 is legit <br/>C:\Windows\System32\svchost.exe => MD5 is legit <br/>C:\Windows\System32\rpcss.dll => MD5 is legit <br/> <br/> <br/>**** End of log ****
Posted 6/26/2013 8:14 AM
#95845
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
It looks fine to me, but run the following scanner that is good at finding hidden infections.</div> <br/> <br/> <br/>For 32 bit Windows: <br/>http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ <br/> <br/>Save it to Desktop <br/><span class="hps"> <br/>For 64 bit Windows: <br/>http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ <br/> <br/>Save it to Desktop <br/> <br/> <br/> <br/><span class="hps">When viable Recovery Scan Tool is started, click Scan. <br/>Frst will let you know when the scan is finished, and has written FRST.txt to file, then close this message, then type the following in the search box: <br/>services.exe <br/>Press the search button <br/>When the search is complete, the search.txt also written to your USB <br/>Type exit and restart the computer normally <br/> <br/>Copy and paste both logs in your reply. (FRST.txt and Search.txt)

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 6/26/2013 12:57 PM
#95846
User avatar

Steelstring13 Valued member

Date Joined Nov 2016
Total Posts: 14
Alright cool, here they are: <br/> <br/> <br/> <br/>Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-06-2013 02 <br/>Ran by Chris (administrator) on 26-06-2013 22:54:44 <br/>Running from F:\Users\Chris\Downloads <br/>Windows 7 Ultimate N Service Pack 1 (X64) OS Language: English(US) <br/>Internet Explorer Version 10 <br/>Boot Mode: Normal <br/> <br/>==================== Processes (Whitelisted) ================= <br/> <br/>(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe <br/>(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe <br/>(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe <br/>() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe <br/>(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe <br/>(Intel Corporation) C:\Windows\system32\IProsetMonitor.exe <br/>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe <br/>() C:\Windows\SysWOW64\PnkBstrA.exe <br/>(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe <br/>(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe <br/>(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe <br/>(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe <br/>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe <br/>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe <br/>(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe <br/>(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe <br/>(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookx86.exe <br/>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe <br/>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe <br/>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe <br/>(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe <br/>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe <br/>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe <br/>(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <br/>(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe <br/>(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe <br/> <br/>==================== Registry (Whitelisted) ================== <br/> <br/>HKLM\...\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [13263072 2012-12-13] (Realtek Semiconductor) <br/>HKCU\...\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart [19676256 2013-06-06] (Google) <br/>HKCU\...\Run: [DisplayFusion] "C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe" [645296 2009-12-09] (Binary Fortress Software) <br/>HKLM-x32\...\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [133400 2012-02-07] (Intel Corporation) <br/>HKLM-x32\...\Run: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry [x] <br/>HKLM-x32\...\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation) <br/>HKLM-x32\...\Run: [IntelSBA] C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\SBALaunchDelay.exe "C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe -minimized" 60 [4243168 2012-02-27] (Intel Corporation) <br/>HKLM-x32\...\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [291608 2012-01-27] (Intel Corporation) <br/>HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-05] (Adobe Systems Incorporated) <br/>HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation) <br/>HKU\UpdatusUser\...\Run: [DisplayFusion] "C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe" [645296 2009-12-09] (Binary Fortress Software) <br/> <br/>==================== Internet (Whitelisted) ==================== <br/> <br/>HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/ <br/>HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch <br/>HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com <br/>SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = <br/>DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455} <br/>Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 <br/> <br/>FireFox: <br/>======== <br/>FF ProfilePath: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\2z1f4210.default <br/>FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll () <br/>FF Plugin: @microsoft.com/GENUINE - disabled No File <br/>FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) <br/>FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) <br/>FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll () <br/>FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () <br/>FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) <br/>FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB) <br/>FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) <br/>FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) <br/>FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) <br/>FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) <br/>FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) <br/>FF Plugin-x32: @microsoft.com/GENUINE - disabled No File <br/>FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) <br/>FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) <br/>FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) <br/>FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) <br/>FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) <br/>FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) <br/>FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) <br/>FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - F:\Program Files (x86)\VLC\npvlc.dll (VideoLAN) <br/>FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) <br/>FF Extension: No Name - C:\Users\Chris\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} <br/> <br/>Chrome: <br/>======= <br/>CHR HomePage: hxxp://www.google.com/ <br/>CHR RestoreOnStartup: "hxxp://www.facebook.com/", "https://www.google.com.au/" <br/>CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} <br/>CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} <br/>CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll () <br/>CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer <br/>CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll () <br/>CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\pdf.dll () <br/>CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) <br/>CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) <br/>CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) <br/>CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB) <br/>CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) <br/>CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) <br/>CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) <br/>CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) <br/>CHR Plugin: (Java(TM) Platform SE 7 U21) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) <br/>CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) <br/>CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) <br/>CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) <br/>CHR Plugin: (Uplay PC) - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft) <br/>CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () <br/>CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll () <br/>CHR Plugin: (VLC Web Plugin) - F:\Program Files (x86)\VLC\npvlc.dll (VideoLAN) <br/>CHR Extension: (Theme Creator) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpelnjfckgfiplcikojhomllgombffc\2.5_0 <br/>CHR Extension: (Google Docs) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 <br/>CHR Extension: (Google Drive) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 <br/>CHR Extension: (YouTube) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 <br/>CHR Extension: (Slinky Elegant) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmanlajnpdncmhfkiccmbgeocgbncfln\19.6_0 <br/>CHR Extension: (Google Search) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 <br/>CHR Extension: (KB SSL Enforcer) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\flcpelgcagfhfoegekianiofphddckof\2.0.0_0 <br/>CHR Extension: (AdBlock) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.2_0 <br/>CHR Extension: (Reload All Tabs) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpkdnfkjhdkcpimadpdcgapffceacjem\1.2.12_0 <br/>CHR Extension: (ScriptSafe) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf\1.0.6.13_0 <br/>CHR Extension: (Gmail) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 <br/> <br/>==================== Services (Whitelisted) ================= <br/> <br/>R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-07] () <br/>R2 Intel(R) Small Business Advantage; C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [49376 2012-02-27] (Intel Corporation) <br/>R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-07] (Intel Corporation) <br/>R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-06-25] () <br/>S2 Intel(R) Capability Licensing Service Interface; "C:\Program Files\Intel\iCLS Client\HeciServer.exe" [x] <br/> <br/>==================== Drivers (Whitelisted) ==================== <br/> <br/>S3 catchme; \??\C:\ComboFix\catchme.sys [x] <br/>S3 VGPU; System32\drivers\rdvgkmd.sys [x] <br/>S2 X5XSEx_Pr143; \??\C:\Program Files (x86)\Free Ride Games\X5XSEx_Pr143.Sys [x] <br/> <br/>==================== NetSvcs (Whitelisted) =================== <br/> <br/> <br/>==================== One Month Created Files and Folders ======== <br/> <br/>2013-06-26 22:54 - 2013-06-26 22:54 - 00000000 ____D C:\FRST <br/>2013-06-25 20:58 - 2013-06-25 21:03 - 00000000 ____D C:\ProgramData\SecTaskMan <br/>2013-06-25 20:58 - 2013-06-25 20:58 - 00000000 ____D C:\Program Files (x86)\Security Task Manager <br/>2013-06-25 00:04 - 2013-06-25 21:05 - 00291088 ____A C:\Windows\SysWOW64\PnkBstrB.exe <br/>2013-06-25 00:04 - 2013-06-25 00:18 - 00076888 ____A C:\Windows\SysWOW64\PnkBstrA.exe <br/>2013-06-24 23:54 - 2013-06-24 23:56 - 00000000 ____D C:\Users\Chris\AppData\Local\Origin <br/>2013-06-24 23:46 - 2013-06-25 22:57 - 00000000 ____D C:\Program Files (x86)\Origin <br/>2013-06-24 23:46 - 2013-06-24 23:46 - 00000979 ____A C:\Users\Public\Desktop\Origin.lnk <br/>2013-06-24 22:38 - 2013-06-24 22:38 - 00000000 ____D C:\Users\Default\AppData\LocalGoogle <br/>2013-06-24 22:38 - 2013-06-24 22:38 - 00000000 ____D C:\Users\Default\AppData\Local\Google <br/>2013-06-24 22:38 - 2013-06-24 22:38 - 00000000 ____D C:\Users\Default User\AppData\LocalGoogle <br/>2013-06-24 22:38 - 2013-06-24 22:38 - 00000000 ____D C:\Users\Default User\AppData\Local\Google <br/>2013-06-24 19:07 - 2013-06-24 19:07 - 00001407 ____A C:\Users\Chris\AppData\Local\recently-used.xbel <br/>2013-06-24 19:03 - 2013-06-24 19:03 - 00000000 ____D C:\Users\Chris\AppData\Local\gtk-2.0 <br/>2013-06-24 18:58 - 2013-06-24 19:00 - 00000000 ____D C:\Users\Chris\AppData\Roaming\XamarinStudio-4.0 <br/>2013-06-24 18:58 - 2013-06-24 18:58 - 00000000 ____D C:\Users\Chris\AppData\Roaming\stetic <br/>2013-06-24 18:58 - 2013-06-24 18:58 - 00000000 ____D C:\Users\Chris\AppData\Local\XamarinStudio-4.0 <br/>2013-06-24 18:58 - 2013-06-24 18:58 - 00000000 ____D C:\ProgramData\Mono for Android <br/>2013-06-24 18:53 - 2013-06-24 18:53 - 00000000 ____D C:\ProgramData\Monodoc <br/>2013-06-24 18:53 - 2013-06-24 18:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0 <br/>2013-06-24 18:49 - 2013-06-24 18:49 - 00000000 ____D C:\Program Files (x86)\Xamarin Studio <br/>2013-06-24 18:49 - 2013-06-24 18:49 - 00000000 ____D C:\Program Files (x86)\MonoDevelop <br/>2013-06-24 18:46 - 2013-06-24 19:00 - 00000000 ____D C:\Users\Chris\.android <br/>2013-06-24 18:46 - 2013-06-24 18:46 - 00000000 ____D C:\Program Files (x86)\GtkSharp <br/>2013-06-24 18:44 - 2013-06-24 18:44 - 00000000 ____D C:\Program Files\Android <br/>2013-06-24 18:42 - 2013-06-24 18:42 - 00000000 ____D C:\Users\Chris\AppData\Local\Android <br/>2013-06-24 17:50 - 2013-06-24 19:32 - 00000000 ____D C:\Users\Chris\AppData\Local\Xamarin <br/>2013-06-24 17:49 - 2013-06-26 11:54 - 00471472 ____A C:\Windows\PFRO.log <br/>2013-06-24 17:15 - 2013-06-24 18:58 - 00000000 ____D C:\ProgramData\Package Cache <br/>2013-06-23 15:27 - 2013-06-23 15:27 - 00000000 ____D C:\Windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP <br/>2013-06-23 15:27 - 2013-06-23 15:27 - 00000000 ____D C:\Users\Chris\AppData\Local\2K Games <br/>2013-06-23 15:26 - 2013-06-26 00:08 - 00035026 ____A C:\Windows\DirectX.log <br/>2013-06-23 13:06 - 2013-06-23 13:06 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe <br/>2013-06-23 13:06 - 2013-06-23 13:06 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe <br/>2013-06-23 13:06 - 2013-06-23 13:06 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe <br/>2013-06-23 13:06 - 2013-06-23 13:06 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll <br/>2013-06-23 11:01 - 2013-06-26 22:24 - 00001904 ____A C:\Windows\setupact.log <br/>2013-06-23 11:01 - 2013-06-23 11:01 - 00000000 ____A C:\Windows\setuperr.log <br/>2013-06-23 11:01 - 2013-06-23 11:01 - 00000000 ____A C:\Users\Chris\agent.log <br/>2013-06-18 22:31 - 2013-06-18 22:31 - 00000000 ____D C:\Users\Chris\AppData\Local\ESN Sonar <br/>2013-06-16 23:57 - 2013-06-21 17:32 - 00002183 ____A C:\Users\Public\Desktop\Google Chrome.lnk <br/>2013-06-16 21:56 - 2013-06-16 21:56 - 00000000 ____D C:\Users\Chris\AppData\Local\Macromedia <br/>2013-06-16 21:55 - 2013-06-16 21:55 - 00001147 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk <br/>2013-06-16 21:55 - 2013-06-16 21:55 - 00000000 ____D C:\Users\Chris\AppData\Local\Mozilla <br/>2013-06-16 20:12 - 2013-06-16 20:12 - 00032620 ____A C:\ComboFix.txt <br/>2013-06-16 20:05 - 2013-06-16 20:12 - 00000000 ___AD C:\Qoobox <br/>2013-06-16 20:05 - 2013-06-16 20:11 - 00000000 ____D C:\Windows\erdnt <br/>2013-06-16 20:05 - 2011-06-26 16:45 - 00256000 ____A C:\Windows\PEV.exe <br/>2013-06-16 20:05 - 2010-11-08 03:20 - 00208896 ____A C:\Windows\MBR.exe <br/>2013-06-16 20:05 - 2009-04-20 14:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe <br/>2013-06-16 20:05 - 2000-08-31 10:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe <br/>2013-06-16 20:05 - 2000-08-31 10:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe <br/>2013-06-16 20:05 - 2000-08-31 10:00 - 00098816 ____A C:\Windows\sed.exe <br/>2013-06-16 20:05 - 2000-08-31 10:00 - 00080412 ____A C:\Windows\grep.exe <br/>2013-06-16 20:05 - 2000-08-31 10:00 - 00068096 ____A C:\Windows\zip.exe <br/>2013-06-16 19:18 - 2013-06-16 19:18 - 00000984 ____A C:\Users\Chris\Desktop\JRT.txt <br/>2013-06-16 19:15 - 2013-06-16 19:15 - 00000000 ____D C:\Windows\ERUNT <br/>2013-06-16 19:15 - 2013-06-16 19:15 - 00000000 ____D C:\JRT <br/>2013-06-16 19:13 - 2013-06-16 19:13 - 00003258 ____A C:\AdwCleaner[S1].txt <br/>2013-06-16 01:43 - 2013-06-09 00:08 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll <br/>2013-06-16 01:43 - 2013-06-09 00:07 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll <br/>2013-06-16 01:43 - 2013-06-09 00:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll <br/>2013-06-16 01:43 - 2013-06-09 00:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll <br/>2013-06-16 01:43 - 2013-06-09 00:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll <br/>2013-06-16 01:43 - 2013-06-08 22:28 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb <br/>2013-06-16 01:43 - 2013-06-08 21:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll <br/>2013-06-16 01:43 - 2013-06-08 21:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll <br/>2013-06-16 01:43 - 2013-06-08 21:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll <br/>2013-06-16 01:43 - 2013-06-08 21:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll <br/>2013-06-16 01:43 - 2013-06-08 21:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll <br/>2013-06-16 01:43 - 2013-06-08 21:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb <br/>2013-06-15 16:20 - 2013-06-15 16:20 - 00000000 ____D C:\Windows\pss <br/>2013-06-15 16:17 - 2013-06-15 16:21 - 00003072 ____A C:\Windows\SysWOW64\Cache.db <br/>2013-06-15 16:15 - 2013-06-23 10:58 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Norton Utilities 14 <br/>2013-06-15 16:08 - 2013-06-25 23:57 - 00000000 ____D C:\Program Files (x86)\Norton Utilities 14 <br/>2013-06-15 13:37 - 2013-06-15 13:37 - 00001109 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk <br/>2013-06-15 13:37 - 2013-06-15 13:37 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware <br/>2013-06-15 13:37 - 2013-04-04 14:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys <br/>2013-06-14 22:58 - 2013-06-14 22:58 - 00000822 ____A C:\Users\Public\Desktop\CCleaner.lnk <br/>2013-06-14 22:58 - 2013-06-14 22:58 - 00000000 ____D C:\Program Files\CCleaner <br/>2013-06-14 20:12 - 2013-06-23 21:26 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins <br/>2013-06-13 00:42 - 2013-05-17 11:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll <br/>2013-06-13 00:42 - 2013-05-17 11:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll <br/>2013-06-13 00:42 - 2013-05-17 11:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll <br/>2013-06-13 00:42 - 2013-05-17 11:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll <br/>2013-06-13 00:42 - 2013-05-17 11:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll <br/>2013-06-13 00:42 - 2013-05-17 11:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll <br/>2013-06-13 00:42 - 2013-05-17 11:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll <br/>2013-06-13 00:42 - 2013-05-17 11:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll <br/>2013-06-13 00:42 - 2013-05-17 10:59 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll <br/>2013-06-13 00:42 - 2013-05-17 10:59 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe <br/>2013-06-13 00:42 - 2013-05-17 10:58 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll <br/>2013-06-13 00:42 - 2013-05-17 10:58 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll <br/>2013-06-13 00:42 - 2013-05-17 10:58 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll <br/>2013-06-13 00:42 - 2013-05-17 10:58 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll <br/>2013-06-13 00:42 - 2013-05-17 10:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll <br/>2013-06-13 00:42 - 2013-05-17 10:58 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll <br/>2013-06-13 00:42 - 2013-05-17 10:58 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll <br/>2013-06-13 00:42 - 2013-05-14 22:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe <br/>2013-06-13 00:42 - 2013-05-14 18:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe <br/>2013-06-12 20:28 - 2013-05-08 16:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys <br/>2013-06-12 20:23 - 2013-05-10 15:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll <br/>2013-06-12 20:23 - 2013-05-10 13:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll <br/>2013-06-12 20:23 - 2013-04-26 15:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll <br/>2013-06-12 20:23 - 2013-04-26 14:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll <br/>2013-06-12 20:23 - 2013-04-17 17:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll <br/>2013-06-12 20:23 - 2013-04-17 16:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll <br/>2013-06-12 20:22 - 2013-05-13 15:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll <br/>2013-06-12 20:22 - 2013-05-13 15:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll <br/>2013-06-12 20:22 - 2013-05-13 15:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll <br/>2013-06-12 20:22 - 2013-05-13 15:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll <br/>2013-06-12 20:22 - 2013-05-13 14:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll <br/>2013-06-12 20:22 - 2013-05-13 14:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll <br/>2013-06-12 20:22 - 2013-05-13 14:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll <br/>2013-06-12 20:22 - 2013-05-13 13:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe <br/>2013-06-12 20:22 - 2013-05-13 13:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe <br/>2013-06-12 20:22 - 2013-05-13 13:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll <br/>2013-06-12 20:22 - 2013-04-26 09:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll <br/>2013-06-12 20:22 - 2013-04-01 08:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll <br/>2013-06-10 20:45 - 2013-06-10 20:45 - 00000000 ____D C:\Users\Chris\AppData\Local\CRE <br/>2013-06-10 20:33 - 2013-06-10 22:20 - 00000000 ____D C:\Users\Chris\jagexcache1 <br/>2013-06-10 20:33 - 2013-06-10 20:33 - 00000045 ____A C:\Users\Chris\jagex_cl_runescape_LIVE1.dat <br/>2013-06-07 19:46 - 2013-06-07 19:46 - 00000000 ____D C:\Users\Chris\AppData\Local\KSafe <br/>2013-06-07 19:45 - 2013-06-14 22:35 - 00000000 ____D C:\Program Files (x86)\Kingsoft <br/>2013-06-07 19:45 - 2013-06-07 19:47 - 00000000 ____D C:\ProgramData\Kingsoft <br/>2013-06-07 19:45 - 2013-06-07 19:45 - 00000000 ____D C:\Users\Chris\AppData\Roaming\kingsoft <br/>2013-06-07 19:39 - 2013-06-07 19:39 - 00879112 ____A (shockingsoft.com ) C:\Users\Chris\Downloads\AutoClickerShocker-Setup.exe <br/>2013-06-07 18:47 - 2013-06-07 18:47 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Malwarebytes <br/>2013-06-07 18:47 - 2013-06-07 18:47 - 00000000 ____D C:\ProgramData\Malwarebytes <br/>2013-06-03 23:41 - 2013-06-03 23:41 - 00000000 ____D C:\Users\Chris\AppData\Roaming\asoftech <br/>2013-06-03 23:40 - 2013-06-07 19:43 - 00000000 ____D C:\Program Files (x86)\MyPC Backup <br/>2013-06-03 23:40 - 2013-06-03 23:40 - 02823016 ____A (Asoftech, Inc ) C:\Users\Chris\Downloads\autome.exe <br/>2013-06-03 23:39 - 2013-06-03 23:39 - 00000000 ____D C:\Windows\Sun <br/>2013-06-02 23:48 - 2013-06-03 00:02 - 00000000 ____D C:\Program Files (x86)\Project64 2.1 <br/>2013-05-28 01:06 - 2013-05-28 01:06 - 00002040 ____A C:\Users\Public\Desktop\FL Studio 11.lnk <br/>2013-05-28 01:05 - 2013-06-26 22:31 - 00000000 ____D C:\Users\Chris\AppData\Roaming\FlowStone <br/>2013-05-28 01:05 - 2013-05-28 01:05 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Image-Line <br/>2013-05-28 01:05 - 2013-05-28 01:05 - 00000000 ____D C:\Program Files\Image-Line <br/>2013-05-28 01:05 - 2013-05-28 01:05 - 00000000 ____D C:\Program Files (x86)\DSPRobotics <br/>2013-05-28 01:05 - 2009-09-15 19:14 - 01554944 ____A (HMS http://hp.vector.co.jp/authors/VA012897/) C:\Windows\SysWOW64\vorbis.acm <br/>2013-05-27 21:51 - 1999-12-17 10:13 - 00086016 ____A (MindVision Software) C:\Windows\unvise32.exe <br/>2013-05-27 17:59 - 2013-05-27 17:59 - 00000000 ____D C:\Users\Chris\Documents\NeocoreGames <br/> <br/>==================== One Month Modified Files and Folders ======= <br/> <br/>2013-06-26 22:54 - 2013-06-26 22:54 - 00000000 ____D C:\FRST <br/>2013-06-26 22:31 - 2013-05-28 01:05 - 00000000 ____D C:\Users\Chris\AppData\Roaming\FlowStone <br/>2013-06-26 22:29 - 2013-02-25 17:18 - 00000896 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job <br/>2013-06-26 22:25 - 2009-07-14 15:12 - 00793720 ____A C:\Windows\System32\PerfStringBackup.INI <br/>2013-06-26 22:24 - 2013-06-23 11:01 - 00001904 ____A C:\Windows\setupact.log <br/>2013-06-26 22:22 - 2009-07-14 14:50 - 00020304 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 <br/>2013-06-26 22:22 - 2009-07-14 14:50 - 00020304 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 <br/>2013-06-26 22:19 - 2013-02-25 10:50 - 01544424 ____A C:\Windows\WindowsUpdate.log <br/>2013-06-26 22:15 - 2013-05-22 22:11 - 00000000 ___SD C:\Users\Chris\Google Drive <br/>2013-06-26 22:15 - 2013-02-25 17:18 - 00000892 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job <br/>2013-06-26 22:15 - 2013-02-25 10:57 - 00000828 ____A C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job <br/>2013-06-26 22:15 - 2013-02-25 10:55 - 00000000 ____D C:\ProgramData\NVIDIA <br/>2013-06-26 22:15 - 2009-07-14 15:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT <br/>2013-06-26 16:11 - 2013-03-01 12:21 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job <br/>2013-06-26 11:54 - 2013-06-24 17:49 - 00471472 ____A C:\Windows\PFRO.log <br/>2013-06-26 11:54 - 2013-02-28 19:39 - 00000000 ____D C:\ProgramData\Norton <br/>2013-06-26 00:08 - 2013-06-23 15:26 - 00035026 ____A C:\Windows\DirectX.log <br/>2013-06-25 23:57 - 2013-06-15 16:08 - 00000000 ____D C:\Program Files (x86)\Norton Utilities 14 <br/>2013-06-25 23:08 - 2013-05-22 00:27 - 00000024 ____A C:\Users\Chris\random.dat <br/>2013-06-25 23:04 - 2013-05-22 00:27 - 00000044 ____A C:\Users\Chris\jagex_cl_runescape_LIVE.dat <br/>2013-06-25 22:57 - 2013-06-24 23:46 - 00000000 ____D C:\Program Files (x86)\Origin <br/>2013-06-25 22:37 - 2013-02-25 20:30 - 00000000 ____D C:\Users\Chris\AppData\Roaming\vlc <br/>2013-06-25 21:05 - 2013-06-25 00:04 - 00291088 ____A C:\Windows\SysWOW64\PnkBstrB.exe <br/>2013-06-25 21:05 - 2013-02-25 20:43 - 00291088 ____A C:\Windows\SysWOW64\PnkBstrB.xtr <br/>2013-06-25 21:03 - 2013-06-25 20:58 - 00000000 ____D C:\ProgramData\SecTaskMan <br/>2013-06-25 21:03 - 2013-02-25 20:41 - 00291088 ____A C:\Windows\SysWOW64\PnkBstrB.ex0 <br/>2013-06-25 20:58 - 2013-06-25 20:58 - 00000000 ____D C:\Program Files (x86)\Security Task Manager <br/>2013-06-25 20:52 - 2009-07-14 13:20 - 00000000 ____D C:\Windows\System32\NDF <br/>2013-06-25 00:18 - 2013-06-25 00:04 - 00076888 ____A C:\Windows\SysWOW64\PnkBstrA.exe <br/>2013-06-24 23:57 - 2013-02-28 22:33 - 00000000 ____D C:\Users\Chris\AppData\Local\CrashDumps <br/>2013-06-24 23:56 - 2013-06-24 23:54 - 00000000 ____D C:\Users\Chris\AppData\Local\Origin <br/>2013-06-24 23:54 - 2013-02-25 17:34 - 00000000 ____D C:\ProgramData\Origin <br/>2013-06-24 23:46 - 2013-06-24 23:46 - 00000979 ____A C:\Users\Public\Desktop\Origin.lnk <br/>2013-06-24 23:43 - 2013-04-13 12:37 - 00000000 ____D C:\ProgramData\Sony <br/>2013-06-24 23:43 - 2013-03-03 20:11 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information <br/>2013-06-24 23:43 - 2013-02-25 17:18 - 00000000 ____D C:\Users\Chris\AppData\Local\Deployment <br/>2013-06-24 23:40 - 2013-06-23 15:27 - 00000000 ____D C:\Users\Chris\AppData\Local\2K Games <br/>2013-06-24 22:38 - 2013-06-24 22:38 - 00000000 ____D C:\Users\Default\AppData\LocalGoogle <br/>2013-06-24 22:38 - 2013-06-24 22:38 - 00000000 ____D C:\Users\Default\AppData\Local\Google <br/>2013-06-24 22:38 - 2013-06-24 22:38 - 00000000 ____D C:\Users\Default User\AppData\LocalGoogle <br/>2013-06-24 22:38 - 2013-06-24 22:38 - 00000000 ____D C:\Users\Default User\AppData\Local\Google <br/>2013-06-24 20:13 - 2013-02-25 22:26 - 00000000 ____D C:\Users\Chris\AppData\Roaming\uTorrent <br/>2013-06-24 19:32 - 2013-06-24 17:50 - 00000000 ____D C:\Users\Chris\AppData\Local\Xamarin <br/>2013-06-24 19:07 - 2013-06-24 19:07 - 00001407 ____A C:\Users\Chris\AppData\Local\recently-used.xbel <br/>2013-06-24 19:03 - 2013-06-24 19:03 - 00000000 ____D C:\Users\Chris\AppData\Local\gtk-2.0 <br/>2013-06-24 19:00 - 2013-06-24 18:58 - 00000000 ____D C:\Users\Chris\AppData\Roaming\XamarinStudio-4.0 <br/>2013-06-24 19:00 - 2013-06-24 18:46 - 00000000 ____D C:\Users\Chris\.android <br/>2013-06-24 18:58 - 2013-06-24 18:58 - 00000000 ____D C:\Users\Chris\AppData\Roaming\stetic <br/>2013-06-24 18:58 - 2013-06-24 18:58 - 00000000 ____D C:\Users\Chris\AppData\Local\XamarinStudio-4.0 <br/>2013-06-24 18:58 - 2013-06-24 18:58 - 00000000 ____D C:\ProgramData\Mono for Android <br/>2013-06-24 18:58 - 2013-06-24 17:15 - 00000000 ____D C:\ProgramData\Package Cache <br/>2013-06-24 18:53 - 2013-06-24 18:53 - 00000000 ____D C:\ProgramData\Monodoc <br/>2013-06-24 18:53 - 2013-06-24 18:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0 <br/>2013-06-24 18:53 - 2009-07-14 15:38 - 00000000 ____D C:\Program Files (x86)\MSBuild <br/>2013-06-24 18:49 - 2013-06-24 18:49 - 00000000 ____D C:\Program Files (x86)\Xamarin Studio <br/>2013-06-24 18:49 - 2013-06-24 18:49 - 00000000 ____D C:\Program Files (x86)\MonoDevelop <br/>2013-06-24 18:46 - 2013-06-24 18:46 - 00000000 ____D C:\Program Files (x86)\GtkSharp <br/>2013-06-24 18:46 - 2013-02-25 10:51 - 00000000 ____D C:\users\Chris <br/>2013-06-24 18:44 - 2013-06-24 18:44 - 00000000 ____D C:\Program Files\Android <br/>2013-06-24 18:42 - 2013-06-24 18:42 - 00000000 ____D C:\Users\Chris\AppData\Local\Android <br/>2013-06-24 17:53 - 2013-03-19 18:29 - 00000000 ____D C:\Program Files (x86)\Java <br/>2013-06-24 17:32 - 2013-02-28 19:51 - 00777586 ____A C:\Windows\SysWOW64\PerfStringBackup.INI <br/>2013-06-24 00:03 - 2013-03-29 23:12 - 00000000 ____D C:\Users\Chris\.gimp-2.8 <br/>2013-06-23 21:26 - 2013-06-14 20:12 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins <br/>2013-06-23 15:27 - 2013-06-23 15:27 - 00000000 ____D C:\Windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP <br/>2013-06-23 13:06 - 2013-06-23 13:06 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe <br/>2013-06-23 13:06 - 2013-06-23 13:06 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe <br/>2013-06-23 13:06 - 2013-06-23 13:06 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe <br/>2013-06-23 13:06 - 2013-06-23 13:06 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll <br/>2013-06-23 13:06 - 2013-02-25 17:48 - 00867240 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll <br/>2013-06-23 13:06 - 2013-02-25 17:48 - 00789416 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll <br/>2013-06-23 11:41 - 2013-02-25 10:57 - 00000830 ____A C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job <br/>2013-06-23 11:01 - 2013-06-23 11:01 - 00000000 ____A C:\Windows\setuperr.log <br/>2013-06-23 11:01 - 2013-06-23 11:01 - 00000000 ____A C:\Users\Chris\agent.log <br/>2013-06-23 10:58 - 2013-06-15 16:15 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Norton Utilities 14 <br/>2013-06-23 10:58 - 2013-05-09 21:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox <br/>2013-06-23 10:58 - 2013-04-24 16:40 - 00000000 ____D C:\Users\Chris\AppData\Local\Warframe <br/>2013-06-23 10:58 - 2013-04-13 12:31 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Sony <br/>2013-06-23 10:58 - 2013-03-25 16:40 - 00000000 ____D C:\Program Files (x86)\VirtualDJ <br/>2013-06-23 10:58 - 2013-03-19 00:12 - 00000000 ____D C:\Users\Chris\AppData\Roaming\.minecraft <br/>2013-06-23 10:58 - 2013-02-26 02:37 - 00000000 ____D C:\Windows\Panther <br/>2013-06-23 10:58 - 2013-02-25 10:53 - 00000000 ____D C:\Program Files (x86)\Realtek <br/>2013-06-23 10:58 - 2013-02-25 10:51 - 00000000 ____D C:\TempEI4 <br/>2013-06-23 10:58 - 2009-07-14 13:20 - 00000000 ____D C:\Windows\System32\Msdtc <br/>2013-06-21 17:32 - 2013-06-16 23:57 - 00002183 ____A C:\Users\Public\Desktop\Google Chrome.lnk <br/>2013-06-18 23:17 - 2013-03-30 00:37 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Mumble <br/>2013-06-18 22:31 - 2013-06-18 22:31 - 00000000 ____D C:\Users\Chris\AppData\Local\ESN Sonar <br/>2013-06-17 17:30 - 2013-02-25 18:08 - 00000000 ____D C:\Users\Chris\AppData\Local\PunkBuster <br/>2013-06-16 23:57 - 2013-02-25 17:18 - 00000000 ____D C:\Users\Chris\AppData\Local\Google <br/>2013-06-16 23:57 - 2013-02-25 17:18 - 00000000 ____D C:\Program Files (x86)\Google <br/>2013-06-16 22:29 - 2013-03-31 18:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service <br/>2013-06-16 21:56 - 2013-06-16 21:56 - 00000000 ____D C:\Users\Chris\AppData\Local\Macromedia <br/>2013-06-16 21:55 - 2013-06-16 21:55 - 00001147 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk <br/>2013-06-16 21:55 - 2013-06-16 21:55 - 00000000 ____D C:\Users\Chris\AppData\Local\Mozilla <br/>2013-06-16 21:55 - 2013-03-31 18:26 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Mozilla <br/>2013-06-16 20:13 - 2013-02-25 13:13 - 00000000 ____D C:\Users\Chris\AppData\Local\Apps\2.0 <br/>2013-06-16 20:12 - 2013-06-16 20:12 - 00032620 ____A C:\ComboFix.txt <br/>2013-06-16 20:12 - 2013-06-16 20:05 - 00000000 ___AD C:\Qoobox <br/>2013-06-16 20:11 - 2013-06-16 20:05 - 00000000 ____D C:\Windows\erdnt <br/>2013-06-16 20:11 - 2009-07-14 12:34 - 00000215 ____A C:\Windows\system.ini <br/>2013-06-16 20:02 - 2013-02-27 12:17 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Winamp <br/>2013-06-16 19:18 - 2013-06-16 19:18 - 00000984 ____A C:\Users\Chris\Desktop\JRT.txt <br/>2013-06-16 19:15 - 2013-06-16 19:15 - 00000000 ____D C:\Windows\ERUNT <br/>2013-06-16 19:15 - 2013-06-16 19:15 - 00000000 ____D C:\JRT <br/>2013-06-16 19:13 - 2013-06-16 19:13 - 00003258 ____A C:\AdwCleaner[S1].txt <br/>2013-06-15 17:11 - 2013-02-25 10:51 - 00000000 ____D C:\Users\Chris\AppData\Local\VirtualStore <br/>2013-06-15 16:21 - 2013-06-15 16:17 - 00003072 ____A C:\Windows\SysWOW64\Cache.db <br/>2013-06-15 16:20 - 2013-06-15 16:20 - 00000000 ____D C:\Windows\pss <br/>2013-06-15 13:37 - 2013-06-15 13:37 - 00001109 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk <br/>2013-06-15 13:37 - 2013-06-15 13:37 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware <br/>2013-06-14 22:58 - 2013-06-14 22:58 - 00000822 ____A C:\Users\Public\Desktop\CCleaner.lnk <br/>2013-06-14 22:58 - 2013-06-14 22:58 - 00000000 ____D C:\Program Files\CCleaner <br/>2013-06-14 22:35 - 2013-06-07 19:45 - 00000000 ____D C:\Program Files (x86)\Kingsoft <br/>2013-06-13 22:17 - 2013-03-31 18:26 - 00000000 ____D C:\Users\Chris\AppData\Local\Thunderbird <br/>2013-06-13 22:17 - 2013-03-29 14:10 - 00000000 ____D C:\Program Files (x86)\VstPlugins <br/>2013-06-13 22:15 - 2013-03-31 18:21 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Dropbox <br/>2013-06-13 21:02 - 2013-02-25 11:33 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe <br/>2013-06-12 11:12 - 2013-03-01 12:21 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe <br/>2013-06-12 11:12 - 2013-03-01 12:21 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl <br/>2013-06-10 22:20 - 2013-06-10 20:33 - 00000000 ____D C:\Users\Chris\jagexcache1 <br/>2013-06-10 20:45 - 2013-06-10 20:45 - 00000000 ____D C:\Users\Chris\AppData\Local\CRE <br/>2013-06-10 20:33 - 2013-06-10 20:33 - 00000045 ____A C:\Users\Chris\jagex_cl_runescape_LIVE1.dat <br/>2013-06-10 12:41 - 2013-05-22 00:27 - 00000000 ____D C:\Users\Chris\jagexcache <br/>2013-06-09 00:08 - 2013-06-16 01:43 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll <br/>2013-06-09 00:07 - 2013-06-16 01:43 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll <br/>2013-06-09 00:06 - 2013-06-16 01:43 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll <br/>2013-06-09 00:06 - 2013-06-16 01:43 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll <br/>2013-06-09 00:06 - 2013-06-16 01:43 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll <br/>2013-06-08 22:28 - 2013-06-16 01:43 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb <br/>2013-06-08 21:42 - 2013-06-16 01:43 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll <br/>2013-06-08 21:40 - 2013-06-16 01:43 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll <br/>2013-06-08 21:40 - 2013-06-16 01:43 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll <br/>2013-06-08 21:40 - 2013-06-16 01:43 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll <br/>2013-06-08 21:40 - 2013-06-16 01:43 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll <br/>2013-06-08 21:13 - 2013-06-16 01:43 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb <br/>2013-06-07 22:21 - 2013-02-25 17:36 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Origin <br/>2013-06-07 20:52 - 2013-04-17 13:28 - 00000000 ____D C:\Program Files (x86)\Creative <br/>2013-06-07 20:38 - 2013-04-16 00:04 - 00000000 ____D C:\Program Files (x86)\RaidCall <br/>2013-06-07 19:49 - 2013-04-28 21:32 - 00000000 ____D C:\iOrgSoft AVCHD Video Converter OutPut <br/>2013-06-07 19:49 - 2013-04-28 21:30 - 00000000 ____D C:\Program Files (x86)\iOrgSoft <br/>2013-06-07 19:47 - 2013-06-07 19:45 - 00000000 ____D C:\ProgramData\Kingsoft <br/>2013-06-07 19:46 - 2013-06-07 19:46 - 00000000 ____D C:\Users\Chris\AppData\Local\KSafe <br/>2013-06-07 19:46 - 2013-02-28 19:04 - 00000000 ___RD C:\MSOCache <br/>2013-06-07 19:45 - 2013-06-07 19:45 - 00000000 ____D C:\Users\Chris\AppData\Roaming\kingsoft <br/>2013-06-07 19:43 - 2013-06-03 23:40 - 00000000 ____D C:\Program Files (x86)\MyPC Backup <br/>2013-06-07 19:39 - 2013-06-07 19:39 - 00879112 ____A (shockingsoft.com ) C:\Users\Chris\Downloads\AutoClickerShocker-Setup.exe <br/>2013-06-07 18:50 - 2013-05-06 17:43 - 00000000 ____D C:\ProgramData\Freemake <br/>2013-06-07 18:50 - 2013-05-06 17:43 - 00000000 ____D C:\Program Files (x86)\Freemake <br/>2013-06-07 18:47 - 2013-06-07 18:47 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Malwarebytes <br/>2013-06-07 18:47 - 2013-06-07 18:47 - 00000000 ____D C:\ProgramData\Malwarebytes <br/>2013-06-07 18:37 - 2011-04-12 17:43 - 00000000 ____D C:\Windows\ShellNew <br/>2013-06-07 17:49 - 2009-07-14 14:50 - 00362952 ____A C:\Windows\System32\FNTCACHE.DAT <br/>2013-06-07 00:43 - 2013-02-25 10:57 - 00093936 ____A C:\Users\Chris\AppData\Local\GDIPFONTCACHEV1.DAT <br/>2013-06-06 19:25 - 2013-05-18 17:28 - 00000000 ____D C:\Users\Chris\AppData\Roaming\FAHClient <br/>2013-06-06 19:25 - 2013-03-31 18:22 - 00000000 ___RD C:\Users\Chris\Dropbox <br/>2013-06-03 23:41 - 2013-06-03 23:41 - 00000000 ____D C:\Users\Chris\AppData\Roaming\asoftech <br/>2013-06-03 23:40 - 2013-06-03 23:40 - 02823016 ____A (Asoftech, Inc ) C:\Users\Chris\Downloads\autome.exe <br/>2013-06-03 23:39 - 2013-06-03 23:39 - 00000000 ____D C:\Windows\Sun <br/>2013-06-03 00:02 - 2013-06-02 23:48 - 00000000 ____D C:\Program Files (x86)\Project64 2.1 <br/>2013-06-01 02:01 - 2013-05-22 01:14 - 00000044 ____A C:\Users\Chris\jagex_cl_oldschool_LIVE.dat <br/>2013-05-28 01:06 - 2013-05-28 01:06 - 00002040 ____A C:\Users\Public\Desktop\FL Studio 11.lnk <br/>2013-05-28 01:05 - 2013-05-28 01:05 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Image-Line <br/>2013-05-28 01:05 - 2013-05-28 01:05 - 00000000 ____D C:\Program Files\Image-Line <br/>2013-05-28 01:05 - 2013-05-28 01:05 - 00000000 ____D C:\Program Files (x86)\DSPRobotics <br/>2013-05-28 01:04 - 2013-03-29 14:09 - 00000000 ____D C:\Program Files (x86)\Image-Line <br/>2013-05-27 17:59 - 2013-05-27 17:59 - 00000000 ____D C:\Users\Chris\Documents\NeocoreGames <br/> <br/>==================== Bamital & volsnap Check ================= <br/> <br/>C:\Windows\System32\winlogon.exe => MD5 is legit <br/>C:\Windows\System32\wininit.exe => MD5 is legit <br/>C:\Windows\SysWOW64\wininit.exe => MD5 is legit <br/>C:\Windows\explorer.exe => MD5 is legit <br/>C:\Windows\SysWOW64\explorer.exe => MD5 is legit <br/>C:\Windows\System32\svchost.exe => MD5 is legit <br/>C:\Windows\SysWOW64\svchost.exe => MD5 is legit <br/>C:\Windows\System32\services.exe => MD5 is legit <br/>C:\Windows\System32\User32.dll => MD5 is legit <br/>C:\Windows\SysWOW64\User32.dll => MD5 is legit <br/>C:\Windows\System32\userinit.exe => MD5 is legit <br/>C:\Windows\SysWOW64\userinit.exe => MD5 is legit <br/>C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit <br/> <br/> <br/>LastRegBack: 2013-06-07 02:01 <br/> <br/>==================== End Of Log ============================ <br/> <br/> <br/>Farbar Recovery Scan Tool (x64) Version: 25-06-2013 02 <br/>Ran by Chris at 2013-06-26 22:55:54 <br/>Running from F:\Users\Chris\Downloads <br/>Boot Mode: Normal <br/> <br/>================== Search: "services.exe" =================== <br/> <br/>C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe <br/>[2009-07-14 09:19] - [2009-07-14 11:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB <br/> <br/>C:\Windows\System32\services.exe <br/>[2009-07-14 09:19] - [2009-07-14 11:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB <br/> <br/>C:\Windows\erdnt\cache64\services.exe <br/>[2013-06-16 20:11] - [2009-07-14 11:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB <br/> <br/>====== End Of Search ======
  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Wednesday, December 7, 2016, 9:16 PM (GMT +1)
There are a total of 61,160 posts in 13,449 threads.
In the last 3 days there were 0 new threads and 0 reply posts.

Who's online

This forum has 37,967 registered members. Please welcome our newest member, ConcepcionJAbbate.
There are currently no users on-line.