Jump to content

Outgoing traffic from firefox


Recommended Posts

Hello, a few days ago Mbam pro has blocked 2 connections while i was browsing the web. All the websites I browse are reputable, so I guess the chances of being infected while going in those sites are quite low. I also browse with NoScript on. These are

2013/08/06 01:57:21 +0800    KODIAK    Kodi    IP-BLOCK    80.93.62.129 (Type: outgoing, Port: 52117, Process: firefox.exe)
2013/08/06 01:57:21 +0800    KODIAK    Kodi    IP-BLOCK    80.93.62.129 (Type: outgoing, Port: 52118, Process: firefox.exe)

I've read some people say that this could be just Mbam pro doing its job and blocking malicious sites, or that my computer might possibly be infected. Scans with Windows defender(the windows 8 version) and Mbam have come up clean(I run Defender and Mbam pro together, without setting any exceptions for the 2 programs. I have not had any problems so far.). This only happened once at the times stated above. Could anyone tell me if this is just mbam doing it's job, or is my computer infected? I can post logs if needed.Thanks in advance

Link to post
Share on other sites

Hello Aspen and :welcome:! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
Please follow the instructions here and then post the log files in your next reply.

http://forums.malwarebytes.org/index.php?showtopic=9573

Link to post
Share on other sites

Here they are

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 8
Boot Device: \Device\HarddiskVolume1
Install Date: 7/19/2013 11:13:23 PM
System Uptime: 8/8/2013 11:54:36 PM (3 hours ago)
.
Motherboard: Dell Inc. |  | 084J0R      
Processor: Intel® Core i5-3330 CPU @ 3.00GHz | CPU 1 | 3001/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 921 GiB total, 753.553 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP4: 7/21/2013 7:23:25 PM - Installed DirectX
RP5: 7/27/2013 6:32:45 PM - Installed DirectX
RP6: 7/31/2013 4:35:14 PM - Installed DirectX
RP7: 8/4/2013 12:28:30 AM - Installed DirectX
.
==== Installed Programs ======================
.
Adobe Flash Player 11 Plugin
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Bonjour
Borderlands 2
Conexant SmartAudio HD
Counter-Strike: Global Offensive
D3DX10
Dell Backup and Recovery
Dell Backup and Recovery - Support Software
Dell Digital Delivery
Dell Support Center
Dell Wireless Driver Installation
Deus Ex: Human Revolution
Devil May Cry 3: Special Edition
Devil May Cry 4
DmC Devil May Cry
DSC/AA Factory Installer
Guild Wars 2
Intel® Control Center
Intel® Management Engine Components
Intel® Processor Graphics
Intel® Rapid Storage Technology
Intel® Trusted Connect Service Client
iTunes
Kerbal Space Program
Killing Floor
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft Application Error Reporting
Microsoft Chart Controls for Microsoft .NET Framework 3.5
Microsoft Office
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Movie Maker
Mozilla Firefox 22.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT110
MSVCRT110_amd64
NVIDIA 3D Vision Controller Driver 326.41
NVIDIA 3D Vision Driver 326.41
NVIDIA Control Panel 326.41
NVIDIA GeForce Experience 1.6
NVIDIA Graphics Driver 326.41
NVIDIA HD Audio Driver 1.3.26.4
NVIDIA Install Application
NVIDIA Optimus 1.11.3
NVIDIA PhysX
NVIDIA PhysX System Software 9.13.0604
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 7.2.17
NVIDIA Update Components
NVIDIA Virtual Audio 1.2.1
Photo Common
Photo Gallery
PunkBuster Services
Razer Imperator
Realtek USB 2.0 Card Reader
Resident Evil 6 / Biohazard 6
Rising Storm/Red Orchestra 2 Multiplayer
S.T.A.L.K.E.R.: Shadow of Chernobyl
Shared C Run-time for x64
SHIELD Streaming
Steam
Strike Suit Infinity
Torchlight II
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
XCOM: Enemy Unknown
.
==== Event Viewer Messages From Past Week ========
.
8/7/2013 12:32:16 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
.
==== End Of File ===========================

 

 

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16537
Run by Kodi at 2:57:21 on 2013-08-09
Microsoft Windows 8  6.2.9200.0.1252.1.1033.18.3968.2335 [GMT 8:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\dwm.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Conexant\SA3\CxUtilSvc.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\taskhostex.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\CONEXANT\cAudioFilterAgent\caudiofilteragent64.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files\Conexant\SA3\SmartAudio3.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Razer\Imperator\RazerImperatorSysTray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Dell Backup and Recovery\TOASTER.EXE
C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\SysWOW64\PnkBstrB.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.


mWinlogon: Userinit = userinit.exe
uRun: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
mRun: [iMSS] "C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe"
mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Razer Imperator Driver] C:\Program Files (x86)\Razer\Imperator\RazerImperatorSysTray.exe
TCP: NameServer = 202.65.242.50 202.65.242.46 192.168.1.1
TCP: Interfaces\{1FCBB6AE-3ADD-450E-8C7D-7EE9E0C15B43} : DHCPNameServer = 10.101.101.100 163.244.101.69 163.244.100.254
TCP: Interfaces\{4A11A9AA-DAEC-4083-AA9A-780835142253} : DHCPNameServer = 202.65.242.50 202.65.242.46 192.168.1.1
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll, C:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll
SSODL: WebCheck - <orphaned>
x64-Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
x64-Run: [smartAudio] C:\Program Files\CONEXANT\SA3\SACpl.exe /sa3 /nv:3.0+ /dne /s
x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Kodi\AppData\Roaming\Mozilla\Firefox\Profiles\b5bsf214.default\
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
FF - ExtSQL: 2013-07-19 23:27; {73a6fe31-595d-460b-a920-fcc0f8843232}; C:\Users\Kodi\AppData\Roaming\Mozilla\Firefox\Profiles\b5bsf214.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2012-10-27 651832]
R2 CxUtilSvc;CxUtilSvc;C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe [2013-6-11 109184]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-6-11 14904]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-6-20 634632]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2013-6-11 166720]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-8-5 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-8-5 701512]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-8-5 14984480]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [2013-6-11 1914728]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-7-25 414496]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2013-6-11 365376]
R2 ZAtheros Wlan Agent;ZAtheros Wlan Agent;C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [2013-6-11 77824]
R3 imperator2;Razer Imperator Driver;C:\Windows\System32\Drivers\imperator2.sys [2012-12-10 11776]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\Drivers\IntcDAud.sys [2013-6-11 342528]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2013-8-5 25928]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\Drivers\nvvad64v.sys [2013-8-5 39712]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\Drivers\RtsUStor.sys [2013-6-11 252048]
R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2013-6-11 683664]
S2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2013-3-14 187912]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\Windows\System32\Drivers\nvstusb.sys [2013-6-11 448288]
S3 xusb22;Xbox 360 Wireless Receiver Driver Service 22;C:\Windows\System32\Drivers\xusb22.sys [2012-7-26 89088]
.
=============== Created Last 30 ================
.
2013-08-08 11:05:17    9460976    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3C17F840-C69D-4878-96A0-891259C91454}\mpengine.dll
2013-08-07 14:20:03    9460976    ------w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2013-08-05 14:59:27    --------    d-----w-    C:\Windows\SysWow64\NV
2013-08-05 14:59:27    --------    d-----w-    C:\Windows\System32\NV
2013-08-05 14:53:24    --------    d-----w-    C:\Windows\LastGood.Tmp
2013-08-05 14:36:24    --------    d-----w-    C:\NvidiaLogging
2013-08-05 14:35:52    39712    ----a-w-    C:\Windows\System32\drivers\nvvad64v.sys
2013-08-05 14:35:52    29984    ----a-w-    C:\Windows\System32\nvaudcap64v.dll
2013-08-05 14:35:52    28448    ----a-w-    C:\Windows\SysWow64\nvaudcap32v.dll
2013-08-05 14:35:42    --------    d-----w-    C:\Users\Kodi\AppData\Local\NVIDIA
2013-08-05 12:13:42    --------    d-----w-    C:\Users\Kodi\AppData\Roaming\Malwarebytes
2013-08-05 12:13:29    --------    d-----w-    C:\ProgramData\Malwarebytes
2013-08-05 12:13:27    25928    ----a-w-    C:\Windows\System32\drivers\mbam.sys
2013-08-05 12:13:27    --------    d-----w-    C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-05 12:13:01    --------    d-----w-    C:\Users\Kodi\AppData\Local\Programs
2013-08-05 11:01:17    --------    d-----w-    C:\Users\Kodi\AppData\Local\CAPCOM
2013-08-04 07:33:50    --------    d-----w-    C:\Users\Kodi\AppData\Local\ElevatedDiagnostics
2013-08-03 16:30:29    --------    d-----w-    C:\Users\Kodi\AppData\Local\dxhr
2013-08-03 16:29:36    --------    d-----w-    C:\Users\Kodi\AppData\Local\28050
2013-07-31 13:14:29    280792    ----a-w-    C:\Windows\SysWow64\PnkBstrB.xtr
2013-07-31 13:14:26    --------    d-----w-    C:\Users\Kodi\AppData\Local\PunkBuster
2013-07-31 13:13:59    --------    d-----w-    C:\Users\Kodi\AppData\Local\CrashRpt
2013-07-31 13:13:41    --------    d-----w-    C:\Program Files (x86)\Microsoft Chart Controls
2013-07-31 13:12:56    280856    ----a-w-    C:\Windows\SysWow64\PnkBstrB.ex0
2013-07-31 13:12:56    280792    ----a-w-    C:\Windows\SysWow64\PnkBstrB.exe
2013-07-31 13:12:54    76888    ----a-w-    C:\Windows\SysWow64\PnkBstrA.exe
2013-07-28 08:58:32    --------    d-----w-    C:\Program Files (x86)\Guild Wars 2
2013-07-25 15:19:16    571168    ----a-w-    C:\Windows\SysWow64\nvStreaming.exe
2013-07-24 12:31:52    --------    d-----w-    C:\Users\Kodi\AppData\Roaming\NVIDIA
2013-07-19 19:39:59    4496232    ----a-w-    C:\Windows\System32\d3dx9_34.dll
2013-07-19 17:16:35    81768    ----a-w-    C:\Windows\SysWow64\xinput1_3.dll
2013-07-19 17:16:35    22360    ----a-w-    C:\Windows\SysWow64\X3DAudio1_7.dll
2013-07-19 17:16:35    1998168    ----a-w-    C:\Windows\SysWow64\D3DX9_43.dll
2013-07-19 16:50:12    --------    d-----w-    C:\Windows\System32\MRT
2013-07-19 16:46:51    --------    d-----w-    C:\Users\Kodi\AppData\Local\Macromedia
2013-07-19 16:36:37    19187712    ----a-w-    C:\Program Files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-07-19 16:36:36    18523648    ----a-w-    C:\Program Files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-07-19 16:24:00    31520    ----a-w-    C:\Windows\System32\nvhdap64.dll
2013-07-19 16:24:00    196384    ----a-w-    C:\Windows\System32\drivers\nvhda64v.sys
2013-07-19 16:23:59    387536    ----a-w-    C:\Windows\System32\nvinitx.dll
2013-07-19 16:23:59    326224    ----a-w-    C:\Windows\SysWow64\nvinit.dll
2013-07-19 16:23:59    1882912    ----a-w-    C:\Windows\System32\nvdispco6432619.dll
2013-07-19 16:23:59    1511712    ----a-w-    C:\Windows\System32\nvdispgenco6432619.dll
2013-07-19 16:23:59    1223336    ----a-w-    C:\Windows\SysWow64\nvumdshim.dll
2013-07-19 16:22:53    --------    d-----w-    C:\NVIDIA
2013-07-19 15:59:37    144384    ----a-w-    C:\Windows\System32\tssdisai.dll
2013-07-19 15:59:37    135680    ----a-w-    C:\Windows\System32\appserverai.dll
2013-07-19 15:59:37    126976    ----a-w-    C:\Windows\System32\RDWebAI.dll
2013-07-19 15:59:37    122880    ----a-w-    C:\Windows\System32\VmHostAI.dll
2013-07-19 15:59:36    148480    ----a-w-    C:\Windows\System32\poqexec.exe
2013-07-19 15:59:36    132608    ----a-w-    C:\Windows\SysWow64\poqexec.exe
2013-07-19 15:41:15    --------    d-----w-    C:\Users\Kodi\AppData\Local\Adobe
2013-07-19 15:37:46    --------    d-----w-    C:\Users\Kodi\AppData\Local\Apple Computer
2013-07-19 15:37:41    33240    ----a-w-    C:\Windows\System32\drivers\GEARAspiWDM.sys
2013-07-19 15:37:27    --------    d-----w-    C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-07-19 15:37:27    --------    d-----w-    C:\Program Files\iTunes
2013-07-19 15:37:27    --------    d-----w-    C:\Program Files\iPod
2013-07-19 15:37:27    --------    d-----w-    C:\Program Files (x86)\iTunes
2013-07-19 15:37:15    --------    d-----w-    C:\Users\Kodi\AppData\Local\Apple
2013-07-19 15:36:43    --------    d-----w-    C:\Program Files\Bonjour
2013-07-19 15:36:43    --------    d-----w-    C:\Program Files (x86)\Bonjour
2013-07-19 15:32:58    278800    ------w-    C:\Windows\System32\MpSigStub.exe
2013-07-19 15:32:20    --------    d-----w-    C:\Program Files (x86)\Common Files\Steam
2013-07-19 15:32:18    --------    d-----w-    C:\Program Files (x86)\Steam
2013-07-19 15:30:51    2035200    ----a-w-    C:\Program Files\Common Files\Microsoft Shared\ink\InkObj.dll
2013-07-19 15:29:59    71168    ----a-w-    C:\Windows\System32\WSDPrintProxy.DLL
2013-07-19 15:29:59    49152    ----a-w-    C:\Windows\System32\DevDispItemProvider.dll
2013-07-19 15:29:59    36352    ----a-w-    C:\Windows\SysWow64\DevDispItemProvider.dll
2013-07-19 15:29:59    30720    ----a-w-    C:\Windows\System32\drivers\monitor.sys
2013-07-19 15:29:59    26112    ----a-w-    C:\Windows\System32\drivers\mouhid.sys
2013-07-19 15:29:59    235008    ----a-w-    C:\Program Files\Windows NT\Accessories\WordpadFilter.dll
2013-07-19 15:29:59    195072    ----a-w-    C:\Program Files (x86)\Windows NT\Accessories\WordpadFilter.dll
2013-07-19 15:29:59    128512    ----a-w-    C:\Windows\System32\SettingSyncInfo.dll
2013-07-19 15:29:59    100864    ----a-w-    C:\Windows\SysWow64\SettingSyncInfo.dll
2013-07-19 15:29:49    1300992    ----a-w-    C:\Windows\System32\gdi32.dll
2013-07-19 15:29:49    1022464    ----a-w-    C:\Windows\SysWow64\gdi32.dll
2013-07-19 15:29:15    1838080    ----a-w-    C:\Windows\System32\DWrite.dll
2013-07-19 15:29:15    1421312    ----a-w-    C:\Windows\SysWow64\DWrite.dll
2013-07-19 15:27:24    2842112    ----a-w-    C:\Windows\System32\WMVDECOD.DLL
2013-07-19 15:27:24    2620928    ----a-w-    C:\Windows\SysWow64\WMVDECOD.DLL
2013-07-19 15:27:16    --------    d-----w-    C:\Users\Kodi\AppData\Local\softthinks
2013-07-19 15:24:54    26624    ----a-w-    C:\Windows\System32\ReAgentc.exe
2013-07-19 15:24:54    24064    ----a-w-    C:\Windows\SysWow64\ReAgentc.exe
2013-07-19 15:24:44    375808    ----a-w-    C:\Windows\SysWow64\ReAgent.dll
2013-07-19 15:24:44    2382336    ----a-w-    C:\Windows\SysWow64\esent.dll
2013-07-19 15:24:44    1011200    ----a-w-    C:\Windows\System32\reseteng.dll
2013-07-19 15:24:43    2851840    ----a-w-    C:\Windows\System32\esent.dll
2013-07-19 15:16:09    17536    ----a-w-    C:\ProgramData\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2013-07-19 15:15:43    --------    d-----w-    C:\Users\Kodi\AppData\Roaming\Intel Corporation
2013-07-19 15:14:42    --------    d-----w-    C:\Users\Kodi\AppData\Local\Conexant
2013-07-19 15:14:29    --------    d-sh--w-    C:\$RECYCLE.BIN
2013-07-19 15:14:21    --------    d-----r-    C:\Users\Kodi\Searches
2013-07-19 15:14:20    --------    d-----r-    C:\Users\Kodi\Contacts
.
==================== Find3M  ====================
.
2013-07-26 04:59:39    6601504    ----a-w-    C:\Windows\System32\nvcpl.dll
2013-07-26 04:59:39    3452704    ----a-w-    C:\Windows\System32\nvsvc64.dll
2013-07-26 04:59:35    920864    ----a-w-    C:\Windows\System32\nvvsvc.exe
2013-07-26 04:59:35    63776    ----a-w-    C:\Windows\System32\nvshext.dll
2013-07-26 04:59:35    219424    ----a-w-    C:\Windows\System32\nvmctray.dll
2013-07-22 19:12:40    3282455    ----a-w-    C:\Windows\System32\nvcoproc.bin
2013-06-27 22:04:51    78200    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-27 22:04:51    693112    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2013-06-16 22:41:31    997632    ----a-w-    C:\Windows\System32\drivers\ndis.sys
2013-06-11 23:43:37    1767936    ----a-w-    C:\Windows\SysWow64\wininet.dll
2013-06-11 23:43:00    2877440    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2013-06-11 23:26:20    2241024    ----a-w-    C:\Windows\System32\wininet.dll
2013-06-11 23:25:16    3958784    ----a-w-    C:\Windows\System32\jscript9.dll
2013-06-11 12:50:58    631808    ----a-w-    C:\Windows\System32\UserLanguagesCpl.dll
2013-06-01 11:54:16    194816    ----a-w-    C:\Windows\System32\drivers\sdbus.sys
2013-06-01 11:54:10    125184    ----a-w-    C:\Windows\System32\drivers\dumpsd.sys
2013-06-01 11:34:21    2391280    ----a-w-    C:\Windows\explorer.exe
2013-06-01 11:33:13    2233600    ----a-w-    C:\Windows\System32\drivers\tcpip.sys
2013-06-01 11:29:35    337152    ----a-w-    C:\Windows\System32\drivers\USBXHCI.SYS
2013-06-01 11:29:35    213248    ----a-w-    C:\Windows\System32\drivers\UCX01000.SYS
2013-06-01 11:26:33    327936    ----a-w-    C:\Windows\System32\drivers\volsnap.sys
2013-06-01 11:26:31    6987008    ----a-w-    C:\Windows\System32\ntoskrnl.exe
2013-06-01 10:24:46    2106176    ----a-w-    C:\Windows\SysWow64\explorer.exe
2013-06-01 09:25:52    364544    ----a-w-    C:\Windows\SysWow64\XpsGdiConverter.dll
2013-06-01 09:25:05    67584    ----a-w-    C:\Windows\SysWow64\samlib.dll
2013-06-01 09:25:03    496640    ----a-w-    C:\Windows\SysWow64\qedit.dll
2013-06-01 09:24:19    493056    ----a-w-    C:\Windows\SysWow64\mscms.dll
2013-06-01 09:24:09    850944    ----a-w-    C:\Windows\SysWow64\mfasfsrcsnk.dll
2013-06-01 09:24:09    1453568    ----a-w-    C:\Windows\SysWow64\mfcore.dll
2013-06-01 09:23:46    1842176    ----a-w-    C:\Windows\SysWow64\dwmcore.dll
2013-06-01 09:23:06    680960    ----a-w-    C:\Windows\System32\vds.exe
2013-06-01 09:22:47    80896    ----a-w-    C:\Windows\System32\MbaeParserTask.exe
2013-06-01 09:22:33    523264    ----a-w-    C:\Windows\System32\XpsGdiConverter.dll
2013-06-01 09:22:33    446976    ----a-w-    C:\Windows\System32\wwansvc.dll
2013-06-01 09:22:09    190976    ----a-w-    C:\Windows\System32\vdsutil.dll
2013-06-01 09:21:39    729600    ----a-w-    C:\Windows\System32\samsrv.dll
2013-06-01 09:21:39    106496    ----a-w-    C:\Windows\System32\samlib.dll
2013-06-01 09:21:34    595968    ----a-w-    C:\Windows\System32\qedit.dll
2013-06-01 09:20:45    583168    ----a-w-    C:\Windows\System32\mscms.dll
2013-06-01 09:20:34    1527808    ----a-w-    C:\Windows\System32\mfcore.dll
2013-06-01 09:20:34    1048576    ----a-w-    C:\Windows\System32\mfasfsrcsnk.dll
2013-06-01 09:20:04    2219520    ----a-w-    C:\Windows\System32\dwmcore.dll
2013-06-01 09:19:58    207872    ----a-w-    C:\Windows\System32\DeviceSetupManager.dll
2013-06-01 09:19:42    785408    ----a-w-    C:\Windows\System32\audiosrv.dll
2013-06-01 03:08:57    37632    ----a-w-    C:\Windows\System32\drivers\BthAvrcpTg.sys
2013-05-30 23:14:23    4036096    ----a-w-    C:\Windows\System32\win32k.sys
2013-05-24 22:09:20    1403296    ----a-w-    C:\Windows\System32\winload.efi
2013-05-24 22:09:20    1271584    ----a-w-    C:\Windows\System32\winload.exe
2013-05-24 22:09:20    1217352    ----a-w-    C:\Windows\System32\winresume.efi
2013-05-24 22:09:20    1093904    ----a-w-    C:\Windows\System32\winresume.exe
2013-05-15 22:37:03    44032    ----a-w-    C:\Windows\SysWow64\UXInit.dll
2013-05-15 22:35:49    53760    ----a-w-    C:\Windows\System32\UXInit.dll
2013-05-15 02:25:59    888320    ----a-w-    C:\Windows\System32\autochk.exe
2013-05-15 02:25:44    542208    ----a-w-    C:\Windows\System32\untfs.dll
2013-05-15 02:24:10    793088    ----a-w-    C:\Windows\SysWow64\autochk.exe
2013-05-15 02:24:01    482816    ----a-w-    C:\Windows\SysWow64\untfs.dll
2013-05-14 13:14:01    2706432    ----a-w-    C:\Windows\System32\mshtml.tlb
2013-05-14 09:23:31    2706432    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
.
============= FINISH:  2:57:54.90 ===============



 

Link to post
Share on other sites

Download OTL to your Desktop

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Please tick the Scan All users. Next, click the Quick Scan button. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.
Link to post
Share on other sites

OTL logfile created on: 8/10/2013 1:18:56 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Kodi\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.87 Gb Total Physical Memory | 2.68 Gb Available Physical Memory | 69.20% Memory free
6.00 Gb Paging File | 4.32 Gb Available in Paging File | 72.06% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 921.38 Gb Total Space | 753.42 Gb Free Space | 81.77% Space Free | Partition Type: NTFS
 
Computer Name: KODIAK | User Name: Kodi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013/08/10 01:17:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kodi\Downloads\OTL.exe
PRC - [2013/08/09 23:33:34 | 000,280,792 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2013/07/31 21:15:15 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013/07/27 16:42:15 | 001,028,896 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013/07/27 16:36:26 | 001,889,568 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013/07/27 06:46:24 | 000,563,624 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2013/07/27 06:46:22 | 001,807,272 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2013/07/25 23:19:08 | 000,414,496 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/12/21 17:18:32 | 000,980,504 | ---- | M] (Razer USA Ltd) -- C:\Program Files (x86)\Razer\Imperator\RazerImperatorSysTray.exe
PRC - [2012/11/29 00:05:52 | 004,047,208 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
PRC - [2012/11/26 13:19:48 | 000,492,904 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
PRC - [2012/11/26 13:18:54 | 001,914,728 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
PRC - [2012/09/02 09:07:22 | 000,285,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2012/09/02 09:07:22 | 000,014,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2012/07/20 02:00:54 | 000,365,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2012/07/20 02:00:52 | 000,277,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2012/07/20 02:00:28 | 000,166,720 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/06/19 17:17:30 | 000,077,824 | ---- | M] (Atheros) -- C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
PRC - [2011/10/12 07:43:16 | 000,109,184 | ---- | M] (Conexant Systems, Inc.) -- C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013/07/27 06:46:24 | 001,122,216 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2013/07/26 14:09:29 | 000,013,088 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
MOD - [2013/07/22 01:26:47 | 001,075,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\baf7ee27e655e5fac217c4d2957a17eb\System.ServiceModel.Web.ni.dll
MOD - [2013/07/22 01:12:16 | 002,959,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\69a399f4391ac030822eec29359156b1\System.IdentityModel.ni.dll
MOD - [2013/07/22 01:12:14 | 000,029,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorDataMcfeeca6f#\e95ff740f4c52eca60af5d2a3fd8cf2f\IAStorDataMgrSvcInterfaces.ni.dll
MOD - [2013/07/22 01:12:12 | 000,026,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorCommon\3baf6eefe8ca1de3ae7111a70e477255\IAStorCommon.ni.dll
MOD - [2013/07/22 01:11:54 | 000,366,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorUtil\97e4c0348d2df42b45b64984f6c45ce2\IAStorUtil.ni.dll
MOD - [2013/07/22 01:11:51 | 000,802,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\7c997aecab8a83df524e081283d66bc6\System.ServiceModel.Internals.ni.dll
MOD - [2013/07/22 01:11:51 | 000,121,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\de1d908e04221344949ab6da55aa4aba\SMDiagnostics.ni.dll
MOD - [2013/07/21 02:38:09 | 000,397,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\ea416bc5d73e3b06a0f428c74a32337d\System.Xml.Linq.ni.dll
MOD - [2013/07/21 02:38:08 | 007,566,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\a78b71db2984a6ec1cf110e4118603f3\System.Xml.ni.dll
MOD - [2013/07/21 02:38:05 | 001,880,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\05b44a1e63e3783b11917d612cf75d5f\System.Xaml.ni.dll
MOD - [2013/07/21 02:38:04 | 012,698,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\cae4b27345e2bab9e11b8c9c8ca3fe83\System.Windows.Forms.ni.dll
MOD - [2013/07/21 02:37:58 | 019,537,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\b6fd410545458d0160528c1b03e88776\System.ServiceModel.ni.dll
MOD - [2013/07/21 02:37:48 | 002,786,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\63c905a4148011c72921a8b986ab8526\System.Runtime.Serialization.ni.dll
MOD - [2013/07/21 02:37:46 | 001,156,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\cd6b8416903164862eba3d170df40c90\System.Management.ni.dll
MOD - [2013/07/21 02:37:45 | 001,631,744 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\6a84c818148c37e1585c0422cae02fb0\System.Drawing.ni.dll
MOD - [2013/07/21 02:37:40 | 000,964,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\5f9957f3dee5c7bc9f1bef69a923cf9d\System.Configuration.ni.dll
MOD - [2013/07/21 02:37:40 | 000,467,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\178b22f2da7c2497aa67a36f4edf0674\PresentationFramework.Aero2.ni.dll
MOD - [2013/07/21 02:37:39 | 018,545,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\f7eb12f973b31390974c3858523fd3cb\PresentationFramework.ni.dll
MOD - [2013/07/21 02:37:31 | 010,926,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\df2f0c372aad4d363f071625a9df28e7\PresentationCore.ni.dll
MOD - [2013/07/21 02:37:25 | 003,910,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\6531f34b3e528a70be121dee8ee129fa\WindowsBase.ni.dll
MOD - [2013/07/21 02:37:23 | 006,998,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\2753f437d6e45747bcf7077d338fd8a3\System.Core.ni.dll
MOD - [2013/07/21 02:37:19 | 009,937,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\9823be5b56f36a3be7905df81b9c3683\System.ni.dll
MOD - [2013/07/21 02:37:15 | 016,547,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\5e3a9f3d64adfb3c69b49d37368bf454\mscorlib.ni.dll
MOD - [2013/07/16 06:32:40 | 020,625,832 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2013/07/02 00:20:48 | 000,652,800 | ---- | M] () -- C:\Program Files (x86)\Steam\SDL2.dll
MOD - [2013/06/15 07:49:12 | 001,100,800 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2013/06/15 07:49:12 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2013/06/15 07:49:12 | 000,124,416 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2013/04/21 21:44:32 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013/04/21 21:44:04 | 001,242,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2013/07/27 16:50:22 | 014,984,480 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2013/06/11 20:50:47 | 000,014,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013/06/11 20:50:26 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/06/11 20:50:25 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2013/06/01 17:19:58 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/05/04 14:58:02 | 000,470,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/05/04 14:57:05 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013/04/09 12:48:42 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013/03/02 10:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/03/02 10:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2012/09/20 17:10:47 | 002,367,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2012/09/20 14:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012/07/26 11:30:05 | 002,675,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012/07/26 11:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012/07/26 11:07:42 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2012/07/26 11:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012/07/26 11:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012/07/26 11:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012/07/26 11:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012/07/26 11:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/07/26 11:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012/07/26 11:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012/07/26 11:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012/07/26 11:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012/07/26 08:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012/07/26 08:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012/07/26 08:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012/07/26 08:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012/07/26 08:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012/07/26 08:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2012/06/20 10:10:34 | 000,634,632 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2011/10/12 07:43:16 | 000,109,184 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe -- (CxUtilSvc)
SRV - [2013/08/09 23:33:34 | 000,280,792 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2013/07/31 21:15:15 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013/07/27 16:36:26 | 001,889,568 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/07/27 06:46:24 | 000,563,624 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/07/25 23:19:08 | 000,414,496 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013/07/19 23:42:04 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/06/18 22:21:21 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/03/14 05:33:30 | 000,187,912 | ---- | M] (Dell Products, LP.) [Auto | Stopped] -- c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe -- (DellDigitalDelivery)
SRV - [2012/11/26 13:18:54 | 001,914,728 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe -- (SftService)
SRV - [2012/10/06 00:12:10 | 000,277,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/09/02 09:07:22 | 000,014,904 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2012/07/26 11:30:05 | 002,675,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012/07/26 11:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012/07/20 02:00:54 | 000,365,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/20 02:00:52 | 000,277,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/07/20 02:00:28 | 000,166,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/06/19 17:17:30 | 000,077,824 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe -- (ZAtheros Wlan Agent)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013/06/16 20:38:15 | 000,196,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013/06/11 20:51:19 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/06/11 20:50:57 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013/06/11 20:50:47 | 000,230,904 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013/06/11 20:50:47 | 000,035,232 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013/06/11 20:50:33 | 000,058,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2013/06/11 20:50:31 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2013/06/11 20:50:25 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/06/11 20:50:18 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/06/11 20:50:18 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/06/01 19:54:16 | 000,194,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013/06/01 19:29:35 | 000,337,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013/06/01 19:29:35 | 000,213,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013/06/01 11:08:57 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/05/15 03:28:40 | 000,039,712 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013/05/04 15:34:17 | 000,446,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013/05/04 15:34:15 | 000,284,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013/03/02 18:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/03/02 18:45:20 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/03/02 18:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/01/19 01:27:08 | 000,448,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\nvstusb.sys -- (NvStUSB)
DRV:64bit: - [2013/01/11 19:02:34 | 000,064,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/12/10 16:50:16 | 000,011,776 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\imperator2.sys -- (imperator2)
DRV:64bit: - [2012/10/27 00:02:10 | 000,651,832 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012/10/06 00:12:34 | 009,004,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/09/20 15:55:30 | 000,120,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2012/09/20 15:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012/09/20 15:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/26 13:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/07/26 13:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012/07/26 13:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012/07/26 13:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012/07/26 13:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012/07/26 13:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012/07/26 13:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012/07/26 13:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012/07/26 13:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012/07/26 13:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012/07/26 13:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012/07/26 13:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012/07/26 13:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012/07/26 13:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012/07/26 13:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012/07/26 13:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/07/26 13:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/07/26 12:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012/07/26 12:54:34 | 000,096,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2012/07/26 12:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012/07/26 11:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/07/26 10:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012/07/26 10:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012/07/26 10:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012/07/26 10:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012/07/26 10:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012/07/26 10:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012/07/26 10:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012/07/26 10:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012/07/26 10:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012/07/26 10:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012/07/26 10:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012/07/26 10:26:57 | 000,089,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\xusb22.sys -- (xusb22)
DRV:64bit: - [2012/07/26 10:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012/07/26 10:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012/07/26 10:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/07/26 10:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012/07/26 10:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012/07/26 10:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/07/26 10:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012/07/26 10:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012/07/26 10:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012/07/26 10:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012/06/29 08:23:24 | 003,578,368 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\athw8x.sys -- (athr)
DRV:64bit: - [2012/06/23 04:57:08 | 001,583,264 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2012/06/19 23:40:50 | 000,342,528 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012/06/14 10:24:00 | 000,252,048 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2012/06/13 13:41:22 | 000,683,664 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {7EE4B2DE-7B5D-41AB-8D5B-C2F54A76D482}
IE:64bit: - HKLM\..\SearchScopes\{7EE4B2DE-7B5D-41AB-8D5B-C2F54A76D482}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MDDCJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {7EE4B2DE-7B5D-41AB-8D5B-C2F54A76D482}
IE - HKLM\..\SearchScopes\{7EE4B2DE-7B5D-41AB-8D5B-C2F54A76D482}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MDDCJS
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
 
IE - HKU\S-1-5-21-3911846515-1532461053-2334403900-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com
IE - HKU\S-1-5-21-3911846515-1532461053-2334403900-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://dell13.msn.com
IE - HKU\S-1-5-21-3911846515-1532461053-2334403900-1002\..\SearchScopes,DefaultScope = {7EE4B2DE-7B5D-41AB-8D5B-C2F54A76D482}
IE - HKU\S-1-5-21-3911846515-1532461053-2334403900-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3911846515-1532461053-2334403900-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.7
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK
 
[2013/07/19 23:25:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kodi\AppData\Roaming\Mozilla\Extensions
[2013/08/08 23:56:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kodi\AppData\Roaming\Mozilla\Firefox\Profiles\b5bsf214.default\extensions
[2013/08/08 23:56:18 | 000,534,178 | ---- | M] () (No name found) -- C:\Users\Kodi\AppData\Roaming\Mozilla\Firefox\Profiles\b5bsf214.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2013/07/19 23:25:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/07/19 23:25:25 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
O1 HOSTS File: ([2012/07/26 13:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\CONEXANT\cAudioFilterAgent\caudiofilteragent64.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [smartAudio] C:\Program Files\CONEXANT\SA3\SACpl.exe (Conexant Systems, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [iMSS] C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe (Intel Corporation)
O4 - HKLM..\Run: [Razer Imperator Driver] C:\Program Files (x86)\Razer\Imperator\RazerImperatorSysTray.exe (Razer USA Ltd)
O4 - HKU\S-1-5-21-3911846515-1532461053-2334403900-1002..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKU\S-1-5-21-3911846515-1532461053-2334403900-1002..\Run: [steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 202.65.242.50 202.65.242.46 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1FCBB6AE-3ADD-450E-8C7D-7EE9E0C15B43}: DhcpNameServer = 10.101.101.100 163.244.101.69 163.244.100.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4A11A9AA-DAEC-4083-AA9A-780835142253}: DhcpNameServer = 202.65.242.50 202.65.242.46 192.168.1.1
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~1\NVIDIA~1\NVSTRE~1\rxinput.dll) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll) - C:\Program Files (x86)\NVIDIA Corporation\NvStreamSrv\rxinput.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/08/09 01:06:28 | 000,000,000 | ---D | C] -- C:\Users\Kodi\Desktop\animated kodiak
[2013/08/05 22:59:27 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\NV
[2013/08/05 22:59:27 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\NV
[2013/08/05 22:36:24 | 000,000,000 | ---D | C] -- C:\NvidiaLogging
[2013/08/05 22:35:42 | 000,000,000 | ---D | C] -- C:\Users\Kodi\AppData\Local\NVIDIA
[2013/08/05 20:13:42 | 000,000,000 | ---D | C] -- C:\Users\Kodi\AppData\Roaming\Malwarebytes
[2013/08/05 20:13:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/08/05 20:13:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/08/05 20:13:27 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/08/05 20:13:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/08/05 20:13:01 | 000,000,000 | ---D | C] -- C:\Users\Kodi\AppData\Local\Programs
[2013/08/05 19:01:17 | 000,000,000 | ---D | C] -- C:\Users\Kodi\AppData\Local\CAPCOM
[2013/08/04 15:33:50 | 000,000,000 | ---D | C] -- C:\Users\Kodi\AppData\Local\ElevatedDiagnostics
[2013/08/04 00:30:29 | 000,000,000 | ---D | C] -- C:\Users\Kodi\AppData\Local\dxhr
[2013/08/04 00:29:36 | 000,000,000 | ---D | C] -- C:\Users\Kodi\AppData\Local\28050
[2013/07/31 21:14:26 | 000,000,000 | ---D | C] -- C:\Users\Kodi\AppData\Local\PunkBuster
[2013/07/31 21:13:59 | 000,000,000 | ---D | C] -- C:\Users\Kodi\AppData\Local\CrashRpt
[2013/07/31 21:13:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Chart Controls
[2013/07/28 16:58:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2
[2013/07/28 16:58:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Guild Wars 2
[2013/07/28 16:58:00 | 000,000,000 | ---D | C] -- C:\Users\Kodi\Documents\Guild Wars 2
[2013/07/26 23:28:53 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\stalker-shoc
[2013/07/24 20:31:52 | 000,000,000 | ---D | C] -- C:\Users\Kodi\AppData\Roaming\NVIDIA
[2013/07/21 02:55:55 | 000,000,000 | ---D | C] -- C:\Users\Kodi\Documents\CAPCOM
[2013/07/20 14:07:00 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2013/07/20 01:13:46 | 000,000,000 | ---D | C] -- C:\Users\Kodi\Documents\my games
[2013/07/20 00:50:12 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2013/07/20 00:46:51 | 000,000,000 | ---D | C] -- C:\Users\Kodi\AppData\Local\Macromedia
[2013/07/20 00:43:43 | 000,000,000 | ---D | C] -- C:\Users\Kodi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2013/07/20 00:26:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2013/07/20 00:25:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2013/07/20 00:22:53 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2013/07/19 23:57:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
[2013/07/19 23:57:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Razer
[2013/07/19 23:41:15 | 000,000,000 | ---D | C] -- C:\Users\Kodi\AppData\Local\Adobe
[2013/07/19 23:37:46 | 000,000,000 | ---D | C] -- C:\Users\Kodi\AppData\Roaming\Apple Computer
[2013/07/19 23:37:46 | 000,000,000 | ---D | C] -- C:\Users\Kodi\AppData\Local\Apple Computer
[2013/07/19 23:37:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/07/19 23:37:41 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2013/07/19 23:37:27 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/07/19 23:37:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013/07/19 23:37:27 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/07/19 23:37:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2013/07/19 23:37:27 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013/07/19 23:37:15 | 000,000,000 | ---D | C] -- C:\Users\Kodi\AppData\Local\Apple
[2013/07/19 23:37:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2013/07/19 23:36:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2013/07/19 23:36:43 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2013/07/19 23:36:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2013/07/19 23:36:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2013/07/19 23:36:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2013/07/19 23:32:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2013/07/19 23:32:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2013/07/19 23:32:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2013/07/19 23:27:16 | 000,000,000 | ---D | C] -- C:\Users\Kodi\AppData\Local\softthinks
[2013/07/19 23:25:40 | 000,000,000 | ---D | C] -- C:\Users\Kodi\AppData\Roaming\Mozilla
[2013/07/19 23:25:40 | 000,000,000 | ---D | C] -- C:\Users\Kodi\AppData\Local\Mozilla
[2013/07/19 23:25:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013/07/19 23:25:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013/07/19 23:25:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/07/19 23:15:43 | 000,000,000 | ---D | C] -- C:\Users\Kodi\AppData\Roaming\Intel Corporation
[2013/07/19 23:14:42 | 000,000,000 | ---D | C] -- C:\Users\Kodi\AppData\Local\Conexant
[2013/07/19 23:14:29 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/07/19 23:14:21 | 000,000,000 | R--D | C] -- C:\Users\Kodi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013/07/19 23:14:21 | 000,000,000 | R--D | C] -- C:\Users\Kodi\Searches
[2013/07/19 23:14:21 | 000,000,000 | R--D | C] -- C:\Users\Kodi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013/07/19 23:14:20 | 000,000,000 | R--D | C] -- C:\Users\Kodi\Contacts
[2013/07/19 23:14:20 | 000,000,000 | -H-D | C] -- C:\Users\Kodi\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2013/07/19 23:14:02 | 000,000,000 | ---D | C] -- C:\Users\Kodi\AppData\Roaming\Macromedia
[2013/07/19 23:14:02 | 000,000,000 | ---D | C] -- C:\Users\Kodi\AppData\Roaming\Adobe
[2013/07/19 23:13:30 | 000,000,000 | ---D | C] -- C:\Users\Kodi\AppData\Local\VirtualStore
[2013/07/19 23:13:28 | 000,000,000 | ---D | C] -- C:\Users\Kodi\AppData\Local\Packages
[2013/07/19 23:13:27 | 000,000,000 | -HSD | C] -- C:\Users\Kodi\AppData\Local\Temporary Internet Files
[2013/07/19 23:13:27 | 000,000,000 | -HSD | C] -- C:\Users\Kodi\Templates
[2013/07/19 23:13:27 | 000,000,000 | -HSD | C] -- C:\Users\Kodi\Start Menu
[2013/07/19 23:13:27 | 000,000,000 | -HSD | C] -- C:\Users\Kodi\SendTo
[2013/07/19 23:13:27 | 000,000,000 | -HSD | C] -- C:\Users\Kodi\Recent
[2013/07/19 23:13:27 | 000,000,000 | -HSD | C] -- C:\Users\Kodi\PrintHood
[2013/07/19 23:13:27 | 000,000,000 | -HSD | C] -- C:\Users\Kodi\NetHood
[2013/07/19 23:13:27 | 000,000,000 | -HSD | C] -- C:\Users\Kodi\Documents\My Videos
[2013/07/19 23:13:27 | 000,000,000 | -HSD | C] -- C:\Users\Kodi\Documents\My Pictures
[2013/07/19 23:13:27 | 000,000,000 | -HSD | C] -- C:\Users\Kodi\Documents\My Music
[2013/07/19 23:13:27 | 000,000,000 | -HSD | C] -- C:\Users\Kodi\My Documents
[2013/07/19 23:13:27 | 000,000,000 | -HSD | C] -- C:\Users\Kodi\Local Settings
[2013/07/19 23:13:27 | 000,000,000 | -HSD | C] -- C:\Users\Kodi\AppData\Local\History
[2013/07/19 23:13:27 | 000,000,000 | -HSD | C] -- C:\Users\Kodi\Cookies
[2013/07/19 23:13:27 | 000,000,000 | -HSD | C] -- C:\Users\Kodi\Application Data
[2013/07/19 23:13:27 | 000,000,000 | -HSD | C] -- C:\Users\Kodi\AppData\Local\Application Data
[2013/07/19 23:13:26 | 000,000,000 | --SD | C] -- C:\Users\Kodi\AppData\Roaming\Microsoft
[2013/07/19 23:13:26 | 000,000,000 | R--D | C] -- C:\Users\Kodi\Videos
[2013/07/19 23:13:26 | 000,000,000 | R--D | C] -- C:\Users\Kodi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2013/07/19 23:13:26 | 000,000,000 | R--D | C] -- C:\Users\Kodi\Saved Games
[2013/07/19 23:13:26 | 000,000,000 | R--D | C] -- C:\Users\Kodi\Pictures
[2013/07/19 23:13:26 | 000,000,000 | R--D | C] -- C:\Users\Kodi\Music
[2013/07/19 23:13:26 | 000,000,000 | R--D | C] -- C:\Users\Kodi\Links
[2013/07/19 23:13:26 | 000,000,000 | R--D | C] -- C:\Users\Kodi\Favorites
[2013/07/19 23:13:26 | 000,000,000 | R--D | C] -- C:\Users\Kodi\Downloads
[2013/07/19 23:13:26 | 000,000,000 | R--D | C] -- C:\Users\Kodi\Documents
[2013/07/19 23:13:26 | 000,000,000 | R--D | C] -- C:\Users\Kodi\Desktop
[2013/07/19 23:13:26 | 000,000,000 | R--D | C] -- C:\Users\Kodi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013/07/19 23:13:26 | 000,000,000 | R--D | C] -- C:\Users\Kodi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2013/07/19 23:13:26 | 000,000,000 | -H-D | C] -- C:\Users\Kodi\AppData
[2013/07/19 23:13:26 | 000,000,000 | ---D | C] -- C:\Users\Kodi\AppData\Local\Temp
[2013/07/19 23:13:26 | 000,000,000 | ---D | C] -- C:\Users\Kodi\AppData\Local\Microsoft
[2013/07/19 23:13:26 | 000,000,000 | ---D | C] -- C:\Users\Kodi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013/08/10 00:45:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/08/09 23:33:34 | 000,280,792 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013/08/09 23:33:34 | 000,280,792 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013/08/09 23:32:51 | 000,280,856 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2013/08/09 23:10:27 | 000,850,046 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/08/09 23:10:27 | 000,719,214 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/08/09 23:10:27 | 000,133,078 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/08/09 23:05:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/08/09 23:03:38 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013/08/09 23:03:36 | 3328,204,800 | -HS- | M] () -- C:\hiberfil.sys
[2013/08/09 01:24:25 | 000,225,694 | ---- | M] () -- C:\Users\Kodi\Desktop\pp3.png
[2013/08/05 22:55:02 | 000,002,139 | ---- | M] () -- C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
[2013/08/05 20:13:33 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/08/05 18:32:59 | 000,000,221 | ---- | M] () -- C:\Users\Kodi\Desktop\Devil May Cry 4.url
[2013/08/03 20:57:59 | 000,000,221 | ---- | M] () -- C:\Users\Kodi\Desktop\Borderlands 2.url
[2013/07/31 21:15:15 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013/07/31 16:28:58 | 000,000,222 | ---- | M] () -- C:\Users\Kodi\Desktop\Strike Suit Infinity.url
[2013/07/31 00:07:46 | 000,166,661 | ---- | M] () -- C:\Users\Kodi\Desktop\pp2.png
[2013/07/28 16:58:32 | 000,000,938 | ---- | M] () -- C:\Users\Public\Desktop\Guild Wars 2.lnk
[2013/07/27 16:13:38 | 000,000,222 | ---- | M] () -- C:\Users\Kodi\Desktop\DmC Devil May Cry.url
[2013/07/26 23:26:03 | 000,000,221 | ---- | M] () -- C:\Users\Kodi\Desktop\Rising StormRed Orchestra 2 Multiplayer.url
[2013/07/26 22:36:09 | 000,264,148 | ---- | M] () -- C:\Users\Kodi\Desktop\pp.jpg
[2013/07/26 21:20:38 | 000,000,220 | ---- | M] () -- C:\Users\Kodi\Desktop\S.T.A.L.K.E.R. Shadow of Chernobyl.url
[2013/07/26 14:09:29 | 000,022,581 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2013/07/23 03:12:40 | 003,282,455 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
[2013/07/21 18:03:50 | 000,000,219 | ---- | M] () -- C:\Users\Kodi\Desktop\Counter-Strike Global Offensive.url
[2013/07/20 21:19:37 | 000,000,222 | ---- | M] () -- C:\Users\Kodi\Desktop\Resident Evil 6  Biohazard 6.url
[2013/07/20 16:10:41 | 000,000,220 | ---- | M] () -- C:\Users\Kodi\Desktop\Killing Floor.url
[2013/07/20 15:59:36 | 000,000,222 | ---- | M] () -- C:\Users\Kodi\Desktop\Torchlight II.url
[2013/07/20 02:37:58 | 000,000,222 | ---- | M] () -- C:\Users\Kodi\Desktop\XCOM Enemy Unknown.url
[2013/07/20 00:43:43 | 000,000,222 | ---- | M] () -- C:\Users\Kodi\Desktop\Kerbal Space Program.url
[2013/07/20 00:33:04 | 000,283,248 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/07/19 23:37:45 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/07/19 23:32:20 | 000,000,919 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2013/07/19 23:25:34 | 000,001,153 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/07/19 23:23:13 | 000,001,430 | ---- | M] () -- C:\Users\Kodi\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/08/09 01:23:19 | 000,225,694 | ---- | C] () -- C:\Users\Kodi\Desktop\pp3.png
[2013/08/05 22:55:02 | 000,002,139 | ---- | C] () -- C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
[2013/08/05 20:13:33 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/08/05 18:32:59 | 000,000,221 | ---- | C] () -- C:\Users\Kodi\Desktop\Devil May Cry 4.url
[2013/08/03 20:57:59 | 000,000,221 | ---- | C] () -- C:\Users\Kodi\Desktop\Borderlands 2.url
[2013/07/31 21:14:29 | 000,280,792 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013/07/31 21:12:56 | 000,280,856 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2013/07/31 21:12:56 | 000,280,792 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013/07/31 21:12:54 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013/07/31 16:28:58 | 000,000,222 | ---- | C] () -- C:\Users\Kodi\Desktop\Strike Suit Infinity.url
[2013/07/31 00:07:46 | 000,166,661 | ---- | C] () -- C:\Users\Kodi\Desktop\pp2.png
[2013/07/28 16:58:32 | 000,000,938 | ---- | C] () -- C:\Users\Public\Desktop\Guild Wars 2.lnk
[2013/07/27 16:13:38 | 000,000,222 | ---- | C] () -- C:\Users\Kodi\Desktop\DmC Devil May Cry.url
[2013/07/26 23:26:03 | 000,000,221 | ---- | C] () -- C:\Users\Kodi\Desktop\Rising StormRed Orchestra 2 Multiplayer.url
[2013/07/26 22:36:09 | 000,264,148 | ---- | C] () -- C:\Users\Kodi\Desktop\pp.jpg
[2013/07/26 21:20:38 | 000,000,220 | ---- | C] () -- C:\Users\Kodi\Desktop\S.T.A.L.K.E.R. Shadow of Chernobyl.url
[2013/07/21 18:03:50 | 000,000,219 | ---- | C] () -- C:\Users\Kodi\Desktop\Counter-Strike Global Offensive.url
[2013/07/20 21:19:37 | 000,000,222 | ---- | C] () -- C:\Users\Kodi\Desktop\Resident Evil 6  Biohazard 6.url
[2013/07/20 16:10:41 | 000,000,220 | ---- | C] () -- C:\Users\Kodi\Desktop\Killing Floor.url
[2013/07/20 15:59:36 | 000,000,222 | ---- | C] () -- C:\Users\Kodi\Desktop\Torchlight II.url
[2013/07/20 14:06:56 | 3328,204,800 | -HS- | C] () -- C:\hiberfil.sys
[2013/07/20 02:37:58 | 000,000,222 | ---- | C] () -- C:\Users\Kodi\Desktop\XCOM Enemy Unknown.url
[2013/07/20 00:43:43 | 000,000,222 | ---- | C] () -- C:\Users\Kodi\Desktop\Kerbal Space Program.url
[2013/07/20 00:38:02 | 000,386,642 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2013/07/20 00:33:00 | 000,283,248 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/07/19 23:42:04 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/07/19 23:37:45 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/07/19 23:37:14 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2013/07/19 23:32:20 | 000,000,919 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2013/07/19 23:25:34 | 000,001,165 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/07/19 23:25:34 | 000,001,153 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/07/19 23:23:13 | 000,001,430 | ---- | C] () -- C:\Users\Kodi\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/07/19 23:14:18 | 000,001,436 | ---- | C] () -- C:\Users\Kodi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013/07/19 23:13:26 | 000,000,352 | ---- | C] () -- C:\Users\Kodi\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013/07/19 23:13:26 | 000,000,334 | ---- | C] () -- C:\Users\Kodi\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2013/06/11 20:34:34 | 000,856,724 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/06/11 20:08:01 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2012/10/06 00:12:28 | 000,598,780 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
[2012/10/06 00:12:22 | 000,755,048 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
[2012/10/06 00:12:10 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/07/26 16:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2012/07/26 16:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2012/07/26 15:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2012/07/26 09:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2012/07/26 04:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012/07/26 04:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2012/06/20 09:52:42 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2012/06/02 22:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
 
========== ZeroAccess Check ==========
 
[2013/07/20 03:39:41 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/03/06 14:31:28 | 019,758,592 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/03/06 13:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/26 11:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/26 11:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/26 11:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
 
========== Purity Check ==========
 
 

< End of report >



OTL Extras logfile created on: 8/10/2013 1:18:56 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Kodi\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.87 Gb Total Physical Memory | 2.68 Gb Available Physical Memory | 69.20% Memory free
6.00 Gb Paging File | 4.32 Gb Available in Paging File | 72.06% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 921.38 Gb Total Space | 753.42 Gb Free Space | 81.77% Space Free | Partition Type: NTFS
 
Computer Name: KODIAK | User Name: Kodi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-3911846515-1532461053-2334403900-1002\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07A8FF1A-A3C8-4A97-AF7E-B58067D0408F}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{290CB167-DB59-40D5-844E-2397F31F6F54}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{3237EF89-17CB-45A9-92E5-0040F9E8B1BF}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{48AE6D6A-1B9F-4577-B080-3FF345D496EE}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{4A968CE1-50DD-43CD-847C-DB1422801EBB}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{752179AC-7703-4F3D-A643-6E8084B3BC0D}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{763EF676-2761-4254-8AE2-72ED0D25B939}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{8CFA90EE-C7BE-4201-8401-9FCD4B717DA6}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{C3421B81-C897-42FC-A330-78529E0E0FB0}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{EE4DDCA5-C7EB-4350-8FB6-50AD2714A6ED}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{0758A057-2A49-4B60-963F-FDE82E7B4708}" = protocol=6 | dir=in | app=c:\users\kodi\appdata\local\temp\gw2.exe |
"{0C4F589B-484D-49BB-8696-C637FAB3D28D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |

"{136C18FF-F94A-4297-92CE-F2D3ABAD218E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight ii\modlauncher.exe |
"{14C09D13-C317-4DDA-9B6F-BC75B2851735}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\stalker shadow of chernobyl\bin\xr_3da.exe |
"{168ACD65-A851-4459-8CF8-A7A346BEF645}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame.exe |
"{1AC0A54A-014D-4681-BB11-B598003C0917}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{27A6F3C6-CC52-4E67-855A-1C449A12B086}" = dir=in | name=ebay |
"{2A0427C6-FD6B-4FB7-B482-C50B26300C2A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\resident evil 6\bh6.exe |
"{2E6A2716-28FF-4E85-8E0B-76F82AC6A1F3}" = dir=in | name=skype |
"{33DA0258-5423-4630-B517-AA6216DAF9F9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\resident evil 6\bh6.exe |
"{34427275-30EF-4249-AEFE-6B65B52C4C61}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\devil may cry 3\gpadcfg.exe |
"{3807C55F-B9B6-4A4A-8848-BF19BF537D96}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\stalker shadow of chernobyl\bin\xr_3da.exe |
"{38E8C32C-D943-4B6D-92D2-2A458CF2CAAB}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{393D80F2-6FA5-4299-82D7-51208583478A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\red orchestra 2\binaries\win32\rogame.exe |

"{3EDF6EF9-14A0-4991-B789-54732D720E51}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{4557F58C-48CD-41BF-BF1E-22EBE710D6CC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\devil may cry 4\devilmaycry4_dx10.exe |
"{47435780-50B6-4817-8C22-4B9BF57425E2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\strike suit infinity\pc\main\binary\ssz.exe |
"{49EC63DE-EF95-4C0D-B695-2A9FBC345BCA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |


"{4E7B7FF0-0B45-4B85-9AC0-31F3154CF950}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\strike suit infinity\pc\main\binary\ssz.exe |

"{5207F9ED-C42F-40C6-A786-3BC86DBF4C53}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\deus ex - human revolution\dxhr.exe |

"{5794149A-3BC3-474F-967F-9A7743B4F777}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5E073E30-4992-4BF4-8310-85E7DD269A34}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{6551F453-7614-40A0-82A2-A2BBAEAE7409}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |

"{6857D953-FAF3-4B29-A145-F94865C8AA62}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\devil may cry 4\devilmaycry4_dx9.exe |
"{688A40B3-0A62-4296-866F-DA4891286AB3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{6C867C96-8B5E-4F92-B818-3B280475150C}" = protocol=17 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe |

"{786FF944-EE87-4358-8964-5566A64966D0}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |

"{7D232A77-E935-44AC-90E9-9A911DFEAA36}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame.exe |
"{7DA530EA-5DE0-4D6B-BB57-A27E81265F13}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |

"{8743CC0B-AF2F-45DB-9E8A-07BC63C923FE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe |

"{88C603EA-A138-47F0-9AC4-97041AD3FA6D}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |



"{8FD16437-C161-48C5-8FDA-3DDED8B63C78}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\devil may cry 4\devilmaycry4_dx9.exe |
"{90BDB60F-E3A3-4359-BBD4-5722083778A4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\devil may cry 3\dmc3se.exe |
"{92FFA26D-74FA-4A75-90CC-99BEF23C4E1E}" = protocol=17 | dir=in | app=c:\users\kodi\appdata\local\temp\gw2.exe |
"{9AEFCA20-30AB-4786-9A6B-825582361739}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A200CB52-65A6-462F-9ED6-0DAD721D458F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\deus ex - human revolution\dxhr.exe |
"{AB7F2B42-64D4-4064-B1B7-B2700FABAB1A}" = protocol=6 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe |

"{AC844F84-31B4-41D5-8489-C882866BC368}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{B56A33EA-8B0D-4DD1-8CFC-A58DFDA94754}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe |
"{B6E78E0D-13DC-4B43-9F3F-BE37B4D5B39A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\devil may cry 4\devilmaycry4_dx10.exe |
"{B81FE52F-275B-455A-B877-FA4D614545C4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\kerbal space program\ksp.exe |
"{B8A2D762-00B1-465F-BFC4-6EFA953A0E4F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\red orchestra 2\binaries\win32\rogame.exe |
"{B9C60E45-4E98-4415-8CFB-66FB99716CE2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"{C2C682A8-8200-4DC3-A3F5-F6315E745AA6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{C31F237D-3FF9-42CB-9B3E-15DD84DE9541}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight ii\modlauncher.exe |
"{C91BCF30-B191-4A2F-9415-67E7662BA659}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{CC24FDDF-1718-4313-AA66-8DAF8AA2CC2B}" = dir=out | name=skype |
"{D361E32E-7E7A-4161-97BD-1607340E32A0}" = dir=out | name=ebay |

"{DEC60106-497D-4F6D-BE66-200CB2BD60DE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\devil may cry 3\dmc3se.exe |
"{E0D00452-083A-4AA9-8FC6-F4F200C9B294}" = dir=out | name=mcafee security advisor for dell |
"{E7194762-BB0D-4614-9559-8E970671874A}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |

"{EE03BA12-18F3-4F26-B33E-12BD86DEA684}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{EE5BD178-78B8-4131-B71D-5CF8226612CE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\devil may cry 3\gpadcfg.exe |
"{EFC58851-8EF1-48DF-811E-735C1667994B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{F87E29AB-6FEE-4373-B5EC-9527E36A3200}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |

"{FDDD3C24-B0B3-4B28-82C1-97FE31523481}" = dir=out | name=windows_ie_ac_001 |
"{FE70C9C7-D5BB-4FF8-AFC5-66AA3D503A4E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\kerbal space program\ksp.exe |
"TCP Query User{71570594-B875-4F7D-B4B5-1F57A9603956}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe |
"TCP Query User{EFB5516F-547D-42A5-AF01-8C86F3C64746}C:\users\kodi\appdata\local\temp\gw2.exe" = protocol=6 | dir=in | app=c:\users\kodi\appdata\local\temp\gw2.exe |
"UDP Query User{3616D2D0-A440-4F82-BB74-59E6C6B2512C}C:\users\kodi\appdata\local\temp\gw2.exe" = protocol=17 | dir=in | app=c:\users\kodi\appdata\local\temp\gw2.exe |
"UDP Query User{8DE2E696-3F73-44E9-900B-47816ABB5B25}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{76FF0F03-B707-4332-B5D1-A56C8303514E}" = iTunes
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{977D1ABF-4089-4CA7-BA33-CC75808B7ACE}" = Intel® Trusted Connect Service Client
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 326.41
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 326.41
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 326.41
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.6
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 326.41
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.13.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 7.2.17
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.26.4
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.1
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F7A70D00-F283-45C8-B163-49EC365D7E27}" = DSC/AA Factory Installer
"CNXT_AUDIO_HDA" = Conexant SmartAudio HD
"PC-Doctor for Windows" = Dell Support Center
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell Backup and Recovery
"{18272881-CFC0-434D-A975-E5BE44206AA0}" = Windows Live UX Platform Language Pack
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{3282FBE1-35FC-48D8-98CA-115A5EF1F9B4}" = NVIDIA PhysX
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{41785C66-90F2-40CE-8CB5-1C94BFC97280}" = Microsoft Chart Controls for Microsoft .NET Framework 3.5
"{451517F1-7E41-400B-AA36-FB7E2563526D}" = Dell Wireless Driver Installation
"{4B3230C5-F069-416B-9169-1B84A216ED6A}" = Dell Digital Delivery
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{5BABDA39-61CF-41EE-992D-4054B6649A9B}" = Movie Maker
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{90150000-0138-0409-0000-0000000FF1CE}" = Microsoft Office
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell Backup and Recovery - Support Software
"{C034A6F9-6569-491B-B3BF-F5D15221A708}" = Windows Live Essentials
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{D07E7975-D5F0-43C4-A3C1-0007CD6182EE}" = Razer Imperator
"{D888F114-7537-4D48-AF03-5DA9C82D7540}" = Photo Common
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{FC6C7107-7D72-41A1-A031-3CE751159BAB}" = Photo Gallery
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Guild Wars 2" = Guild Wars 2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Mozilla Firefox 22.0 (x86 en-US)" = Mozilla Firefox 22.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PunkBusterSvc" = PunkBuster Services
"Steam App 1250" = Killing Floor
"Steam App 200510" = XCOM: Enemy Unknown
"Steam App 200710" = Torchlight II
"Steam App 220200" = Kerbal Space Program
"Steam App 220440" = DmC Devil May Cry
"Steam App 221040" = Resident Evil 6 / Biohazard 6
"Steam App 234160" = Strike Suit Infinity
"Steam App 28050" = Deus Ex: Human Revolution
"Steam App 35450" = Rising Storm/Red Orchestra 2 Multiplayer
"Steam App 4500" = S.T.A.L.K.E.R.: Shadow of Chernobyl
"Steam App 45700" = Devil May Cry 4
"Steam App 49520" = Borderlands 2
"Steam App 6550" = Devil May Cry 3: Special Edition
"Steam App 730" = Counter-Strike: Global Offensive
"WinLiveSuite" = Windows Live Essentials
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 8/5/2013 10:55:16 AM | Computer Name = Kodiak | Source = NvStreamSvc | ID = 131073
Description =
 
Error - 8/5/2013 10:55:17 AM | Computer Name = Kodiak | Source = NvStreamSvc | ID = 131073
Description =
 
Error - 8/5/2013 10:59:31 AM | Computer Name = Kodiak | Source = NvStreamSvc | ID = 131073
Description =
 
Error - 8/5/2013 10:59:32 AM | Computer Name = Kodiak | Source = NvStreamSvc | ID = 131073
Description =
 
Error - 8/5/2013 1:16:05 PM | Computer Name = Kodiak | Source = NvStreamSvc | ID = 131073
Description =
 
Error - 8/5/2013 1:16:11 PM | Computer Name = Kodiak | Source = NvStreamSvc | ID = 131073
Description =
 
Error - 8/6/2013 5:47:48 AM | Computer Name = Kodiak | Source = NvStreamSvc | ID = 131073
Description =
 
Error - 8/6/2013 5:47:54 AM | Computer Name = Kodiak | Source = NvStreamSvc | ID = 131073
Description =
 
Error - 8/6/2013 7:02:30 AM | Computer Name = Kodiak | Source = NvStreamSvc | ID = 131073
Description =
 
Error - 8/6/2013 7:02:33 AM | Computer Name = Kodiak | Source = NvStreamSvc | ID = 131073
Description =
 
[ System Events ]
Error - 7/19/2013 12:53:50 PM | Computer Name = Kodiak | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
 with error 0x80070103: Intel Corporation - Graphics Adapter WDDM1.1, Graphics Adapter
 WDDM1.2 - Intel® HD Graphics.
 
Error - 7/19/2013 12:56:23 PM | Computer Name = Kodiak | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
 with error 0x80070103: Intel Corporation - Graphics Adapter WDDM1.1, Graphics Adapter
 WDDM1.2 - Intel® HD Graphics.
 
Error - 7/19/2013 4:44:00 PM | Computer Name = Kodiak | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
 response from the SftService service.
 
Error - 7/20/2013 3:38:57 AM | Computer Name = Kodiak | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
 response from the SftService service.
 
Error - 7/23/2013 7:09:40 AM | Computer Name = Kodiak | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
 response from the SftService service.
 
Error - 7/27/2013 8:59:19 AM | Computer Name = Kodiak | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
 response from the SftService service.
 
Error - 7/29/2013 4:47:15 AM | Computer Name = Kodiak | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
 response from the SftService service.
 
Error - 7/30/2013 10:16:13 AM | Computer Name = Kodiak | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
 response from the SftService service.
 
Error - 7/31/2013 4:08:44 AM | Computer Name = Kodiak | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Steam
 Client Service service to connect.
 
Error - 7/31/2013 4:08:44 AM | Computer Name = Kodiak | Source = Service Control Manager | ID = 7000
Description = The Steam Client Service service failed to start due to the following
 error:   %%1053
 
 
< End of report >


 

Link to post
Share on other sites

Note: Please do not run this tool without special supervision and instructions of someone authorized to do so. Otherwise, you could end up with serious problems. For more details, read this article: ComboFix usage, Questions, Help? - Look here

Please visit this webpage and read the ComboFix User's Guide:

  • Once you've read the article and are ready to use the program you can download it directly from the link below.
  • Important! - Please make sure you save combofix to your desktop and do not run it from your browser
  • Direct download link for: ComboFix.exe
  • Please make sure you disable your security applications before running ComboFix.
  • Once Combofix has completed it will produce and open a log file. Please be patient as it can take some time to load.
  • Please copy/paste the contents or attach that log file to your next reply.
  • If needed the file can be located here: C:\combofix.txt
  • NOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer.
Link to post
Share on other sites

ComboFix 13-08-09.02 - Kodi 08/10/2013  20:44:09.1.4 - x64
Microsoft Windows 8  6.2.9200.0.1252.1.1033.18.3968.2759 [GMT 8:00]
Running from: c:\users\Kodi\Downloads\ComboFix.exe
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
.
.
(((((((((((((((((((((((((   Files Created from 2013-07-10 to 2013-08-10  )))))))))))))))))))))))))))))))
.
.
2013-08-10 09:51 . 2013-07-01 17:34    9460976    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{9034D71C-D2AC-4ACB-AC0A-68E75936B083}\mpengine.dll
2013-08-05 14:59 . 2013-08-05 14:59    --------    d-----w-    c:\windows\SysWow64\NV
2013-08-05 14:59 . 2013-08-05 14:59    --------    d-----w-    c:\windows\system32\NV
2013-08-05 14:53 . 2013-08-05 14:53    --------    d-----w-    c:\windows\LastGood.Tmp
2013-08-05 14:36 . 2013-08-05 14:36    --------    d-----w-    C:\NvidiaLogging
2013-08-05 14:35 . 2013-05-14 19:28    39712    ----a-w-    c:\windows\system32\drivers\nvvad64v.sys
2013-08-05 14:35 . 2013-05-14 19:27    29984    ----a-w-    c:\windows\system32\nvaudcap64v.dll
2013-08-05 14:35 . 2013-05-14 19:27    28448    ----a-w-    c:\windows\SysWow64\nvaudcap32v.dll
2013-08-05 12:13 . 2013-08-05 12:13    --------    d-----w-    c:\programdata\Malwarebytes
2013-08-05 12:13 . 2013-08-05 12:13    --------    d-----w-    c:\program files (x86)\Malwarebytes' Anti-Malware
2013-08-05 12:13 . 2013-04-04 06:50    25928    ----a-w-    c:\windows\system32\drivers\mbam.sys
2013-07-31 13:14 . 2013-08-10 11:31    280792    ----a-w-    c:\windows\SysWow64\PnkBstrB.xtr
2013-07-31 13:13 . 2013-07-31 13:13    --------    d-----w-    c:\program files (x86)\Microsoft Chart Controls
2013-07-31 13:12 . 2013-08-10 11:31    280792    ----a-w-    c:\windows\SysWow64\PnkBstrB.exe
2013-07-31 13:12 . 2013-08-10 11:30    280856    ----a-w-    c:\windows\SysWow64\PnkBstrB.ex0
2013-07-31 13:12 . 2013-07-31 13:15    76888    ----a-w-    c:\windows\SysWow64\PnkBstrA.exe
2013-07-28 08:58 . 2013-07-28 08:58    --------    d-----w-    c:\program files (x86)\Guild Wars 2
2013-07-25 15:19 . 2013-07-25 15:19    571168    ----a-w-    c:\windows\SysWow64\nvStreaming.exe
2013-07-20 06:07 . 2013-07-20 06:07    --------    d--h--r-    c:\users\Public\AccountPictures
2013-07-19 19:39 . 2007-05-16 08:45    4496232    ----a-w-    c:\windows\system32\d3dx9_34.dll
2013-07-19 17:16 . 2010-05-26 03:41    1998168    ----a-w-    c:\windows\SysWow64\D3DX9_43.dll
2013-07-19 17:16 . 2010-02-04 02:01    22360    ----a-w-    c:\windows\SysWow64\X3DAudio1_7.dll
2013-07-19 17:16 . 2007-04-04 10:53    81768    ----a-w-    c:\windows\SysWow64\xinput1_3.dll
2013-07-19 16:50 . 2013-07-19 16:51    --------    d-----w-    c:\windows\system32\MRT
2013-07-19 16:36 . 2013-06-21 05:04    19187712    ----a-w-    c:\program files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-07-19 16:36 . 2013-06-21 04:46    18523648    ----a-w-    c:\program files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-07-19 16:26 . 2013-07-19 16:26    --------    d-----w-    c:\program files (x86)\AGEIA Technologies
2013-07-19 16:24 . 2013-06-16 12:38    31520    ----a-w-    c:\windows\system32\nvhdap64.dll
2013-07-19 16:24 . 2013-06-16 12:38    196384    ----a-w-    c:\windows\system32\drivers\nvhda64v.sys
2013-07-19 16:23 . 2013-07-26 06:09    387536    ----a-w-    c:\windows\system32\nvinitx.dll
2013-07-19 16:23 . 2013-07-26 06:09    326224    ----a-w-    c:\windows\SysWow64\nvinit.dll
2013-07-19 16:23 . 2013-07-26 06:09    1223336    ----a-w-    c:\windows\SysWow64\nvumdshim.dll
2013-07-19 16:23 . 2013-07-14 01:17    1882912    ----a-w-    c:\windows\system32\nvdispco6432619.dll
2013-07-19 16:23 . 2013-07-14 01:17    1511712    ----a-w-    c:\windows\system32\nvdispgenco6432619.dll
2013-07-19 16:22 . 2013-07-19 16:22    --------    d-----w-    C:\NVIDIA
2013-07-19 15:59 . 2013-05-15 22:35    144384    ----a-w-    c:\windows\system32\tssdisai.dll
2013-07-19 15:59 . 2012-11-10 04:22    122880    ----a-w-    c:\windows\system32\VmHostAI.dll
2013-07-19 15:59 . 2012-11-10 04:22    126976    ----a-w-    c:\windows\system32\RDWebAI.dll
2013-07-19 15:59 . 2012-11-10 04:20    135680    ----a-w-    c:\windows\system32\appserverai.dll
2013-07-19 15:59 . 2012-11-10 04:23    132608    ----a-w-    c:\windows\SysWow64\poqexec.exe
2013-07-19 15:59 . 2012-11-10 04:23    148480    ----a-w-    c:\windows\system32\poqexec.exe
2013-07-19 15:57 . 2013-07-19 15:57    --------    d-----w-    c:\program files (x86)\Razer
2013-07-19 15:32 . 2013-05-02 15:29    278800    ------w-    c:\windows\system32\MpSigStub.exe
2013-07-19 15:32 . 2013-07-31 12:59    --------    d-----w-    c:\program files (x86)\Common Files\Steam
2013-07-19 15:32 . 2013-08-10 12:41    --------    d-----w-    c:\program files (x86)\Steam
2013-07-19 15:30 . 2013-04-11 04:12    1413632    ----a-w-    c:\program files (x86)\Common Files\Microsoft Shared\Ink\InkObj.dll
2013-07-19 15:29 . 2013-03-02 08:23    195072    ----a-w-    c:\program files (x86)\Windows NT\Accessories\WordpadFilter.dll
2013-07-19 15:29 . 2013-03-02 08:23    100864    ----a-w-    c:\windows\SysWow64\SettingSyncInfo.dll
2013-07-19 15:29 . 2013-03-02 08:21    36352    ----a-w-    c:\windows\SysWow64\DevDispItemProvider.dll
2013-07-19 15:29 . 2013-03-02 02:45    71168    ----a-w-    c:\windows\system32\WSDPrintProxy.DLL
2013-07-19 15:29 . 2013-03-02 02:45    235008    ----a-w-    c:\program files\Windows NT\Accessories\WordpadFilter.dll
2013-07-19 15:29 . 2013-03-02 02:44    128512    ----a-w-    c:\windows\system32\SettingSyncInfo.dll
2013-07-19 15:29 . 2013-03-02 02:44    49152    ----a-w-    c:\windows\system32\DevDispItemProvider.dll
2013-07-19 15:29 . 2013-03-02 02:15    26112    ----a-w-    c:\windows\system32\drivers\mouhid.sys
2013-07-19 15:29 . 2013-03-01 04:56    30720    ----a-w-    c:\windows\system32\drivers\monitor.sys
2013-07-19 15:29 . 2013-05-23 23:01    1300992    ----a-w-    c:\windows\system32\gdi32.dll
2013-07-19 15:29 . 2013-05-23 22:27    1022464    ----a-w-    c:\windows\SysWow64\gdi32.dll
2013-07-19 15:29 . 2013-04-11 22:30    1421312    ----a-w-    c:\windows\SysWow64\DWrite.dll
2013-07-19 15:29 . 2013-04-11 22:22    1838080    ----a-w-    c:\windows\system32\DWrite.dll
2013-07-19 15:27 . 2013-05-04 06:59    2842112    ----a-w-    c:\windows\system32\WMVDECOD.DLL
2013-07-19 15:27 . 2013-05-04 04:57    2620928    ----a-w-    c:\windows\SysWow64\WMVDECOD.DLL
2013-07-19 15:24 . 2012-10-24 03:25    26624    ----a-w-    c:\windows\system32\ReAgentc.exe
2013-07-19 15:24 . 2012-10-24 02:48    24064    ----a-w-    c:\windows\SysWow64\ReAgentc.exe
2013-07-19 15:24 . 2013-03-22 03:49    2382336    ----a-w-    c:\windows\SysWow64\esent.dll
2013-07-19 15:24 . 2013-03-02 08:23    375808    ----a-w-    c:\windows\SysWow64\ReAgent.dll
2013-07-19 15:24 . 2013-03-02 02:44    1011200    ----a-w-    c:\windows\system32\reseteng.dll
2013-07-19 15:24 . 2013-03-21 22:47    2851840    ----a-w-    c:\windows\system32\esent.dll
2013-07-19 15:16 . 2013-07-19 15:16    17536    ----a-w-    c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2013-07-19 15:13 . 2013-07-19 15:32    --------    d-----w-    c:\users\Kodi
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-26 06:09 . 2013-06-11 12:32    15898352    ----a-w-    c:\windows\system32\nvwgf2umx.dll
2013-07-26 06:09 . 2013-06-11 12:32    1412832    ----a-w-    c:\windows\system32\nvumdshimx.dll
2013-07-26 06:09 . 2013-06-11 12:32    13626160    ----a-w-    c:\windows\SysWow64\nvwgf2um.dll
2013-07-26 06:09 . 2013-06-11 12:32    15701128    ----a-w-    c:\windows\system32\nvd3dumx.dll
2013-07-26 06:09 . 2013-06-11 12:32    12944800    ----a-w-    c:\windows\SysWow64\nvd3dum.dll
2013-07-26 06:09 . 2013-06-11 12:32    2986160    ----a-w-    c:\windows\system32\nvapi64.dll
2013-07-26 06:09 . 2013-06-11 12:32    2630304    ----a-w-    c:\windows\SysWow64\nvapi.dll
2013-07-26 04:59 . 2013-06-11 11:58    6601504    ----a-w-    c:\windows\system32\nvcpl.dll
2013-07-26 04:59 . 2013-06-11 11:58    3452704    ----a-w-    c:\windows\system32\nvsvc64.dll
2013-07-26 04:59 . 2013-06-11 11:58    920864    ----a-w-    c:\windows\system32\nvvsvc.exe
2013-07-26 04:59 . 2013-06-11 11:58    63776    ----a-w-    c:\windows\system32\nvshext.dll
2013-07-26 04:59 . 2013-06-11 11:58    219424    ----a-w-    c:\windows\system32\nvmctray.dll
2013-07-22 19:12 . 2013-06-11 11:58    3282455    ----a-w-    c:\windows\system32\nvcoproc.bin
2013-07-19 15:13 . 2012-07-26 08:13    22240    ----a-w-    c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-06-27 22:04 . 2012-07-26 08:14    78200    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-27 22:04 . 2012-07-26 08:14    693112    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-11 12:51 . 2013-06-11 12:51    9216    ----a-w-    c:\windows\system32\dpnhupnp.dll
2013-06-11 12:51 . 2013-06-11 12:51    9216    ----a-w-    c:\windows\system32\dpnhpast.dll
2013-06-11 12:51 . 2013-06-11 12:51    8192    ----a-w-    c:\windows\SysWow64\dpnhupnp.dll
2013-06-11 12:51 . 2013-06-11 12:51    8192    ----a-w-    c:\windows\SysWow64\dpnhpast.dll
2013-06-11 12:51 . 2013-06-11 12:51    67584    ----a-w-    c:\windows\system32\dpnathlp.dll
2013-06-11 12:51 . 2013-06-11 12:51    58880    ----a-w-    c:\windows\SysWow64\dpnathlp.dll
2013-06-11 12:51 . 2013-06-11 12:51    463872    ----a-w-    c:\windows\system32\dpnet.dll
2013-06-11 12:51 . 2013-06-11 12:51    4096    ----a-w-    c:\windows\system32\dpnlobby.dll
2013-06-11 12:51 . 2013-06-11 12:51    375808    ----a-w-    c:\windows\SysWow64\dpnet.dll
2013-06-11 12:51 . 2013-06-11 12:51    3584    ----a-w-    c:\windows\system32\dpnaddr.dll
2013-06-11 12:51 . 2013-06-11 12:51    34816    ----a-w-    c:\windows\system32\dpnsvr.exe
2013-06-11 12:51 . 2013-06-11 12:51    32256    ----a-w-    c:\windows\SysWow64\dpnsvr.exe
2013-06-11 12:51 . 2013-06-11 12:51    3072    ----a-w-    c:\windows\SysWow64\dpnlobby.dll
2013-06-11 12:51 . 2013-06-11 12:51    2560    ----a-w-    c:\windows\SysWow64\dpnaddr.dll
2013-06-11 12:51 . 2013-06-11 12:51    94208    ----a-w-    c:\windows\system32\synceng.dll
2013-06-11 12:51 . 2013-06-11 12:51    72192    ----a-w-    c:\windows\SysWow64\synceng.dll
2013-06-11 12:51 . 2013-06-11 12:51    68608    ----a-w-    c:\windows\system32\wwanprotdim.dll
2013-06-11 12:51 . 2013-06-11 12:51    2361344    ----a-w-    c:\windows\system32\msxml6.dll
2013-06-11 12:51 . 2013-06-11 12:51    2048    ----a-w-    c:\windows\SysWow64\msxml6r.dll
2013-06-11 12:51 . 2013-06-11 12:51    2048    ----a-w-    c:\windows\SysWow64\msxml3r.dll
2013-06-11 12:51 . 2013-06-11 12:51    2048    ----a-w-    c:\windows\system32\msxml6r.dll
2013-06-11 12:51 . 2013-06-11 12:51    2048    ----a-w-    c:\windows\system32\msxml3r.dll
2013-06-11 12:51 . 2013-06-11 12:51    1836032    ----a-w-    c:\windows\system32\msxml3.dll
2013-06-11 12:51 . 2013-06-11 12:51    1802240    ----a-w-    c:\windows\SysWow64\msxml6.dll
2013-06-11 12:51 . 2013-06-11 12:51    1438720    ----a-w-    c:\windows\SysWow64\msxml3.dll
2013-06-11 12:51 . 2013-06-11 12:51    99328    ----a-w-    c:\windows\system32\wushareduxresources.dll
2013-06-11 12:51 . 2013-06-11 12:51    18432    ----a-w-    c:\windows\SysWow64\wups.dll
2013-06-11 12:51 . 2013-06-11 12:51    17408    ----a-w-    c:\windows\system32\wuaext.dll
2013-06-11 12:51 . 2013-06-11 12:51    8552448    ----a-w-    c:\windows\SysWow64\glcndFilter.dll
2013-06-11 12:51 . 2013-06-11 12:51    522640    ----a-w-    c:\windows\system32\AUDIOKSE.dll
2013-06-11 12:51 . 2013-06-11 12:51    463768    ----a-w-    c:\windows\SysWow64\AUDIOKSE.dll
2013-06-11 12:51 . 2013-06-11 12:51    314880    ----a-w-    c:\windows\system32\rdpclip.exe
2013-06-11 12:51 . 2013-06-11 12:51    267264    ----a-w-    c:\windows\system32\EncDump.dll
2013-06-11 12:51 . 2013-06-11 12:51    11459584    ----a-w-    c:\windows\system32\glcndFilter.dll
2013-06-11 12:51 . 2013-06-11 12:51    516608    ----a-w-    c:\windows\SysWow64\winhttp.dll
2013-06-11 12:51 . 2013-06-11 12:51    212992    ----a-w-    c:\windows\system32\bthprops.cpl
2013-06-11 12:51 . 2013-06-11 12:51    189440    ----a-w-    c:\windows\SysWow64\bthprops.cpl
2013-06-11 12:51 . 2013-06-11 12:51    172032    ----a-w-    c:\windows\system32\MFCaptureEngine.dll
2013-06-11 12:51 . 2013-06-11 12:51    1566432    ----a-w-    c:\windows\system32\ole32.dll
2013-06-11 12:51 . 2013-06-11 12:51    126464    ----a-w-    c:\windows\SysWow64\MFCaptureEngine.dll
2013-06-11 12:51 . 2013-06-11 12:51    1150160    ----a-w-    c:\windows\SysWow64\ole32.dll
2013-06-11 12:51 . 2013-06-11 12:51    1037312    ----a-w-    c:\windows\system32\localspl.dll
2013-06-11 12:51 . 2013-06-11 12:51    9728    ----a-w-    c:\windows\SysWow64\wlanhlp.dll
2013-06-11 12:51 . 2013-06-11 12:51    9728    ----a-w-    c:\windows\system32\wlanhlp.dll
2013-06-11 12:51 . 2013-06-11 12:51    93696    ----a-w-    c:\windows\SysWow64\WcnApi.dll
2013-06-11 12:51 . 2013-06-11 12:51    883712    ----a-w-    c:\windows\HelpPane.exe
2013-06-11 12:51 . 2013-06-11 12:51    84992    ----a-w-    c:\windows\SysWow64\fdWCN.dll
2013-06-11 12:51 . 2013-06-11 12:51    470016    ----a-w-    c:\windows\system32\wlanmsm.dll
2013-06-11 12:51 . 2013-06-11 12:51    466944    ----a-w-    c:\windows\system32\wcncsvc.dll
2013-06-11 12:51 . 2013-06-11 12:51    446464    ----a-w-    c:\windows\system32\wlansec.dll
2013-06-11 12:51 . 2013-06-11 12:51    386560    ----a-w-    c:\windows\SysWow64\wlanmsm.dll
2013-06-11 12:51 . 2013-06-11 12:51    375296    ----a-w-    c:\windows\SysWow64\wlansec.dll
2013-06-11 12:51 . 2013-06-11 12:51    30720    ----a-w-    c:\windows\system32\wfdprov.dll
2013-06-11 12:51 . 2013-06-11 12:51    273408    ----a-w-    c:\windows\system32\wlanapi.dll
2013-06-11 12:51 . 2013-06-11 12:51    27136    ----a-w-    c:\windows\system32\WcnEapPeerProxy.dll
2013-06-11 12:51 . 2013-06-11 12:51    26624    ----a-w-    c:\windows\system32\WcnEapAuthProxy.dll
2013-06-11 12:51 . 2013-06-11 12:51    25600    ----a-w-    c:\windows\SysWow64\wfdprov.dll
2013-06-11 12:51 . 2013-06-11 12:51    202240    ----a-w-    c:\windows\SysWow64\wlanapi.dll
2013-06-11 12:51 . 2013-06-11 12:51    1386496    ----a-w-    c:\windows\system32\wlansvc.dll
2013-06-11 12:51 . 2013-06-11 12:51    126976    ----a-w-    c:\windows\system32\WcnApi.dll
2013-06-11 12:51 . 2013-06-11 12:51    110080    ----a-w-    c:\windows\system32\dafWCN.dll
2013-06-11 12:51 . 2013-06-11 12:51    102400    ----a-w-    c:\windows\system32\fdWCN.dll
2013-06-11 12:51 . 2013-06-11 12:51    976384    ----a-w-    c:\windows\system32\KernelBase.dll
2013-06-11 12:51 . 2013-06-11 12:51    90624    ----a-w-    c:\windows\system32\drivers\amdk8.sys
2013-06-11 12:51 . 2013-06-11 12:51    89088    ----a-w-    c:\windows\system32\drivers\intelppm.sys
2013-06-11 12:51 . 2013-06-11 12:51    88064    ----a-w-    c:\windows\system32\drivers\amdppm.sys
2013-06-11 12:51 . 2013-06-11 12:51    87552    ----a-w-    c:\windows\system32\drivers\processr.sys
2013-06-11 12:51 . 2013-06-11 12:51    710656    ----a-w-    c:\windows\system32\winhttp.dll
2013-06-11 12:51 . 2013-06-11 12:51    665600    ----a-w-    c:\windows\SysWow64\KernelBase.dll
2013-06-11 12:51 . 2013-06-11 12:51    560640    ----a-w-    c:\windows\system32\drivers\afd.sys
2013-06-11 12:51 . 2013-06-11 12:51    277736    ----a-w-    c:\windows\system32\drivers\msiscsi.sys
2013-06-11 12:51 . 2013-06-11 12:51    22528    ----a-w-    c:\windows\system32\drivers\fxppm.sys
2013-06-11 12:51 . 2013-06-11 12:51    16384    ----a-w-    c:\windows\system32\iscsilog.dll
2013-06-11 12:51 . 2013-06-11 12:51    754176    ----a-w-    c:\windows\SysWow64\actxprxy.dll
2013-06-11 12:51 . 2013-06-11 12:51    929792    ----a-w-    c:\windows\SysWow64\mfnetsrc.dll
2013-06-11 12:51 . 2013-06-11 12:51    677888    ----a-w-    c:\windows\system32\mfnetcore.dll
2013-06-11 12:51 . 2013-06-11 12:51    673280    ----a-w-    c:\windows\system32\mfmpeg2srcsnk.dll
2013-06-11 12:51 . 2013-06-11 12:51    568832    ----a-w-    c:\windows\SysWow64\mfnetcore.dll
2013-06-11 12:51 . 2013-06-11 12:51    513024    ----a-w-    c:\windows\SysWow64\mfmpeg2srcsnk.dll
2013-06-11 12:51 . 2013-06-11 12:51    370688    ----a-w-    c:\windows\system32\drivers\mrxsmb.sys
2013-06-11 12:51 . 2013-06-11 12:51    215552    ----a-w-    c:\windows\system32\drivers\mrxsmb20.sys
2013-06-11 12:51 . 2013-06-11 12:51    1172992    ----a-w-    c:\windows\system32\mfnetsrc.dll
2013-06-11 12:51 . 2013-06-11 12:51    86016    ----a-w-    c:\windows\system32\ncryptsslp.dll
2013-06-11 12:51 . 2013-06-11 12:51    71168    ----a-w-    c:\windows\SysWow64\ncryptsslp.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2013-07-26 1807272]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"="c:\program files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe" [2012-07-19 133440]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe" [2012-09-12 56128]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-05-31 152392]
"Razer Imperator Driver"="c:\program files (x86)\Razer\Imperator\RazerImperatorSysTray.exe" [2012-12-21 980504]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll c:\progra~2\NVIDIA~1\NVSTRE~1\rxinput.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 DellDigitalDelivery;Dell Digital Delivery Service;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe [x]
R3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;c:\windows\System32\drivers\nvstusb.sys;c:\windows\SYSNATIVE\drivers\nvstusb.sys [x]
R3 xusb22;Xbox 360 Wireless Receiver Driver Service 22;c:\windows\System32\drivers\xusb22.sys;c:\windows\SYSNATIVE\drivers\xusb22.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S2 CxUtilSvc;CxUtilSvc;c:\program files\Conexant\SA3\CxUtilSvc.exe;c:\program files\Conexant\SA3\CxUtilSvc.exe [x]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell Backup and Recovery\SftService.exe;c:\program files (x86)\Dell Backup and Recovery\SftService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
S2 ZAtheros Wlan Agent;ZAtheros Wlan Agent;c:\program files (x86)\Dell Wireless\Ath_WlanAgent.exe;c:\program files (x86)\Dell Wireless\Ath_WlanAgent.exe [x]
S3 imperator2;Razer Imperator Driver;c:\windows\System32\drivers\imperator2.sys;c:\windows\SYSNATIVE\drivers\imperator2.sys [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2013-08-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-19 15:42]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2012-03-29 883840]
"SmartAudio"="c:\program files\CONEXANT\SA3\SACpl.exe" [2012-06-13 1647616]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-07-27 1028896]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-10-05 171040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-10-05 399392]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-10-05 441888]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll c:\progra~1\NVIDIA~1\NVSTRE~1\rxinput.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 202.65.242.50 202.65.242.46 192.168.1.1
FF - ProfilePath - c:\users\Kodi\AppData\Roaming\Mozilla\Firefox\Profiles\b5bsf214.default\
FF - ExtSQL: 2013-07-19 23:27; {73a6fe31-595d-460b-a920-fcc0f8843232}; c:\users\Kodi\AppData\Roaming\Mozilla\Firefox\Profiles\b5bsf214.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
Toolbar-Locked - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Completion time: 2013-08-10  20:49:35
ComboFix-quarantined-files.txt  2013-08-10 12:49
.
Pre-Run: 805,640,720,384 bytes free
Post-Run: 805,716,246,528 bytes free
.
- - End Of File - - C5D99D95C398CB60A96BAA32B5FE3F2B
D41D8CD98F00B204E9800998ECF8427E
 

Link to post
Share on other sites

Please scan your machine with ESET OnlineScan

  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.

    ESET OnlineScan

  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer.

      Save it to your Desktop.

    • Double click on the esetsmartinstaller_enu.png to download the ESET Smart Installer. icon on your Desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under Scan Settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
Link to post
Share on other sites

No, I couldn't find any traces from malware.

Step 1

Please run OTL and click on CleanUp button.

Step 2

Please uninstall ESET Online Scanner

Step 3

Future malware prevention tips:

users.telenet.be/bluepatchy/miekiemoes/prevention.html

Safe surfing! :)

Link to post
Share on other sites

  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.