frozengamer Posted May 21, 2013 ID:682261 Share Posted May 21, 2013 I just noticed this morning that one in 5 of my clicks was sending me to random sites. I have ran the following software prior to this post. - super antispyware - MalwareBytes - Microsoft Security Essentials - HiJackthis - and now spybot search and destroy. I had installed a few giveaway of the day programs, i suspect this one may have been the culprit - http://www.giveawayo...y+of+the+Day%29 - the top line in feedback says its blacklisted by malwarebytes.I will attach the corrupted hosts file as well as others requested by pinned subjects. I replaced the hosts already and it hasn't gone back to corrupted yet.On a deep scan with superantyspyware one of my desura dlls (legally purchased games) showed as kazy.gen but really nothing has shown up on all the scans so far.Last, i am on a network with many computers so there is a possiblity that other computers out of my control may be compromised.Please advise and thanks for your assistance. PS this is my first post here so please let me know if i did something wrong or forgot something obvious.HiJack this logLogfile of Trend Micro HijackThis v2.0.5Scan saved at 12:13:17 PM, on 5/21/2013Platform: Windows 7 SP1 (WinNT 6.00.3505)MSIE: Internet Explorer v10.0 (10.00.9200.16576)FIREFOX: 20.0.1 (en-US)Boot mode: NormalRunning processes:C:\Program Files (x86)\Everything\Everything.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Program Files (x86)\AnVir Task Manager\anvir.exeC:\Windows\System32\PrintDisp.exeC:\Program Files (x86)\Rainlendar2\Rainlendar2.exeC:\Users\Chris\Local Settings\Apps\F.lux\flux.exeC:\hotkeyp\HotkeyP.exeC:\Program Files (x86)\Origin\Origin.exeI:\Steam\Steam.exeC:\Program Files (x86)\PFU\ScanSnap\CardMinder\CardLauncher.exeC:\Program Files\CrashPlan\CrashPlanTray.exeC:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exeC:\Windows\SSDriver\fi5110\SsWiaChecker.exeC:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsMon.exeC:\Program Files (x86)\PDF24\pdf24.exeC:\Program Files (x86)\Secunia\PSI\psi_tray.exeC:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exeC:\Program Files (x86)\iTunes\iTunesHelper.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exeC:\Program Files (x86)\GameStop App\Now\GameStopNow.exeC:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exeC:\Program Files (x86)\Desura\desura.exeC:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exeC:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exeC:\Program Files (x86)\jane\jane.exeC:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Winamp\winamp.exeC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exeC:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exeF:\Downloads\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft..../?LinkId=255141R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft..../?LinkId=255141R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htmR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.localR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =F2 - REG:system.ini: UserInit=userinit.exeO2 - BHO: SoundFrost - {081524f7-7ed8-43ff-b01e-915c410a9cbe} - C:\PROGRA~2\SOUNDF~1\SOUNDF~1.DLLO2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLLO2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllO2 - BHO: Fantapper - {8A86D350-37AB-410A-8531-7D1363F317B3} - C:\Program Files (x86)\Brand Affinity Technologies\Fantapper Player\\IEInstaller.dllO2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dllO2 - BHO: LastPass Vault - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dllO2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLLO2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllO3 - Toolbar: LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dllO4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /sO4 - HKLM\..\Run: [scanSnap WIA Service Checker] C:\Windows\SSDriver\fi5110\SsWiaChecker.exeO4 - HKLM\..\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exeO4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRunO4 - HKLM\..\Run: [HOSTS Anti-Adware_PUPs] C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exeO4 - HKCU\..\Run: [Rainlendar2] C:\Program Files (x86)\Rainlendar2\Rainlendar2.exeO4 - HKCU\..\Run: [Google Update] "C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe" /cO4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files (x86)\SuperCopier2\SuperCopier2.exeO4 - HKCU\..\Run: [F.lux] "C:\Users\Chris\Local Settings\Apps\F.lux\flux.exe" /noshowO4 - HKCU\..\Run: [HotkeyP] C:\hotkeyp\HotkeyP.exe 0O4 - HKCU\..\Run: [Desura] C:\Program Files (x86)\Desura\desura.exe -autostartO4 - HKCU\..\Run: [GOG.com Downloader] C:\Program Files (x86)\GOG.com\GOG.com Downloader.exe -autostartO4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStartO4 - HKCU\..\Run: [steam] "I:\Steam\steam.exe" -silentO4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeO4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')O4 - Startup: Dropbox.lnk = Chris\AppData\Roaming\Dropbox\bin\Dropbox.exeO4 - Startup: EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exeO4 - Startup: GameStop Now.lnk = C:\Program Files (x86)\GameStop App\Now\GameStopNow.exeO4 - Global Startup: CardMinder Viewer.lnk = ?O4 - Global Startup: Conversion to PDF with ScanSnap Organizer.lnk = ?O4 - Global Startup: CrashPlan Tray.lnk = C:\Program Files\CrashPlan\CrashPlanTray.exeO4 - Global Startup: ScanSnap Manager.lnk = ?O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exeO8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200O8 - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3O8 - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1O8 - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office14\EXCEL.EXE/3000O8 - Extra context menu item: LastPass - file://C:\Users\Chris\AppData\LocalLow\LastPass\context.html?cmd=lastpassO8 - Extra context menu item: LastPass Fill Forms - file://C:\Users\Chris\AppData\LocalLow\LastPass\context.html?cmd=fillformsO8 - Extra context menu item: New Note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.htmlO8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dllO9 - Extra 'Tools' menuitem: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dllO9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.htmlO9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.htmlO9 - Extra button: Fantapper - {AB745E88-1BAD-4B80-A83E-7C964EAC9804} - C:\Program Files (x86)\Brand Affinity Technologies\Fantapper Player\\IEInstaller.dll (HKCU)O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphicsO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cabO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLLO18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLO23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXEO23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeO23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeO23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeO23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exeO23 - Service: CrashPlan Backup Service (CrashPlanService) - CrashPlan - C:\Program Files\CrashPlan\CrashPlanService.exeO23 - Service: Desura Install Service - Desura Pty Ltd - C:\Program Files (x86)\Common Files\Desura\desura_service.exeO23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)O23 - Service: Fantapper Player Update Service (FTSvc) - Brand Affinity Technologies - C:\Program Files (x86)\Brand Affinity Technologies\Fantapper Player\FantapperUpdateService.exeO23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: HOSTS Anti-PUPs - Unknown owner - C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exeO23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exeO23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeO23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeO23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exeO23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exeO23 - Service: Printer Control - Unknown owner - C:\Windows\system32\PrintCtrl.exe (file missing)O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - C:\Program Files\Sandboxie\SbieSvc.exeO23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exeO23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exeO23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exeO23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exeO23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - Unknown owner - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (file missing)O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exeO23 - Service: TomTomHOMEService - TomTom - d:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exeO23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)DDS.txtDDS (Ver_2012-11-20.01) - NTFS_AMD64Internet Explorer: 10.0.9200.16576 BrowserJavaVersion: 10.21.2Run by Chris at 12:21:03 on 2013-05-21Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.16360.11463 [GMT -8:00].AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSC:\Program Files\Microsoft Security Client\MsMpEng.exeC:\Windows\system32\atiesrxx.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k netsvcsC:\Program Files\Sandboxie\SbieSvc.exeC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\atieclxx.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files\SUPERAntiSpyware\SASCORE64.EXEC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\CrashPlan\CrashPlanService.exeC:\Windows\SysWOW64\PnkBstrA.exeC:\Windows\system32\PrintCtrl.exeC:\Program Files (x86)\Secunia\PSI\PSIA.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exed:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Program Files\Microsoft Security Client\NisSrv.exeC:\Windows\system32\PrintDisp.exeC:\Windows\system32\taskhost.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Windows\system32\taskeng.exeC:\Program Files (x86)\Everything\Everything.exeC:\Windows\system32\taskeng.exeC:\Program Files\Process Lasso\processgovernor.exeC:\Program Files\Process Lasso\processlasso.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Program Files (x86)\AnVir Task Manager\anvir.exeC:\Program Files\Realtek\Audio\HDA\RAVCpl64.exeC:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exeC:\Program Files\Microsoft Security Client\msseces.exeC:\Windows\System32\PrintDisp.exeC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Program Files (x86)\Secunia\PSI\sua.exeC:\Program Files\Logitech Gaming Software\LCore.exeC:\Program Files\Shadow Defender\DefenderDaemon.exeC:\Program Files (x86)\Rainlendar2\Rainlendar2.exeC:\Users\Chris\Local Settings\Apps\F.lux\flux.exeC:\hotkeyp\HotkeyP.exeC:\Program Files (x86)\Origin\Origin.exeI:\Steam\Steam.exeC:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXEC:\Program Files (x86)\PFU\ScanSnap\CardMinder\CardLauncher.exeC:\Program Files\CrashPlan\CrashPlanTray.exeC:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exeC:\Windows\SSDriver\fi5110\SsWiaChecker.exeC:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsMon.exeC:\Program Files (x86)\PDF24\pdf24.exeC:\Program Files (x86)\Secunia\PSI\psi_tray.exeC:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exeC:\Program Files (x86)\iTunes\iTunesHelper.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files (x86)\GameStop App\Now\GameStopNow.exeC:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exeC:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exeC:\Program Files\Logitech Gaming Software\Applets\LCDClock.exeC:\Program Files\Logitech Gaming Software\Applets\LCDPop3.exeC:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exeC:\Program Files (x86)\Desura\desura.exeC:\Program Files (x86)\Common Files\Desura\desura_service.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exeC:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exeC:\Program Files (x86)\Common Files\Steam\SteamService.exeC:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exeC:\Program Files (x86)\jane\jane.exeC:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Users\Chris\Desktop\MultiDesk\MultiDesk64.exeC:\Program Files (x86)\Winamp\winamp.exeC:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXEC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exeC:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exeC:\Windows\system32\taskhost.exeF:\Downloads\HijackThis.exeC:\Windows\SysWOW64\NOTEPAD.EXEC:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exeC:\Windows\SysWOW64\hh.exeC:\Program Files\Microsoft Security Client\MpCmdRun.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.uStart Page = hxxp://www.google.com/mWinlogon: Userinit = userinit.exeBHO: SoundFrost: {081524f7-7ed8-43ff-b01e-915c410a9cbe} - C:\Program Files (x86)\SoundFrost\SoundFrost.dllBHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dllBHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLLBHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: Fantapper: {8A86D350-37AB-410A-8531-7D1363F317B3} - C:\Program Files (x86)\Brand Affinity Technologies\Fantapper Player\\IEInstaller.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: Evernote extension: {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dllBHO: LastPass Vault: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dllBHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLLBHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllTB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dlluRun: [Rainlendar2] C:\Program Files (x86)\Rainlendar2\Rainlendar2.exeuRun: [Google Update] "C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe" /cuRun: [superCopier2.exe] C:\Program Files (x86)\SuperCopier2\SuperCopier2.exeuRun: [F.lux] "C:\Users\Chris\Local Settings\Apps\F.lux\flux.exe" /noshowuRun: [HotkeyP] C:\hotkeyp\HotkeyP.exe 0uRun: [Desura] C:\Program Files (x86)\Desura\desura.exe -autostartuRun: [GOG.com Downloader] C:\Program Files (x86)\GOG.com\GOG.com Downloader.exe -autostartuRun: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStartuRun: [steam] "I:\Steam\steam.exe" -silentuRun: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exemRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /smRun: [scanSnap WIA Service Checker] C:\Windows\SSDriver\fi5110\SsWiaChecker.exemRun: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exemRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRunmRun: [HOSTS Anti-Adware_PUPs] C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exeStartupFolder: C:\Users\Chris\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exeStartupFolder: C:\Users\Chris\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\EVERNO~1.LNK - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exeStartupFolder: C:\Users\Chris\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\GAMEST~1.LNK - C:\Program Files (x86)\GameStop App\Now\GameStopNow.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CARDMI~1.LNK - C:\Program Files (x86)\PFU\ScanSnap\CardMinder\CardLauncher.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CONVER~1.LNK - C:\Program Files (x86)\PFU\ScanSnap\Organizer\PfuSsOrgOcrChk.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CRASHP~1.LNK - C:\Program Files\CrashPlan\CrashPlanTray.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SCANSN~1.LNK - C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsMon.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SECUNI~1.LNK - C:\Program Files (x86)\Secunia\PSI\psi_tray.exeuPolicies-Explorer: NoDriveTypeAutoRun = dword:145mPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200IE: Clip selection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3IE: Clip this page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1IE: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0IE: E&xport to Microsoft Excel - C:\PROGRA~1\MIF5BA~1\Office14\EXCEL.EXE/3000IE: LastPass - C:\Users\Chris\AppData\LocalLow\LastPass\context.html?cmd=lastpassIE: LastPass Fill Forms - C:\Users\Chris\AppData\LocalLow\LastPass\context.html?cmd=fillformsIE: New Note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.htmlIE: Se&nd to OneNote - C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllIE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dllIE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllIE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.htmlIE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dllDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cabDPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cabDPF: {CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cabDPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cabTCP: NameServer = 192.168.1.1TCP: Interfaces\{2F2D49D1-222D-43C8-8DC9-7F36834F344F} : DHCPNameServer = 192.168.1.1Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllSSODL: WebCheck - <orphaned>SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLLmASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromex64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLLx64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllx64-BHO: LastPass Vault: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dllx64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLLx64-TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dllx64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -sx64-Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServicesx64-Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrunx64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkeyx64-Run: [PrintDisp] C:\Windows\System32\PrintDisp.exex64-Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimizedx64-Run: [shadow Defender Daemon] "C:\Program Files\Shadow Defender\DefenderDaemon.exe" /Autox64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dllx64-IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dllx64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dllx64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cabx64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cabx64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLx64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-SSODL: WebCheck - <orphaned>x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL.================= FIREFOX ===================.FF - ProfilePath - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\vwt9s9m4.default\FF - prefs.js: browser.search.selectedEngine - GoogleFF - prefs.js: browser.startup.homepage - about:homeFF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLLFF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLLFF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dllFF - plugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10171.dllFF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dllFF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dllFF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dllFF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dllFF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dllFF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dllFF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dllFF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypchub.dllFF - plugin: C:\Users\Chris\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dllFF - plugin: C:\Users\Chris\AppData\Local\Roblox\Versions\version-d2e4e6e567c64738\NPRobloxProxy.dllFF - plugin: C:\Users\Chris\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dllFF - plugin: C:\Users\Chris\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dllFF - plugin: C:\Users\Chris\AppData\Roaming\Mozilla\plugins\npgoogletalk.dllFF - plugin: C:\Users\Chris\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dllFF - plugin: C:\Users\Chris\AppData\Roaming\Mozilla\plugins\npo1d.dllFF - plugin: C:\Windows\System32\Wat\npWatWeb.dllFF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dllFF - plugin: C:\Windows\SysWOW64\npdeployJava1.dllFF - plugin: C:\Windows\SysWOW64\npmproxy.dllFF - ExtSQL: 2013-04-20 17:22; {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}; C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}.============= SERVICES / DRIVERS ===============.R0 diskpt;diskpt;C:\Windows\System32\drivers\diskpt.sys [2013-5-1 263912]R0 fltsrv;Acronis Storage Filter Management;C:\Windows\System32\drivers\fltsrv.sys [2012-1-19 133728]R0 hotcore3;hc3ServiceName;C:\Windows\System32\drivers\hotcore3.sys [2012-1-13 39728]R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2012-11-27 647736]R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2012-11-27 28216]R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-1-20 230320]R0 mv91xx;mv91xx;C:\Windows\System32\drivers\mv91xx.sys [2010-11-21 303408]R0 vidsflt61;Acronis Disk Storage Filter (61);C:\Windows\System32\drivers\vsflt61.sys [2012-1-19 142944]R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]R1 Uim_VIM;UIM Virtual Image Plugin;C:\Windows\System32\drivers\uim_vimx64.sys [2011-11-14 352816]R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672]R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-4-16 241152]R2 cpuz135;cpuz135;C:\Windows\System32\drivers\cpuz135_x64.sys [2012-1-12 21992]R2 CrashPlanService;CrashPlan Backup Service;C:\Program Files\CrashPlan\CrashPlanService.exe [2011-3-16 222720]R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-4-15 14904]R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-5-21 418376]R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-5-21 701512]R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2010-10-24 130008]R2 Printer Control;Printer Control;C:\Windows\System32\PrintCtrl.exe [2012-9-5 78848]R2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2012-7-25 1326176]R2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2012-7-25 681056]R2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-5-18 3574624]R2 TomTomHOMEService;TomTomHOMEService;D:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-1-22 92592]R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-2-14 96768]R3 Desura Install Service;Desura Install Service;C:\Program Files (x86)\Common Files\Desura\desura_service.exe [2012-3-23 131912]R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;C:\Windows\System32\drivers\EtronHub3.sys [2011-2-8 39936]R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;C:\Windows\System32\drivers\EtronXHCI.sys [2011-2-8 64512]R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\System32\drivers\LGBusEnum.sys [2011-10-24 22408]R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;C:\Windows\System32\drivers\LGSHidFilt.Sys [2012-10-2 66360]R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\drivers\LGVirHid.sys [2011-10-24 16008]R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-5-21 25928]R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360]R3 PSI;PSI;C:\Windows\System32\drivers\psi_mf.sys [2010-9-1 17976]R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-2-7 648808]R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2011-6-17 154752]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S2 HOSTS Anti-PUPs;HOSTS Anti-PUPs;C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe -update --> C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe -update [?]S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2013-5-21 1153368]S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe --> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [?]S3 ampa;ampa;C:\Windows\System32\ampa.sys [2013-2-3 15288]S3 ddmdrv;ddmdrv;C:\Windows\System32\ddmdrv.sys [2013-2-3 15288]S3 DigiartyVirtualCDBus;Digiarty Virtual Driver;C:\Windows\System32\drivers\DigiartyVirtualCDBus.sys [2012-1-6 276256]S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-20 71168]S3 epmntdrv;epmntdrv;C:\Windows\System32\epmntdrv.sys [2013-2-11 17480]S3 EuGdiDrv;EuGdiDrv;C:\Windows\System32\EuGdiDrv.sys [2013-2-11 9800]S3 FTSvc;Fantapper Player Update Service;C:\Program Files (x86)\Brand Affinity Technologies\Fantapper Player\FantapperUpdateService.exe [2011-12-12 11776]S3 ivusb;Initio Driver for USB Default Controller;C:\Windows\System32\drivers\ivusb.sys [2010-7-29 29720]S3 LADF_BakerCOnly;BakerC Filter Driver;C:\Windows\System32\drivers\ladfBakerCamd64.sys [2011-3-18 410184]S3 LADF_BakerROnly;BakerR Filter Driver;C:\Windows\System32\drivers\ladfBakerRamd64.sys [2011-3-18 335688]S3 LADF_CaptureOnly;LADF Capture Filter Driver;C:\Windows\System32\drivers\ladfGSCamd64.sys [2011-10-24 410184]S3 LADF_RenderOnly;LADF Render Filter Driver;C:\Windows\System32\drivers\ladfGSRamd64.sys [2011-10-24 341832]S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2011-8-2 22528]S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2010-11-20 88960]S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2010-11-20 34816]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2010-11-20 117248]S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-9-28 53760]S3 VBoxUSB;VirtualBox USB;C:\Windows\System32\drivers\VBoxUSB.sys [2011-12-19 117040]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-4-17 1255736]S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]S3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [2013-4-20 14544].=============== Created Last 30 ================.2013-05-21 20:16:41 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy2013-05-21 20:16:41 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy2013-05-21 16:27:21 76232 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{891354E4-DC18-4235-A3BE-820F78AA4E00}\offreg.dll2013-05-21 16:08:57 -------- d-----w- C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs2013-05-21 15:45:55 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys2013-05-21 15:45:55 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-05-21 11:37:24 964552 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DD477897-6445-44E9-9B0D-DFEB567EB007}\gapaengine.dll2013-05-21 11:37:16 9460464 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{891354E4-DC18-4235-A3BE-820F78AA4E00}\mpengine.dll2013-05-21 02:48:10 -------- d-----w- C:\Fraps2013-05-21 01:03:18 -------- d-----w- C:\Users\Chris\AppData\Roaming\FairyBloomRe2013-05-20 19:56:32 -------- d-----w- C:\Users\Chris\AppData\Local\Activision2013-05-20 17:19:31 -------- d-----w- C:\Program Files (x86)\SoundFrost2013-05-20 11:36:29 9460464 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll2013-05-19 01:42:12 -------- d-----w- C:\Users\Chris\AppData\Roaming\RIFT2013-05-15 07:10:54 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys2013-05-14 04:33:06 -------- d-----w- C:\ProgramData\ManiaPlanet2013-05-13 19:48:09 -------- d-----w- C:\Program Files (x86)\AMD AVT2013-05-10 07:57:26 187456 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll2013-05-02 04:22:33 263912 ----a-w- C:\Windows\System32\drivers\diskpt.sys2013-05-02 04:22:31 -------- d-----w- C:\Program Files\Shadow Defender2013-04-24 12:49:09 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys.==================== Find3M ====================.2013-05-15 19:36:15 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2013-05-15 19:36:15 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2013-05-02 15:29:56 278800 ------w- C:\Windows\System32\MpSigStub.exe2013-04-21 01:28:51 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll2013-04-21 01:28:50 866720 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll2013-04-21 01:28:50 788896 ----a-w- C:\Windows\SysWow64\deployJava1.dll2013-04-21 01:22:54 0 ----a-w- C:\Windows\SysWow64\REN671D.tmp2013-04-21 01:22:54 0 ----a-w- C:\Windows\SysWow64\REN671C.tmp2013-04-21 01:22:54 0 ----a-w- C:\Windows\SysWow64\REN671B.tmp2013-04-20 20:39:44 281688 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr2013-04-20 20:39:44 281688 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe2013-04-17 15:15:24 971680 ----a-w- C:\Windows\System32\deployJava1.dll2013-04-17 15:15:24 1092512 ----a-w- C:\Windows\System32\npDeployJava1.dll2013-04-16 14:54:06 78432 ----a-w- C:\Windows\System32\atimpc64.dll2013-04-16 14:54:06 78432 ----a-w- C:\Windows\System32\amdpcom64.dll2013-04-16 14:54:04 71704 ----a-w- C:\Windows\SysWow64\atimpc32.dll2013-04-16 14:54:04 71704 ----a-w- C:\Windows\SysWow64\amdpcom32.dll2013-04-16 14:54:00 139696 ----a-w- C:\Windows\System32\atiuxp64.dll2013-04-16 14:54:00 118584 ----a-w- C:\Windows\SysWow64\atiuxpag.dll2013-04-16 14:53:58 92304 ----a-w- C:\Windows\SysWow64\atiu9pag.dll2013-04-16 14:53:58 112440 ----a-w- C:\Windows\System32\atiu9p64.dll2013-04-16 14:53:56 970912 ----a-w- C:\Windows\SysWow64\aticfx32.dll2013-04-16 14:53:56 1154240 ----a-w- C:\Windows\System32\aticfx64.dll2013-04-16 14:53:52 8322576 ----a-w- C:\Windows\System32\atidxx64.dll2013-04-16 14:53:50 7285360 ----a-w- C:\Windows\SysWow64\atidxx32.dll2013-04-16 14:53:44 4448216 ----a-w- C:\Windows\SysWow64\atiumdva.dll2013-04-16 14:53:42 5941680 ----a-w- C:\Windows\SysWow64\atiumdag.dll2013-04-16 14:53:36 4997736 ----a-w- C:\Windows\System32\atiumd6a.dll2013-04-16 14:53:34 6983040 ----a-w- C:\Windows\System32\atiumd64.dll2013-04-16 14:51:54 11653632 ----a-w- C:\Windows\System32\drivers\atikmdag.sys2013-04-16 14:37:26 222720 ----a-w- C:\Windows\System32\clinfo.exe2013-04-16 14:37:14 1187342 ----a-w- C:\Windows\System32\amdocl_as64.exe2013-04-16 14:37:14 1061902 ----a-w- C:\Windows\System32\amdocl_ld64.exe2013-04-16 14:37:12 995342 ----a-w- C:\Windows\SysWow64\amdocl_as32.exe2013-04-16 14:37:12 798734 ----a-w- C:\Windows\SysWow64\amdocl_ld32.exe2013-04-16 14:37:08 76288 ----a-w- C:\Windows\System32\OpenVideo64.dll2013-04-16 14:37:04 65536 ----a-w- C:\Windows\SysWow64\OpenVideo.dll2013-04-16 14:37:00 64000 ----a-w- C:\Windows\System32\OVDecode64.dll2013-04-16 14:36:56 56320 ----a-w- C:\Windows\SysWow64\OVDecode.dll2013-04-16 14:36:48 29150208 ----a-w- C:\Windows\System32\amdocl64.dll2013-04-16 14:35:38 23593984 ----a-w- C:\Windows\System32\atio6axx.dll2013-04-16 14:34:54 23810560 ----a-w- C:\Windows\SysWow64\amdocl.dll2013-04-16 14:33:10 54784 ----a-w- C:\Windows\System32\OpenCL.dll2013-04-16 14:33:06 50176 ----a-w- C:\Windows\SysWow64\OpenCL.dll2013-04-16 14:27:18 163840 ----a-w- C:\Windows\System32\atiapfxx.exe2013-04-16 14:24:48 51200 ----a-w- C:\Windows\System32\aticalrt64.dll2013-04-16 14:24:46 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll2013-04-16 14:24:40 44544 ----a-w- C:\Windows\System32\aticalcl64.dll2013-04-16 14:24:38 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll2013-04-16 14:24:26 16082944 ----a-w- C:\Windows\System32\aticaldd64.dll2013-04-16 14:24:04 76800 ----a-w- C:\Windows\System32\coinst_12.102.3.dll2013-04-16 14:20:04 13703168 ----a-w- C:\Windows\SysWow64\aticaldd.dll2013-04-16 14:16:32 19772416 ----a-w- C:\Windows\SysWow64\atioglxx.dll2013-04-16 14:03:02 442368 ----a-w- C:\Windows\System32\atidemgy.dll2013-04-16 14:02:48 562688 ----a-w- C:\Windows\System32\atieclxx.exe2013-04-16 14:01:58 241152 ----a-w- C:\Windows\System32\atiesrxx.exe2013-04-16 14:00:30 120320 ----a-w- C:\Windows\System32\atitmm64.dll2013-04-16 14:00:14 26112 ----a-w- C:\Windows\System32\atimuixx.dll2013-04-16 14:00:10 59392 ----a-w- C:\Windows\System32\atiedu64.dll2013-04-16 14:00:04 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll2013-04-16 13:36:12 635392 ----a-w- C:\Windows\System32\atiadlxx.dll2013-04-16 13:36:00 430080 ----a-w- C:\Windows\SysWow64\atiadlxy.dll2013-04-16 13:35:46 17920 ----a-w- C:\Windows\System32\atig6pxx.dll2013-04-16 13:35:42 14848 ----a-w- C:\Windows\SysWow64\atiglpxx.dll2013-04-16 13:35:42 14848 ----a-w- C:\Windows\System32\atiglpxx.dll2013-04-16 13:35:38 44032 ----a-w- C:\Windows\System32\atig6txx.dll2013-04-16 13:35:30 34816 ----a-w- C:\Windows\SysWow64\atigktxx.dll2013-04-16 13:35:20 581120 ----a-w- C:\Windows\System32\drivers\atikmpag.sys2013-04-16 13:35:00 79360 ----a-w- C:\Windows\System32\amdave64.dll2013-04-16 13:34:54 78336 ----a-w- C:\Windows\SysWow64\amdave32.dll2013-04-16 13:34:42 74240 ----a-w- C:\Windows\System32\atisamu64.dll2013-04-16 13:34:36 71168 ----a-w- C:\Windows\SysWow64\atisamu32.dll2013-04-16 13:31:20 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll2013-04-12 19:41:58 237840 ----a-w- C:\Windows\System32\drivers\VBoxDrv.sys2013-04-12 19:41:28 131856 ----a-w- C:\Windows\System32\drivers\VBoxNetAdp.sys2013-04-12 19:40:18 146704 ----a-w- C:\Windows\System32\drivers\VBoxNetFlt.sys2013-04-12 19:40:18 120080 ----a-w- C:\Windows\System32\drivers\VBoxUSBMon.sys2013-04-12 19:40:16 204048 ----a-w- C:\Windows\System32\VBoxNetFltNobj.dll2013-04-10 06:01:54 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys2013-04-10 03:30:50 3153920 ----a-w- C:\Windows\System32\win32k.sys2013-04-05 06:52:14 2242048 ----a-w- C:\Windows\System32\wininet.dll2013-04-05 06:50:36 3958784 ----a-w- C:\Windows\System32\jscript9.dll2013-04-05 06:50:31 67072 ----a-w- C:\Windows\System32\iesetup.dll2013-04-05 06:50:31 136704 ----a-w- C:\Windows\System32\iesysprep.dll2013-04-05 05:28:24 1767424 ----a-w- C:\Windows\SysWow64\wininet.dll2013-04-05 05:26:26 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll2013-04-05 05:26:21 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll2013-04-05 05:26:21 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll2013-04-05 04:43:00 2706432 ----a-w- C:\Windows\System32\mshtml.tlb2013-04-05 04:29:45 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb2013-04-05 03:51:11 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe2013-04-05 03:38:25 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe2013-04-02 14:09:52 4550656 ----a-w- C:\Windows\SysWow64\GPhotos.scr2013-03-19 06:04:06 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe.============= FINISH: 12:21:12.66 =============== Link to post Share on other sites More sharing options...
frozengamer Posted May 21, 2013 Author ID:682262 Share Posted May 21, 2013 Last - My HOSTS file - which as you can see is quite interesting 127.0.0.1 00aaf101a7.gougava.asia # hosts anti-adware / pups127.0.0.1 08sr.combineads.info # hosts anti-adware / pups127.0.0.1 08srvr.combineads.info # hosts anti-adware / pups127.0.0.1 12srvr.combineads.info # hosts anti-adware / pups127.0.0.1 1a2e115593.efacen.pro # hosts anti-adware / pups127.0.0.1 1f1.fr # hosts anti-adware / pups127.0.0.1 1facebookhackeronline.blogspot.no # hosts anti-adware / pups127.0.0.1 2010-fr.com # hosts anti-adware / pups127.0.0.1 2012-new.biz # hosts anti-adware / pups127.0.0.1 2319825.ourtoolbar.com # hosts anti-adware / pups127.0.0.1 24h00business.com # hosts anti-adware / pups127.0.0.1 33black.porn-quest.net # hosts anti-adware / pups127.0.0.1 4672ee0bc8.laibritec.waw.pl # hosts anti-adware / pups127.0.0.1 4990usd.com # hosts anti-adware / pups127.0.0.1 4xp.com # hosts anti-adware / pups127.0.0.1 74.80.131.123 # hosts anti-adware / pups127.0.0.1 78031d2298.tradorad.waw.pl # hosts anti-adware / pups127.0.0.1 80323fcc6e.starsogor.waw.pl # hosts anti-adware / pups127.0.0.1 888.rahon.org # hosts anti-adware / pups127.0.0.1 8e47c22037.temavi.pro # hosts anti-adware / pups127.0.0.1 94eb028571.eimeefiewe.pisz.pl # hosts anti-adware / pups127.0.0.1 96910cbcd4.nicero.pro # hosts anti-adware / pups127.0.0.1 96fb625592.tysofque.waw.pl:82 # hosts anti-adware / pups127.0.0.1 98eu.info # hosts anti-adware / pups127.0.0.1 ack.cdnperformance.info # hosts anti-adware / pups127.0.0.1 acking.conversionads.com # hosts anti-adware / pups127.0.0.1 a.daasafterdusk.com # hosts anti-adware / pups127.0.0.1 ad.adn360.com # hosts anti-adware / pups127.0.0.1 adeartss.eu # hosts anti-adware / pups127.0.0.1 adesoeasy.eu # hosts anti-adware / pups127.0.0.1 adf.girldatesforfree.net # hosts anti-adware / pups127.0.0.1 adomicileavail.googlepages.com # hosts anti-adware / pups127.0.0.1 ads7.complexadveising.com # hosts anti-adware / pups127.0.0.1 ads.aff.co # hosts anti-adware / pups127.0.0.1 ads.alpha00001.com # hosts anti-adware / pups127.0.0.1 ads.cloud4ads.com # hosts anti-adware / pups127.0.0.1 ads.eorezo.com # hosts anti-adware / pups127.0.0.1 ads.hooqy.com # hosts anti-adware / pups127.0.0.1 ads.icksor.com # hosts anti-adware / pups127.0.0.1 ads.regiedepub.com # hosts anti-adware / pups127.0.0.1 ads.sucomspot.com # hosts anti-adware / pups127.0.0.1 ads.tersecta.com # hosts anti-adware / pups127.0.0.1 aduatnight.com # hosts anti-adware / pups127.0.0.1 adultatnight.com # hosts anti-adware / pups127.0.0.1 adultsextools.com # hosts anti-adware / pups127.0.0.1 a.dungtank.com # hosts anti-adware / pups127.0.0.1 adwareale.com # hosts anti-adware / pups127.0.0.1 aff.foxtab.com # hosts anti-adware / pups127.0.0.1 affilibot.eu # hosts anti-adware / pups127.0.0.1 afhhhfegd.co.cc # hosts anti-adware / pups127.0.0.1 afhhhfegd.co. # hosts anti-adware / pups127.0.0.1 afoula.biz # hosts anti-adware / pups127.0.0.1 agence-exusive.com # hosts anti-adware / pups127.0.0.1 a.juiceknowledge.com # hosts anti-adware / pups127.0.0.1 ak.imgfa.com # hosts anti-adware / pups127.0.0.1 ak.imgfarm.com # hosts anti-adware / pups127.0.0.1 amaranth-plant.ru # hosts anti-adware / pups127.0.0.1 antivirusgratuit.vg # hosts anti-adware / pups127.0.0.1 antivirus.nouvee-version.net # hosts anti-adware / pups127.0.0.1 anygadget.info # hosts anti-adware / pups127.0.0.1 api.downloadmr.com # hosts anti-adware / pups127.0.0.1 api.yontoo.com # hosts anti-adware / pups127.0.0.1 apnmedia.ask.com # hosts anti-adware / pups127.0.0.1 application-eor.net # hosts anti-adware / pups127.0.0.1 application-error.net # hosts anti-adware / pups127.0.0.1 app.media-app.com # hosts anti-adware / pups127.0.0.1 app.offerbox.com # hosts anti-adware / pups127.0.0.1 app.softimizer.com # hosts anti-adware / pups127.0.0.1 app.wideseam6.com # hosts anti-adware / pups127.0.0.1 argentastuce.com # hosts anti-adware / pups127.0.0.1 argent-avail-domicile.fr # hosts anti-adware / pups127.0.0.1 argent-domicile.eu # hosts anti-adware / pups127.0.0.1 argent-vital.com # hosts anti-adware / pups127.0.0.1 ascentive.com # hosts anti-adware / pups127.0.0.1 atelecharger.info # hosts anti-adware / pups127.0.0.1 augmentersesrevenus.pyie.com # hosts anti-adware / pups127.0.0.1 auto-webcash.com # hosts anti-adware / pups127.0.0.1 avaaffic.com # hosts anti-adware / pups127.0.0.1 availchezsoi.onlc.fr # hosts anti-adware / pups127.0.0.1 avail-d-equipe.com # hosts anti-adware / pups127.0.0.1 availleur-a-domicile.com # hosts anti-adware / pups127.0.0.1 avigora.com # hosts anti-adware / pups127.0.0.1 avs4you.com # hosts anti-adware / pups127.0.0.1 bababiz.com # hosts anti-adware / pups127.0.0.1 badusoft.com # hosts anti-adware / pups127.0.0.1 banner.kuliyev.com # hosts anti-adware / pups127.0.0.1 b.bestofmedia.com # hosts anti-adware / pups127.0.0.1 be2.fr # hosts anti-adware / pups127.0.0.1 bestflvplayer.net # hosts anti-adware / pups127.0.0.1 bfd34af056e54c8abcb9dd50862f0b9b.integration.download.conduit-services.com # hosts anti-adware / pups127.0.0.1 bidfun.fr # hosts anti-adware / pups127.0.0.1 bisexywoman.biz # hosts anti-adware / pups127.0.0.1 b.juiceknowledge.com # hosts anti-adware / pups127.0.0.1 blacksxxx.org # hosts anti-adware / pups127.0.0.1 blog.upoharbd.com # hosts anti-adware / pups127.0.0.1 boolu.springjapan.info # hosts anti-adware / pups127.0.0.1 boostersonpc.com # hosts anti-adware / pups127.0.0.1 buzz-france.info # hosts anti-adware / pups127.0.0.1 byteseeder.com # hosts anti-adware / pups127.0.0.1 c756514600.phailifaiy.nysa.pl # hosts anti-adware / pups127.0.0.1 c8783b9ac3.ebafap.pro # hosts anti-adware / pups127.0.0.1 cache-download.real.com # hosts anti-adware / pups127.0.0.1 caefourinternet.com # hosts anti-adware / pups127.0.0.1 cash-avalanches.com # hosts anti-adware / pups127.0.0.1 cash-methodes.be # hosts anti-adware / pups127.0.0.1 cash-professor.com # hosts anti-adware / pups127.0.0.1 casinoonlinecash.org # hosts anti-adware / pups127.0.0.1 cdn.appround.biz # hosts anti-adware / pups127.0.0.1 cdn.bigspeedpro.com # hosts anti-adware / pups127.0.0.1 cdn.bispd.com # hosts anti-adware / pups127.0.0.1 cdn.bisrv.com # hosts anti-adware / pups127.0.0.1 cdn.download.sweetpacks.com # hosts anti-adware / pups127.0.0.1 cdneu.bestflvplayer.net # hosts anti-adware / pups127.0.0.1 cdneu.coolvideoconveer.com # hosts anti-adware / pups127.0.0.1 cdneu.coolvideoconverter.com # hosts anti-adware / pups127.0.0.1 cdneu.driverpackcdn.com # hosts anti-adware / pups127.0.0.1 cdneu.friedcookiescdn.com # hosts anti-adware / pups127.0.0.1 cdneu.onedownloadspot.com # hosts anti-adware / pups127.0.0.1 cdneu.telechargercdn.com # hosts anti-adware / pups127.0.0.1 cdn.guttastatdk.us # hosts anti-adware / pups127.0.0.1 cdn.inskinmedia.com # hosts anti-adware / pups127.0.0.1 cdn.insta.oibundles2.com # hosts anti-adware / pups127.0.0.1 cdn.insta.playbryte.com # hosts anti-adware / pups127.0.0.1 cdn.llogetfastcach.us # hosts anti-adware / pups127.0.0.1 cdn.montiera.com # hosts anti-adware / pups127.0.0.1 cdn.msdwnld.com # hosts anti-adware / pups127.0.0.1 cdn.shyapotato.us # hosts anti-adware / pups127.0.0.1 cdn.solimba.com # hosts anti-adware / pups127.0.0.1 cdn.tuto4pc.com # hosts anti-adware / pups127.0.0.1 cdnus.bestflvplayer.net # hosts anti-adware / pups127.0.0.1 cdnus.coolflvplayer.com # hosts anti-adware / pups127.0.0.1 cdnus.driverpackcdn.com # hosts anti-adware / pups127.0.0.1 cdnus.extrimdownloadmanager.com # hosts anti-adware / pups127.0.0.1 cdnus.ironcdn.com # hosts anti-adware / pups127.0.0.1 cdnus.onedownloadspot.com # hosts anti-adware / pups127.0.0.1 cdnus.telechargercdn.com # hosts anti-adware / pups127.0.0.1 c.download-best-softwares.com # hosts anti-adware / pups127.0.0.1 cen.incredibar.com # hosts anti-adware / pups127.0.0.1 centerblog.net # hosts anti-adware / pups127.0.0.1 cf1.vuze.com # hosts anti-adware / pups127.0.0.1 cfnmhdtube.net # hosts anti-adware / pups127.0.0.1 cfnmhdtube.org # hosts anti-adware / pups127.0.0.1 c-full.info # hosts anti-adware / pups127.0.0.1 checkmate121.com # hosts anti-adware / pups127.0.0.1 chevaux8.free.fr # hosts anti-adware / pups127.0.0.1 choiceadu.com # hosts anti-adware / pups127.0.0.1 choiceadult.com # hosts anti-adware / pups127.0.0.1 cia.mediahubaffiliates.biz # hosts anti-adware / pups127.0.0.1 clubcasino.biz # hosts anti-adware / pups127.0.0.1 c-mediaplayer-2010.com # hosts anti-adware / pups127.0.0.1 cms.distributionengine.conduit-services.com # hosts anti-adware / pups127.0.0.1 coachforlife.info # hosts anti-adware / pups127.0.0.1 commeneussir.com # hosts anti-adware / pups127.0.0.1 comment-gagner-argent-internet.fr # hosts anti-adware / pups127.0.0.1 content.sweetim.com # hosts anti-adware / pups127.0.0.1 couplefree.com # hosts anti-adware / pups127.0.0.1 cpafixadvertiser.info # hosts anti-adware / pups127.0.0.1 cp.tuguu.com # hosts anti-adware / pups127.0.0.1 crakkkus.tk # hosts anti-adware / pups127.0.0.1 crazyspandacasino.com # hosts anti-adware / pups127.0.0.1 create-ringtones.com # hosts anti-adware / pups127.0.0.1 cs.adxpansion.com # hosts anti-adware / pups127.0.0.1 c.vg # hosts anti-adware / pups127.0.0.1 d1m9ge5vns34so.oudfront.net # hosts anti-adware / pups127.0.0.1 d1w467en2eqqh2.oudfront.net # hosts anti-adware / pups127.0.0.1 d2qsma9t6l5kt7.oudfront.net # hosts anti-adware / pups127.0.0.1 d30p0quhwpvm.cloudfront.net # hosts anti-adware / pups127.0.0.1 d61.newplaysite.com # hosts anti-adware / pups127.0.0.1 d62.newplaysite.com # hosts anti-adware / pups127.0.0.1 d63.newplaysite.com # hosts anti-adware / pups127.0.0.1 d64.newplaysite.com # hosts anti-adware / pups127.0.0.1 d71.newplaysite.com # hosts anti-adware / pups127.0.0.1 d74.newplaysite.com # hosts anti-adware / pups127.0.0.1 dagence.com # hosts anti-adware / pups127.0.0.1 data.downloadstaer.net # hosts anti-adware / pups127.0.0.1 data.oa-software.com # hosts anti-adware / pups127.0.0.1 datefks.info # hosts anti-adware / pups127.0.0.1 dating-adult-sex.com # hosts anti-adware / pups127.0.0.1 dating-club.biz # hosts anti-adware / pups127.0.0.1 dating.marmaladepark.com # hosts anti-adware / pups127.0.0.1 datingpoland.com # hosts anti-adware / pups127.0.0.1 datingsitenow.com # hosts anti-adware / pups127.0.0.1 dating.voltesempre.org # hosts anti-adware / pups127.0.0.1 db.nordicx.net # hosts anti-adware / pups127.0.0.1 db.prepay-africa.com # hosts anti-adware / pups127.0.0.1 dde.integration.storage.conduit-services.com # hosts anti-adware / pups127.0.0.1 dec.pcvideosfreedownload.com # hosts anti-adware / pups127.0.0.1 delargenapide.canalblog.com # hosts anti-adware / pups127.0.0.1 delivery.afficbroker.com # hosts anti-adware / pups127.0.0.1 delta.goforfiles.com # hosts anti-adware / pups127.0.0.1 depanne-pc.com # hosts anti-adware / pups127.0.0.1 depanne-pc.info # hosts anti-adware / pups127.0.0.1 dereteweret.org # hosts anti-adware / pups127.0.0.1 dev.oud4pc.com # hosts anti-adware / pups127.0.0.1 dfast.us # hosts anti-adware / pups127.0.0.1 dfc.mediaformatconverter.com # hosts anti-adware / pups127.0.0.1 d.freevideosfordownload.com # hosts anti-adware / pups127.0.0.1 dfr.eorezo.com # hosts anti-adware / pups127.0.0.1 dhc.freewindowsmediaconverter.com # hosts anti-adware / pups127.0.0.1 direct.excellerater.com # hosts anti-adware / pups127.0.0.1 dl01.socdn.com # hosts anti-adware / pups127.0.0.1 dl6.iq7download.com # hosts anti-adware / pups127.0.0.1 dl.babylon.com # hosts anti-adware / pups127.0.0.1 dl.cdn-services.com # hosts anti-adware / pups127.0.0.1 dlfr.tuto4pc.com # hosts anti-adware / pups127.0.0.1 dl.instaiq.com # hosts anti-adware / pups127.0.0.1 dlmanager.net # hosts anti-adware / pups127.0.0.1 dl-plugin.com # hosts anti-adware / pups127.0.0.1 dls.nicdls.com # hosts anti-adware / pups127.0.0.1 dls.softgratuit.com # hosts anti-adware / pups127.0.0.1 dls.softlate.com # hosts anti-adware / pups127.0.0.1 dl.v2.domaiq.com # hosts anti-adware / pups127.0.0.1 dn.download-manage.com # hosts anti-adware / pups127.0.0.1 dnld.instacore.com # hosts anti-adware / pups127.0.0.1 dofus-kamas.net # hosts anti-adware / pups127.0.0.1 domaiq.com # hosts anti-adware / pups127.0.0.1 downlesoft.com # hosts anti-adware / pups127.0.0.1 download2.us # hosts anti-adware / pups127.0.0.1 downloadcdn.beerinstaller.com # hosts anti-adware / pups127.0.0.1 downloadcdn.betterinstaller.com # hosts anti-adware / pups127.0.0.1 downloadcdn.betterinstaller.com # hosts anti-adware / pups127.0.0.1 downloadcdn.filebulldog.com # hosts anti-adware / pups127.0.0.1 download.cdn.ftalk.com # hosts anti-adware / pups127.0.0.1 download.cdn.imesh.com # hosts anti-adware / pups127.0.0.1 download.cdn.koyotesoft.com # hosts anti-adware / pups127.0.0.1 download.cdnperfoance.info # hosts anti-adware / pups127.0.0.1 download.cdnperformance.info # hosts anti-adware / pups127.0.0.1 download.cdn.torchbrowser.com # hosts anti-adware / pups127.0.0.1 do-wn-lo-ad.com # hosts anti-adware / pups127.0.0.1 download.fr.filewin.com # hosts anti-adware / pups127.0.0.1 download.fuzezip.com # hosts anti-adware / pups127.0.0.1 download.ilivid.com # hosts anti-adware / pups127.0.0.1 download.imesh.com # hosts anti-adware / pups127.0.0.1 download.instabrain.com # hosts anti-adware / pups127.0.0.1 download.ircfast.com # hosts anti-adware / pups127.0.0.1 download.jzip.com # hosts anti-adware / pups127.0.0.1 download.loipop-network.com # hosts anti-adware / pups127.0.0.1 download.lollipop-network.com # hosts anti-adware / pups127.0.0.1 downloadsecurise.com # hosts anti-adware / pups127.0.0.1 download.shoptowin.net # hosts anti-adware / pups127.0.0.1 downloads.malavida.net # hosts anti-adware / pups127.0.0.1 downloadsoftfr.com # hosts anti-adware / pups127.0.0.1 download.softiglu.com # hosts anti-adware / pups127.0.0.1 download.telechargers.net # hosts anti-adware / pups127.0.0.1 download.televisionfanatic.com # hosts anti-adware / pups127.0.0.1 download.toggle.com # hosts anti-adware / pups127.0.0.1 download.wajam.com # hosts anti-adware / pups127.0.0.1 download.winds10.com # hosts anti-adware / pups127.0.0.1 driverutilities.com # hosts anti-adware / pups127.0.0.1 dt3j8jg8ei6zr.oudfront.net # hosts anti-adware / pups127.0.0.1 durable.com # hosts anti-adware / pups127.0.0.1 e446c146c2.artrardf.su # hosts anti-adware / pups127.0.0.1 easyformulaforsuccess.org # hosts anti-adware / pups127.0.0.1 easyfoulaforsuccess.org # hosts anti-adware / pups127.0.0.1 ebook-generation.com # hosts anti-adware / pups127.0.0.1 ebooks-reussite.com # hosts anti-adware / pups127.0.0.1 eee791ae0f.iffica.waw.pl # hosts anti-adware / pups127.0.0.1 egirlsex.com # hosts anti-adware / pups127.0.0.1 egisex.com # hosts anti-adware / pups127.0.0.1 elecharger.superfiles.com # hosts anti-adware / pups127.0.0.1 enigmasoftware.com # hosts anti-adware / pups127.0.0.1 eorezo.com # hosts anti-adware / pups127.0.0.1 ero-odnoklassniki.info # hosts anti-adware / pups127.0.0.1 eu.paydaycashloanadvancea2478.com # hosts anti-adware / pups127.0.0.1 explorer-2010.com # hosts anti-adware / pups127.0.0.1 facebookmotdepasse.blogspot.fr # hosts anti-adware / pups127.0.0.1 facebook-piraters.blogspot.fr # hosts anti-adware / pups127.0.0.1 facenouf.com # hosts anti-adware / pups127.0.0.1 fafrenzyforwindows.com # hosts anti-adware / pups127.0.0.1 farmfrenzyforwindows.com # hosts anti-adware / pups127.0.0.1 fatihkocyigit.com.tr # hosts anti-adware / pups127.0.0.1 fedrekpolik.org # hosts anti-adware / pups127.0.0.1 feed.extremelyorange.com # hosts anti-adware / pups127.0.0.1 feed.gadarnews.com # hosts anti-adware / pups127.0.0.1 fetolbus.ru # hosts anti-adware / pups127.0.0.1 ff.conduit-download.com # hosts anti-adware / pups127.0.0.1 fichier1.easycommander.com # hosts anti-adware / pups127.0.0.1 file-exactor.com # hosts anti-adware / pups127.0.0.1 files123321.uk.to # hosts anti-adware / pups127.0.0.1 files.download1ick.ws # hosts anti-adware / pups127.0.0.1 files.iranapps.com # hosts anti-adware / pups127.0.0.1 files.vaultnoir.com # hosts anti-adware / pups127.0.0.1 find2download.fr # hosts anti-adware / pups127.0.0.1 flexweb.getyoursoft.com # hosts anti-adware / pups127.0.0.1 flintporn.com # hosts anti-adware / pups127.0.0.1 flirtube.com # hosts anti-adware / pups127.0.0.1 flvmplayer.com # hosts anti-adware / pups127.0.0.1 flvmplayer.s3-website-us-east-1.amazonaws.com # hosts anti-adware / pups127.0.0.1 fmccijsu.changeip.org # hosts anti-adware / pups127.0.0.1 founeacademie.com # hosts anti-adware / pups127.0.0.1 francais.babylon.com # hosts anti-adware / pups127.0.0.1 fr.ask.com # hosts anti-adware / pups127.0.0.1 freeaddons.free.fr # hosts anti-adware / pups127.0.0.1 freecompressor.com # hosts anti-adware / pups127.0.0.1 freecensoredvidz.org # hosts anti-adware / pups127.0.0.1 freemomsexxx7.com # hosts anti-adware / pups127.0.0.1 french.ircfast.com # hosts anti-adware / pups127.0.0.1 fr.excite.eu # hosts anti-adware / pups127.0.0.1 fr.iminent.com # hosts anti-adware / pups127.0.0.1 fr.malavida.com # hosts anti-adware / pups127.0.0.1 fr.phreat.com # hosts anti-adware / pups127.0.0.1 fr.smeet.com # hosts anti-adware / pups127.0.0.1 fr.winds10.com # hosts anti-adware / pups127.0.0.1 ftp2solls.org # hosts anti-adware / pups127.0.0.1 functionjs.com # hosts anti-adware / pups127.0.0.1 functionjs.com # hosts anti-adware / pups127.0.0.1 fupackcodecs.com # hosts anti-adware / pups127.0.0.1 fupackvista.com # hosts anti-adware / pups127.0.0.1 gagner-argent.blog4ever.com # hosts anti-adware / pups127.0.0.1 gagnerargent.blog4ever.com # hosts anti-adware / pups127.0.0.1 gagner-argent-domicile.be # hosts anti-adware / pups127.0.0.1 gagnerargentnet.canalblog.com # hosts anti-adware / pups127.0.0.1 gagner-de-l-argent-facile.net # hosts anti-adware / pups127.0.0.1 gagner-de-l-argent.org # hosts anti-adware / pups127.0.0.1 gagner-du-temps.eu # hosts anti-adware / pups127.0.0.1 gagner-facile.net # hosts anti-adware / pups127.0.0.1 gagner-rapidemen.ifrance.com # hosts anti-adware / pups127.0.0.1 gagner-rapidement.ifrance.com # hosts anti-adware / pups127.0.0.1 gains-complementaires.com # hosts anti-adware / pups127.0.0.1 gamedue.fr # hosts anti-adware / pups127.0.0.1 gamepoluss.eu # hosts anti-adware / pups127.0.0.1 gamesxite.com # hosts anti-adware / pups127.0.0.1 ganerecker.com # hosts anti-adware / pups127.0.0.1 gapokga.com # hosts anti-adware / pups127.0.0.1 gask.samo-project.com # hosts anti-adware / pups127.0.0.1 gefendok.org # hosts anti-adware / pups127.0.0.1 getfreemediaonline.com # hosts anti-adware / pups127.0.0.1 gilikesex.com # hosts anti-adware / pups127.0.0.1 gimp.soft32.fr # hosts anti-adware / pups127.0.0.1 ging8.com # hosts anti-adware / pups127.0.0.1 ginyas.com # hosts anti-adware / pups127.0.0.1 girllikesex.com # hosts anti-adware / pups127.0.0.1 giuna.info # hosts anti-adware / pups127.0.0.1 glamorousgirl.net # hosts anti-adware / pups127.0.0.1 glamorous-girls-models.net # hosts anti-adware / pups127.0.0.1 glamorous-girls.net # hosts anti-adware / pups127.0.0.1 glamorous-model.com # hosts anti-adware / pups127.0.0.1 glamorousmodelsgirl.net # hosts anti-adware / pups127.0.0.1 glamorous-models-girls.com # hosts anti-adware / pups127.0.0.1 gogo20.cusi.fr # hosts anti-adware / pups127.0.0.1 go.goforfiles.com # hosts anti-adware / pups127.0.0.1 goldaa.com # hosts anti-adware / pups127.0.0.1 gooofu.com # hosts anti-adware / pups127.0.0.1 go.tvnoop.com # hosts anti-adware / pups127.0.0.1 gratisporno69.info # hosts anti-adware / pups127.0.0.1 greattubeporn.com # hosts anti-adware / pups127.0.0.1 gudfaj.info # hosts anti-adware / pups127.0.0.1 h4r3.hopto.org # hosts anti-adware / pups127.0.0.1 hit.afficholder.com # hosts anti-adware / pups127.0.0.1 hit-sex.com # hosts anti-adware / pups127.0.0.1 hit-sex.com # hosts anti-adware / pups127.0.0.1 homemadempegs.com # hosts anti-adware / pups127.0.0.1 homevideonews.biz # hosts anti-adware / pups127.0.0.1 hotandfreeporno.net # hosts anti-adware / pups127.0.0.1 hotporngirls.com # hosts anti-adware / pups127.0.0.1 hotporngis.com # hosts anti-adware / pups127.0.0.1 hotxxx-gi.com # hosts anti-adware / pups127.0.0.1 hotxxx-girl.com # hosts anti-adware / pups127.0.0.1 hpm.tbm-ntwk.com # hosts anti-adware / pups127.0.0.1 http://www.telecharger.org # hosts anti-adware / pups127.0.0.1 icargent.com # hosts anti-adware / pups127.0.0.1 ic.illyx.com # hosts anti-adware / pups127.0.0.1 ie.conduit-download.com # hosts anti-adware / pups127.0.0.1 ie.dealply.com # hosts anti-adware / pups127.0.0.1 igvau.fr # hosts anti-adware / pups127.0.0.1 imesh.com # hosts anti-adware / pups127.0.0.1 img.planetsappho.net # hosts anti-adware / pups127.0.0.1 imvux.com # hosts anti-adware / pups127.0.0.1 index.myftp.org # hosts anti-adware / pups127.0.0.1 insta2.optimum-installer.com # hosts anti-adware / pups127.0.0.1 insta.blamcity.com # hosts anti-adware / pups127.0.0.1 instaer.betterinstaller.com # hosts anti-adware / pups127.0.0.1 instaer.filebulldog.com # hosts anti-adware / pups127.0.0.1 insta.iminent.com # hosts anti-adware / pups127.0.0.1 installer.betterinstaller.com # hosts anti-adware / pups127.0.0.1 installer.filebulldog.com # hosts anti-adware / pups127.0.0.1 installertechcontent.com # hosts anti-adware / pups127.0.0.1 install.outbrowse.com # hosts anti-adware / pups127.0.0.1 insta.optimum-installer.com # hosts anti-adware / pups127.0.0.1 insta.optimuminstaller.com # hosts anti-adware / pups127.0.0.1 institut-dulac.com # hosts anti-adware / pups127.0.0.1 interdescargas.com # hosts anti-adware / pups127.0.0.1 iogiciel.com # hosts anti-adware / pups127.0.0.1 ip.freepiv.net # hosts anti-adware / pups127.0.0.1 iyx.co # hosts anti-adware / pups127.0.0.1 jdownloader.org # hosts anti-adware / pups127.0.0.1 jeboost.com # hosts anti-adware / pups127.0.0.1 je-mange-et-je-maigris.com # hosts anti-adware / pups127.0.0.1 jlyxe.changeip.name # hosts anti-adware / pups127.0.0.1 jscontent.com # hosts anti-adware / pups127.0.0.1 jshref.com # hosts anti-adware / pups127.0.0.1 jsmeta.com # hosts anti-adware / pups127.0.0.1 kiyure.com # hosts anti-adware / pups127.0.0.1 koyotstar.free.fr # hosts anti-adware / pups127.0.0.1 krupse.info # hosts anti-adware / pups127.0.0.1 kuyqen.info # hosts anti-adware / pups127.0.0.1 landing.etype.com # hosts anti-adware / pups127.0.0.1 lcstatx.dallasdroidapps.com # hosts anti-adware / pups127.0.0.1 lecoindesinsiders.com # hosts anti-adware / pups127.0.0.1 le-dire.tv # hosts anti-adware / pups127.0.0.1 lerwik.info # hosts anti-adware / pups127.0.0.1 lesexgir.com # hosts anti-adware / pups127.0.0.1 lestutoriels-enarchives.com # hosts anti-adware / pups127.0.0.1 lesvirus.fr # hosts anti-adware / pups127.0.0.1 linkfixerplus.com # hosts anti-adware / pups127.0.0.1 linkmeee.com # hosts anti-adware / pups127.0.0.1 lishros.info # hosts anti-adware / pups127.0.0.1 live-casino-online.org # hosts anti-adware / pups127.0.0.1 live-sex-x.com # hosts anti-adware / pups127.0.0.1 load.keygendb.net # hosts anti-adware / pups127.0.0.1 load.scanscout.com # hosts anti-adware / pups127.0.0.1 logi-secure.eu # hosts anti-adware / pups127.0.0.1 lollipoporno.org # hosts anti-adware / pups127.0.0.1 lp.ick2saveapp.com # hosts anti-adware / pups127.0.0.1 lp.ilivid.com # hosts anti-adware / pups127.0.0.1 lp.imesh.com # hosts anti-adware / pups127.0.0.1 lp.sweetim.com # hosts anti-adware / pups127.0.0.1 lp.torchbrowser.com # hosts anti-adware / pups127.0.0.1 lsdgroupg.com # hosts anti-adware / pups127.0.0.1 luda9wmsiteza.eu # hosts anti-adware / pups127.0.0.1 lunarnewyearhouston.com # hosts anti-adware / pups127.0.0.1 lyotir.info # hosts anti-adware / pups127.0.0.1 maosvonring.net # hosts anti-adware / pups127.0.0.1 maprado.com # hosts anti-adware / pups127.0.0.1 mariavoyance.com # hosts anti-adware / pups127.0.0.1 mariins.com # hosts anti-adware / pups127.0.0.1 matureagent.com # hosts anti-adware / pups127.0.0.1 matureboytubes.com # hosts anti-adware / pups127.0.0.1 maturepornxtube.com # hosts anti-adware / pups127.0.0.1 max-adult-tube.com # hosts anti-adware / pups127.0.0.1 max-adu-tube.com # hosts anti-adware / pups127.0.0.1 media-app.com # hosts anti-adware / pups127.0.0.1 media.comesvita.com.es # hosts anti-adware / pups127.0.0.1 mediaplayer-codecpack.com # hosts anti-adware / pups127.0.0.1 media-player-helper.com # hosts anti-adware / pups127.0.0.1 media.pussycash.com # hosts anti-adware / pups127.0.0.1 medicumnnova.eu # hosts anti-adware / pups127.0.0.1 medvenerologsz.eu # hosts anti-adware / pups127.0.0.1 meetandlovesz.eu # hosts anti-adware / pups127.0.0.1 mega-cool-bonus.org # hosts anti-adware / pups127.0.0.1 megoads.eu # hosts anti-adware / pups127.0.0.1 messenger.descargar.es # hosts anti-adware / pups127.0.0.1 methode-cash.com # hosts anti-adware / pups127.0.0.1 methodegagnante.com # hosts anti-adware / pups127.0.0.1 mfd.malavida.com # hosts anti-adware / pups127.0.0.1 mflashplayer.com # hosts anti-adware / pups127.0.0.1 mfzplecp.changeip.name # hosts anti-adware / pups127.0.0.1 milfscunt.com # hosts anti-adware / pups127.0.0.1 mires.eorezo.com # hosts anti-adware / pups127.0.0.1 mirfr.eorezo.com # hosts anti-adware / pups127.0.0.1 mn.babcdn.com # hosts anti-adware / pups127.0.0.1 moneywin24.biz # hosts anti-adware / pups127.0.0.1 monij.info # hosts anti-adware / pups127.0.0.1 muibar.me # hosts anti-adware / pups127.0.0.1 mysexpalace.com # hosts anti-adware / pups127.0.0.1 need4video.com # hosts anti-adware / pups127.0.0.1 neo-bux.fr # hosts anti-adware / pups127.0.0.1 new-2011.net # hosts anti-adware / pups127.0.0.1 new-2012.net # hosts anti-adware / pups127.0.0.1 new-club-casino.org # hosts anti-adware / pups127.0.0.1 newt7.aduadworld.com # hosts anti-adware / pups127.0.0.1 new-windows7.com # hosts anti-adware / pups127.0.0.1 nocghnr.changeip.org # hosts anti-adware / pups127.0.0.1 nomeraodessas.eu # hosts anti-adware / pups127.0.0.1 nopebivernmss.eu # hosts anti-adware / pups127.0.0.1 noproblemss.eu # hosts anti-adware / pups127.0.0.1 nude-passion.com # hosts anti-adware / pups127.0.0.1 obdurp.info # hosts anti-adware / pups127.0.0.1 offagnopz.changeip.name # hosts anti-adware / pups127.0.0.1 offers.avazuscd.net # hosts anti-adware / pups127.0.0.1 offre-surprise.com # hosts anti-adware / pups127.0.0.1 ogpal.com # hosts anti-adware / pups127.0.0.1 ojan-killer.net # hosts anti-adware / pups127.0.0.1 onedownloadspot.com # hosts anti-adware / pups127.0.0.1 opalki.info # hosts anti-adware / pups127.0.0.1 opasi.com # hosts anti-adware / pups127.0.0.1 osbasedreceiva.pl # hosts anti-adware / pups127.0.0.1 os.coolvideoconverter.com # hosts anti-adware / pups127.0.0.1 oud4pc.com # hosts anti-adware / pups127.0.0.1 out.popads.net # hosts anti-adware / pups127.0.0.1 pageerror-download.com # hosts anti-adware / pups127.0.0.1 pair.homecomputerrepair.ca # hosts anti-adware / pups127.0.0.1 pcpitstop.com # hosts anti-adware / pups127.0.0.1 pctuto.com # hosts anti-adware / pups127.0.0.1 pdf-reader-eator.com # hosts anti-adware / pups127.0.0.1 phprocket.net # hosts anti-adware / pups127.0.0.1 phytolabel.com # hosts anti-adware / pups127.0.0.1 phytolabel.fr # hosts anti-adware / pups127.0.0.1 pikkolorgy.org # hosts anti-adware / pups127.0.0.1 pio-data2.info # hosts anti-adware / pups127.0.0.1 planscools.fr # hosts anti-adware / pups127.0.0.1 playgil.org # hosts anti-adware / pups127.0.0.1 plugnrex.info # hosts anti-adware / pups127.0.0.1 plusrichedemain.fr # hosts anti-adware / pups127.0.0.1 pnads.com # hosts anti-adware / pups127.0.0.1 pognonfacile.com # hosts anti-adware / pups127.0.0.1 p.online-hd.tv # hosts anti-adware / pups127.0.0.1 popander.mobi # hosts anti-adware / pups127.0.0.1 pornoinpark.net # hosts anti-adware / pups127.0.0.1 pornoow.com # hosts anti-adware / pups127.0.0.1 pornotube.grangnp.com # hosts anti-adware / pups127.0.0.1 promoution231.ru # hosts anti-adware / pups127.0.0.1 promo.vador.com # hosts anti-adware / pups127.0.0.1 proteorlb-1556088852.us-east-1.elb.amazonaws.com # hosts anti-adware / pups127.0.0.1 pu.plugrush.com # hosts anti-adware / pups127.0.0.1 purebot2.sytes.net # hosts anti-adware / pups127.0.0.1 push.ping.com # hosts anti-adware / pups127.0.0.1 puto.com # hosts anti-adware / pups127.0.0.1 qiweol.info # hosts anti-adware / pups127.0.0.1 quad-anti-spyware.com # hosts anti-adware / pups127.0.0.1 quad-eaner.com # hosts anti-adware / pups127.0.0.1 quadriviuma.eu # hosts anti-adware / pups127.0.0.1 qualityhqporn.com # hosts anti-adware / pups127.0.0.1 quegeek.com # hosts anti-adware / pups127.0.0.1 qumxav.changeip.name # hosts anti-adware / pups127.0.0.1 qwe.goforfiles.com # hosts anti-adware / pups127.0.0.1 real-boardsz.eu # hosts anti-adware / pups127.0.0.1 real-cenesz.eu # hosts anti-adware / pups127.0.0.1 real-centresz.eu # hosts anti-adware / pups127.0.0.1 redir.ballysbs.com # hosts anti-adware / pups127.0.0.1 redirect.ad-feeds.net # hosts anti-adware / pups127.0.0.1 reedomparty.com # hosts anti-adware / pups127.0.0.1 reedompay.com # hosts anti-adware / pups127.0.0.1 regarder-tv.com # hosts anti-adware / pups127.0.0.1 regisybooster2010.fr # hosts anti-adware / pups127.0.0.1 regisyonwindows.com # hosts anti-adware / pups127.0.0.1 regisywinner.com # hosts anti-adware / pups127.0.0.1 reimage.com # hosts anti-adware / pups127.0.0.1 repair-my-pc.info # hosts anti-adware / pups127.0.0.1 repair-pc-eors.info # hosts anti-adware / pups127.0.0.1 repare-internet-explorer.com # hosts anti-adware / pups127.0.0.1 reparer-windowsvista.com # hosts anti-adware / pups127.0.0.1 reparer-windowsxp.com # hosts anti-adware / pups127.0.0.1 reparez-internet-explorer.com # hosts anti-adware / pups127.0.0.1 reparez-windows.com # hosts anti-adware / pups127.0.0.1 reparez-windows.info # hosts anti-adware / pups127.0.0.1 reparez-windows-vista.com # hosts anti-adware / pups127.0.0.1 reparez-windows-xp.com # hosts anti-adware / pups127.0.0.1 rester-anquile.com # hosts anti-adware / pups127.0.0.1 reussiteaffiliation.com # hosts anti-adware / pups127.0.0.1 rezinovsap.co.cc # hosts anti-adware / pups127.0.0.1 rezinovsap.co. # hosts anti-adware / pups127.0.0.1 ron.protectorwide.asia # hosts anti-adware / pups127.0.0.1 rpc.hitexchangeserver.com # hosts anti-adware / pups127.0.0.1 rp.funmoodscdn.com # hosts anti-adware / pups127.0.0.1 rp.telechargercdn.com # hosts anti-adware / pups127.0.0.1 rztube.com # hosts anti-adware / pups127.0.0.1 s58036.gridserver.com # hosts anti-adware / pups127.0.0.1 samcro.fr # hosts anti-adware / pups127.0.0.1 satch2cash.com # hosts anti-adware / pups127.0.0.1 scache.regiedepub.com # hosts anti-adware / pups127.0.0.1 scriptsname.com # hosts anti-adware / pups127.0.0.1 sdgsdgsdg.at.tf # hosts anti-adware / pups127.0.0.1 search.babylon.com # hosts anti-adware / pups127.0.0.1 searchqu.com # hosts anti-adware / pups127.0.0.1 sec-france.info # hosts anti-adware / pups127.0.0.1 securelinkdownload.com # hosts anti-adware / pups127.0.0.1 securisedownload.com # hosts anti-adware / pups127.0.0.1 seet-internet.com # hosts anti-adware / pups127.0.0.1 semsols123.comodo.revenuewire.net # hosts anti-adware / pups127.0.0.1 semsols123.comodo.safeca.com # hosts anti-adware / pups127.0.0.1 servicemap.conduit-services.com # hosts anti-adware / pups127.0.0.1 service.yontoo.com # hosts anti-adware / pups127.0.0.1 serw2.chujon.info # hosts anti-adware / pups127.0.0.1 serw.icksor.com # hosts anti-adware / pups127.0.0.1 serw.lunjli.info # hosts anti-adware / pups127.0.0.1 serw.schworis.com # hosts anti-adware / pups127.0.0.1 setup2.iminent.com # hosts anti-adware / pups127.0.0.1 sexanaltube.com # hosts anti-adware / pups127.0.0.1 sex-here.com # hosts anti-adware / pups127.0.0.1 sex-lites.com # hosts anti-adware / pups127.0.0.1 sexopartynow.biz # hosts anti-adware / pups127.0.0.1 sexsweetie.com # hosts anti-adware / pups127.0.0.1 sexvamnet.com # hosts anti-adware / pups127.0.0.1 sexvideofile.com # hosts anti-adware / pups127.0.0.1 sexvideomix.biz # hosts anti-adware / pups127.0.0.1 sexwetgirls.com # hosts anti-adware / pups127.0.0.1 sexwetgis.com # hosts anti-adware / pups127.0.0.1 sexwu.com # hosts anti-adware / pups127.0.0.1 sexycats18yearme.com # hosts anti-adware / pups127.0.0.1 sexysatan.com # hosts anti-adware / pups127.0.0.1 sexywally.com # hosts anti-adware / pups127.0.0.1 sexyway.com # hosts anti-adware / pups127.0.0.1 siterusza.eu # hosts anti-adware / pups127.0.0.1 skype.telecharger-france.com # hosts anti-adware / pups127.0.0.1 slotonlinecasino.org # hosts anti-adware / pups127.0.0.1 sms-rostovs.eu # hosts anti-adware / pups127.0.0.1 socialmediahelpme.info # hosts anti-adware / pups127.0.0.1 soft-2011.com # hosts anti-adware / pups127.0.0.1 soft2pcfr.com # hosts anti-adware / pups127.0.0.1 soft4click.com # hosts anti-adware / pups127.0.0.1 soft.foxtab.com # hosts anti-adware / pups127.0.0.1 softgratuit.com # hosts anti-adware / pups127.0.0.1 softigloo.com # hosts anti-adware / pups127.0.0.1 softingo.com # hosts anti-adware / pups127.0.0.1 softmor.org # hosts anti-adware / pups127.0.0.1 soft.tc # hosts anti-adware / pups127.0.0.1 soft.telecharger.com # hosts anti-adware / pups127.0.0.1 software.cdnredire01.info # hosts anti-adware / pups127.0.0.1 softwareprovisioning.com # hosts anti-adware / pups127.0.0.1 softwares.the-ad.net # hosts anti-adware / pups127.0.0.1 software.the-ad.net # hosts anti-adware / pups127.0.0.1 solutionsmiions.com # hosts anti-adware / pups127.0.0.1 sondages-remuneres.net # hosts anti-adware / pups127.0.0.1 spamfighter.com # hosts anti-adware / pups127.0.0.1 speedmaxpc.com # hosts anti-adware / pups127.0.0.1 spoau.com # hosts anti-adware / pups127.0.0.1 spybotseah-full.info # hosts anti-adware / pups127.0.0.1 spynomore.com # hosts anti-adware / pups127.0.0.1 spywareremove.com # hosts anti-adware / pups127.0.0.1 static.bicdn.com # hosts anti-adware / pups127.0.0.1 static.v2.madodls.com # hosts anti-adware / pups127.0.0.1 step.yourfiledownloader.com # hosts anti-adware / pups127.0.0.1 storage.conduit.com # hosts anti-adware / pups127.0.0.1 storagenl.info # hosts anti-adware / pups127.0.0.1 stp.babylon.com # hosts anti-adware / pups127.0.0.1 stream-actu.com # hosts anti-adware / pups127.0.0.1 streaming-direct.tv # hosts anti-adware / pups127.0.0.1 streaming-vlc.com # hosts anti-adware / pups127.0.0.1 suesliberte.net # hosts anti-adware / pups127.0.0.1 suppo0070.homelinux.com # hosts anti-adware / pups127.0.0.1 suppo211.dnsalias.com # hosts anti-adware / pups127.0.0.1 suppo533333.homelinux.net # hosts anti-adware / pups127.0.0.1 suppo8881.homelinux.com # hosts anti-adware / pups127.0.0.1 support0070.homelinux.com # hosts anti-adware / pups127.0.0.1 support211.dnsalias.com # hosts anti-adware / pups127.0.0.1 support533333.homelinux.net # hosts anti-adware / pups127.0.0.1 support8881.homelinux.com # hosts anti-adware / pups127.0.0.1 supprimeevirus.blogspot.com # hosts anti-adware / pups127.0.0.1 supprimeevirus.blogspot.fr # hosts anti-adware / pups127.0.0.1 supprimer-spyware.com # hosts anti-adware / pups127.0.0.1 sweethoneysexbaby.com # hosts anti-adware / pups127.0.0.1 swetkittyxxx.biz # hosts anti-adware / pups127.0.0.1 sybiedejanville.com # hosts anti-adware / pups127.0.0.1 tarhankyte.info # hosts anti-adware / pups127.0.0.1 telecharger-0.driverutilities.com # hosts anti-adware / pups127.0.0.1 telecharger-2012.com # hosts anti-adware / pups127.0.0.1 telecharger-gratuit.com # hosts anti-adware / pups127.0.0.1 telecharger.logiciel.net # hosts anti-adware / pups127.0.0.1 tele-charger.org # hosts anti-adware / pups127.0.0.1 telecharger.toggle.com # hosts anti-adware / pups127.0.0.1 test.auvixa.com # hosts anti-adware / pups127.0.0.1 test.rooferslongislandroofing.com # hosts anti-adware / pups127.0.0.1 the0606.com # hosts anti-adware / pups127.0.0.1 thebestonlinecasino.org # hosts anti-adware / pups127.0.0.1 theparadiseisland.net # hosts anti-adware / pups127.0.0.1 tioblipla.com # hosts anti-adware / pups127.0.0.1 todownloadcdn.com # hosts anti-adware / pups127.0.0.1 top-2011.com # hosts anti-adware / pups127.0.0.1 top-2012.com # hosts anti-adware / pups127.0.0.1 top-regisy-cleaner.net # hosts anti-adware / pups127.0.0.1 totaediaconverter-u.com # hosts anti-adware / pups127.0.0.1 totalmediaconverter-u.com # hosts anti-adware / pups127.0.0.1 totalmediaconverter-u.com # hosts anti-adware / pups127.0.0.1 trackstatsnow.com # hosts anti-adware / pups127.0.0.1 tradeartss.eu # hosts anti-adware / pups127.0.0.1 trafficadward.homelinux.com # hosts anti-adware / pups127.0.0.1 truitow.info # hosts anti-adware / pups127.0.0.1 tube4free.zorfu.com # hosts anti-adware / pups127.0.0.1 tuheyds.changeip.name # hosts anti-adware / pups127.0.0.1 tuto4pc.com # hosts anti-adware / pups127.0.0.1 tutoriales100.com # hosts anti-adware / pups127.0.0.1 tv-dire.fr # hosts anti-adware / pups127.0.0.1 tviexpress-france.com # hosts anti-adware / pups127.0.0.1 tvuzz.com # hosts anti-adware / pups127.0.0.1 tweaks-soft.com # hosts anti-adware / pups127.0.0.1 ub-positif.com # hosts anti-adware / pups127.0.0.1 ude.conduit-data.com # hosts anti-adware / pups127.0.0.1 uitow.info # hosts anti-adware / pups127.0.0.1 uniblue.com # hosts anti-adware / pups127.0.0.1 universal-downloader.en.softonic.com # hosts anti-adware / pups127.0.0.1 universal-downloader.softonic.fr # hosts anti-adware / pups127.0.0.1 up.lollipop-network.com # hosts anti-adware / pups127.0.0.1 uprsimy.changeip.org # hosts anti-adware / pups127.0.0.1 usage.toolbar.conduit-services.com # hosts anti-adware / pups127.0.0.1 us.mambasextube.com # hosts anti-adware / pups127.0.0.1 us-vegascasino.org # hosts anti-adware / pups127.0.0.1 utoent-net.info # hosts anti-adware / pups127.0.0.1 utorrent.portalux.com # hosts anti-adware / pups127.0.0.1 uwjem.info # hosts anti-adware / pups127.0.0.1 vatsonandson.uk.to # hosts anti-adware / pups127.0.0.1 vechernieb.co.cc # hosts anti-adware / pups127.0.0.1 vechernieb.co. # hosts anti-adware / pups127.0.0.1 version.etype.com # hosts anti-adware / pups127.0.0.1 viccpm03.victoryproads.com # hosts anti-adware / pups127.0.0.1 viccpm08.victoryproads.com # hosts anti-adware / pups127.0.0.1 viccpm08.victoryproads.com # hosts anti-adware / pups127.0.0.1 videodirectory9.info # hosts anti-adware / pups127.0.0.1 videodownloadconveer.com # hosts anti-adware / pups127.0.0.1 videofer.us # hosts anti-adware / pups127.0.0.1 vipm03.victoryproads.com # hosts anti-adware / pups127.0.0.1 vipm08.victoryproads.com # hosts anti-adware / pups127.0.0.1 virbanks.com # hosts anti-adware / pups127.0.0.1 visicommedia.com # hosts anti-adware / pups127.0.0.1 vistacodec-2010.com # hosts anti-adware / pups127.0.0.1 vizihq.info # hosts anti-adware / pups127.0.0.1 vlc.load4free.net # hosts anti-adware / pups127.0.0.1 voe-travail-a-domicile.com # hosts anti-adware / pups127.0.0.1 vos-revenus-sur-internet.com # hosts anti-adware / pups127.0.0.1 vsharetv.ouoolbar.com # hosts anti-adware / pups127.0.0.1 wa2go.com # hosts anti-adware / pups127.0.0.1 want.suck-my-candy.com # hosts anti-adware / pups127.0.0.1 webplayerddl.com # hosts anti-adware / pups127.0.0.1 webplayer.tv # hosts anti-adware / pups127.0.0.1 wefightbadware.org # hosts anti-adware / pups127.0.0.1 westopmalware.org # hosts anti-adware / pups127.0.0.1 widgets.wizebar.com # hosts anti-adware / pups127.0.0.1 wildmedianetwork.com # hosts anti-adware / pups127.0.0.1 win1.winsprodco.info # hosts anti-adware / pups127.0.0.1 wincr1.winsprodco.info # hosts anti-adware / pups127.0.0.1 winpoal.fr # hosts anti-adware / pups127.0.0.1 winskeat.fr # hosts anti-adware / pups127.0.0.1 winzip-fu.net # hosts anti-adware / pups127.0.0.1 wiseconve.com # hosts anti-adware / pups127.0.0.1 wiseconvert15.greattoolbars.com # hosts anti-adware / pups127.0.0.1 wiseconvert.com # hosts anti-adware / pups127.0.0.1 wlroxe.changeip.name # hosts anti-adware / pups127.0.0.1 wtseleions.com # hosts anti-adware / pups127.0.0.1 www.01-telecharger.com # hosts anti-adware / pups127.0.0.1 www.123mplayer.com # hosts anti-adware / pups127.0.0.1 www.2012-plus.org # hosts anti-adware / pups127.0.0.1 www.2607.cn # hosts anti-adware / pups127.0.0.1 www2l.incredimail.com # hosts anti-adware / pups127.0.0.1 www.2-spyware.com # hosts anti-adware / pups127.0.0.1 www3l.incredimail.com # hosts anti-adware / pups127.0.0.1 www.411-spyware.com # hosts anti-adware / pups127.0.0.1 www4l.incredimail.com # hosts anti-adware / pups127.0.0.1 www5l.incredimail.com # hosts anti-adware / pups127.0.0.1 www.80worldnewstoday.info # hosts anti-adware / pups127.0.0.1 www.ackdlstat.com # hosts anti-adware / pups127.0.0.1 www.ackinn.com # hosts anti-adware / pups127.0.0.1 www.acksguru.com # hosts anti-adware / pups127.0.0.1 www.affiliation-france.com # hosts anti-adware / pups127.0.0.1 www.affpx.com # hosts anti-adware / pups127.0.0.1 www.agence-exusive.com # hosts anti-adware / pups127.0.0.1 www.alcoporn.com # hosts anti-adware / pups127.0.0.1 www.alterporn.com # hosts anti-adware / pups127.0.0.1 www.americanpendulum.com # hosts anti-adware / pups127.0.0.1 www.amonetizeinstaller.com # hosts anti-adware / pups127.0.0.1 www.anti-spyware-101.com # hosts anti-adware / pups127.0.0.1 www.anvisoft.com # hosts anti-adware / pups127.0.0.1 www.aoporn.com # hosts anti-adware / pups127.0.0.1 www.appround.biz # hosts anti-adware / pups127.0.0.1 www.appround.net # hosts anti-adware / pups127.0.0.1 www.asoftwareplus.com # hosts anti-adware / pups127.0.0.1 www.assure-le.com # hosts anti-adware / pups127.0.0.1 www.babesandgirls.com # hosts anti-adware / pups127.0.0.1 www.babylon.com # hosts anti-adware / pups127.0.0.1 www.bigspeedpro.com # hosts anti-adware / pups127.0.0.1 www.bioartmed.com # hosts anti-adware / pups127.0.0.1 www.bit89.com # hosts anti-adware / pups127.0.0.1 www.bit-mania.com # hosts anti-adware / pups127.0.0.1 www.boxore.com # hosts anti-adware / pups127.0.0.1 www.byteseeder.com # hosts anti-adware / pups127.0.0.1 www.chehe.us # hosts anti-adware / pups127.0.0.1 www.cloud4widget.com # hosts anti-adware / pups127.0.0.1 www.cojan13fast.com # hosts anti-adware / pups127.0.0.1 www.cool-applications.com # hosts anti-adware / pups127.0.0.1 www.coupon-miner.com # hosts anti-adware / pups127.0.0.1 www.createstockdoingzero.biz # hosts anti-adware / pups127.0.0.1 www.cyberfitex.com # hosts anti-adware / pups127.0.0.1 www.danager.net # hosts anti-adware / pups127.0.0.1 www.dataatimeast.com # hosts anti-adware / pups127.0.0.1 www.deletevirus.net # hosts anti-adware / pups127.0.0.1 www.dlsafebrowse.com # hosts anti-adware / pups127.0.0.1 www.dmralumni.com # hosts anti-adware / pups127.0.0.1 www.downlesoft.com # hosts anti-adware / pups127.0.0.1 www.download-best-softwares.com # hosts anti-adware / pups127.0.0.1 www.download-free.com # hosts anti-adware / pups127.0.0.1 www.downloadsoftfr.com # hosts anti-adware / pups127.0.0.1 www.downxsoft.com # hosts anti-adware / pups127.0.0.1 www.downxsoft.com # hosts anti-adware / pups127.0.0.1 www.drawingincests.com # hosts anti-adware / pups127.0.0.1 www.eanallvirus.com # hosts anti-adware / pups127.0.0.1 www.easycuisinevideo.com # hosts anti-adware / pups127.0.0.1 www.easy-money-making-idea.info # hosts anti-adware / pups127.0.0.1 www.e-downloader.net # hosts anti-adware / pups127.0.0.1 www.enigmasoftware.com # hosts anti-adware / pups127.0.0.1 www.eorezo.com # hosts anti-adware / pups127.0.0.1 www.ericmok.ca # hosts anti-adware / pups127.0.0.1 www.eximdownloadmanager.com # hosts anti-adware / pups127.0.0.1 www.extreme-down.com # hosts anti-adware / pups127.0.0.1 www.extrimdownloadmanager.com # hosts anti-adware / pups127.0.0.1 www.fasterpleanclean.com # hosts anti-adware / pups127.0.0.1 www.fcgoatcalear.us # hosts anti-adware / pups127.0.0.1 www.fixie.com # hosts anti-adware / pups127.0.0.1 www.flash-player-france.com # hosts anti-adware / pups127.0.0.1 www.freeamateulub.org # hosts anti-adware / pups127.0.0.1 www.freeamateurclub.org # hosts anti-adware / pups127.0.0.1 www.freetadio.com # hosts anti-adware / pups127.0.0.1 www.frflashplayer.com # hosts anti-adware / pups127.0.0.1 www.getdatafromeast.com # hosts anti-adware / pups127.0.0.1 www.getyoursoft.com # hosts anti-adware / pups127.0.0.1 www.girlsfriendxxx.net # hosts anti-adware / pups127.0.0.1 www.gisfriendxxx.net # hosts anti-adware / pups127.0.0.1 www.globe7.com # hosts anti-adware / pups127.0.0.1 www.gogetmoneynow.com # hosts anti-adware / pups127.0.0.1 www.gpil.org # hosts anti-adware / pups127.0.0.1 www.grabatimstat.us # hosts anti-adware / pups127.0.0.1 www.grandwesternliquors.com # hosts anti-adware / pups127.0.0.1 www.gratuit-telecharger.com # hosts anti-adware / pups127.0.0.1 www.haycfld.us # hosts anti-adware / pups127.0.0.1 www.haycfld.us/htmlscreens # hosts anti-adware / pups127.0.0.1 www.herz-fuer-musik.de # hosts anti-adware / pups127.0.0.1 www.homepa.ge # hosts anti-adware / pups127.0.0.1 www.hubbywatcheswife.biz # hosts anti-adware / pups127.0.0.1 www.ilivid.com # hosts anti-adware / pups127.0.0.1 www.instatrk.com # hosts anti-adware / pups127.0.0.1 www.kerasos.co # hosts anti-adware / pups127.0.0.1 www.kerion.pt # hosts anti-adware / pups127.0.0.1 www.keygendb.com # hosts anti-adware / pups127.0.0.1 www.kiallvirus.com # hosts anti-adware / pups127.0.0.1 www.koyotesoft.com # hosts anti-adware / pups127.0.0.1 www.lavideobuzz.com # hosts anti-adware / pups127.0.0.1 www.livecamsxxxnow.com # hosts anti-adware / pups127.0.0.1 www.mature-vulva.org # hosts anti-adware / pups127.0.0.1 www.media-app.com # hosts anti-adware / pups127.0.0.1 www.messengerdusexe.com # hosts anti-adware / pups127.0.0.1 www.messyxxxtube.biz # hosts anti-adware / pups127.0.0.1 www.messyxxxtube.biz # hosts anti-adware / pups127.0.0.1 www.mickyfastdl.com # hosts anti-adware / pups127.0.0.1 www.milfbeach.net # hosts anti-adware / pups127.0.0.1 www.milkiwaytuber.com # hosts anti-adware / pups127.0.0.1 www.mljanthrunorth.us # hosts anti-adware / pups127.0.0.1 www.moviehuts.com # hosts anti-adware / pups127.0.0.1 www.moviewodsite.com # hosts anti-adware / pups127.0.0.1 www.mspyapps.com # hosts anti-adware / pups127.0.0.1 www.mspylogs.com # hosts anti-adware / pups127.0.0.1 www.mybestpenis.com # hosts anti-adware / pups127.0.0.1 www.mypussygirls.com # hosts anti-adware / pups127.0.0.1 www.mypussygis.com # hosts anti-adware / pups127.0.0.1 www.mysexysister.biz # hosts anti-adware / pups127.0.0.1 www.nbconsuing.nl # hosts anti-adware / pups127.0.0.1 www.nbconsulting.nl # hosts anti-adware / pups127.0.0.1 www.neoyersonpc.org # hosts anti-adware / pups127.0.0.1 www.nlstorage.info # hosts anti-adware / pups127.0.0.1 www.nouveau-avast.com # hosts anti-adware / pups127.0.0.1 www.officialvideoconverter.com # hosts anti-adware / pups127.0.0.1 www.oldmo.org # hosts anti-adware / pups127.0.0.1 www.openadserving.com # hosts anti-adware / pups127.0.0.1 www.piraterfacebook.ws # hosts anti-adware / pups127.0.0.1 www.pisk.com # hosts anti-adware / pups127.0.0.1 www.playerplus.com # hosts anti-adware / pups127.0.0.1 www.pornuv.net # hosts anti-adware / pups127.0.0.1 www.powerpackdl.com # hosts anti-adware / pups127.0.0.1 www.premiumdownload.org # hosts anti-adware / pups127.0.0.1 www.putlocker-downloader.com # hosts anti-adware / pups127.0.0.1 www.puto.com # hosts anti-adware / pups127.0.0.1 www.reallycoolapp.com # hosts anti-adware / pups127.0.0.1 www.realtinypussy.org # hosts anti-adware / pups127.0.0.1 www.rediremylink.com # hosts anti-adware / pups127.0.0.1 www.removeonline.com # hosts anti-adware / pups127.0.0.1 www.retrogamer.com # hosts anti-adware / pups127.0.0.1 www.sckarteast.us # hosts anti-adware / pups127.0.0.1 www.sendfilesapp.com # hosts anti-adware / pups127.0.0.1 www.sexoss.net # hosts anti-adware / pups127.0.0.1 www.silentpornotube.com # hosts anti-adware / pups127.0.0.1 www.smuss.net # hosts anti-adware / pups127.0.0.1 www.softesdown.com # hosts anti-adware / pups127.0.0.1 www.softologic.com # hosts anti-adware / pups127.0.0.1 www.softologicsc.com # hosts anti-adware / pups127.0.0.1 www.software-files.net # hosts anti-adware / pups127.0.0.1 www.softwaresbay.com # hosts anti-adware / pups127.0.0.1 www.speedypc.com # hosts anti-adware / pups127.0.0.1 www.sps-experten.de # hosts anti-adware / pups127.0.0.1 www.spywarehelpcenter.com # hosts anti-adware / pups127.0.0.1 www.spywarehelpcenter.com # hosts anti-adware / pups127.0.0.1 www.spywareremove.com # hosts anti-adware / pups127.0.0.1 www.streaminghds.com # hosts anti-adware / pups127.0.0.1 www.supprimer-spyware.org # hosts anti-adware / pups127.0.0.1 www.telecharger-facile.com # hosts anti-adware / pups127.0.0.1 www.telechargers.net # hosts anti-adware / pups127.0.0.1 www.thelivetech.com # hosts anti-adware / pups127.0.0.1 www.tiptopsoft.org # hosts anti-adware / pups127.0.0.1 www.toplugs.com # hosts anti-adware / pups127.0.0.1 www.tuto4pc.com # hosts anti-adware / pups127.0.0.1 www.uniblue.com # hosts anti-adware / pups127.0.0.1 www.videoconveertool.net # hosts anti-adware / pups127.0.0.1 www.videodownloadconverter.com # hosts anti-adware / pups127.0.0.1 www.videoipa.com # hosts anti-adware / pups127.0.0.1 www.videoplusmusic.com # hosts anti-adware / pups127.0.0.1 www.vioplayer.com # hosts anti-adware / pups127.0.0.1 www.viuagirl.com # hosts anti-adware / pups127.0.0.1 www.wajam.com # hosts anti-adware / pups127.0.0.1 www.wiki-security.com # hosts anti-adware / pups127.0.0.1 www.windownloader24.com # hosts anti-adware / pups127.0.0.1 www.winload.de # hosts anti-adware / pups127.0.0.1 www.winpoal.fr # hosts anti-adware / pups127.0.0.1 www.wisedownloads.com # hosts anti-adware / pups127.0.0.1 www.wslinx.com # hosts anti-adware / pups127.0.0.1 www.xlplayer.com # hosts anti-adware / pups127.0.0.1 xmlinsp.ddbbvt.eu # hosts anti-adware / pups127.0.0.1 xmlinstcp.ddbbvt.eu # hosts anti-adware / pups127.0.0.1 xxxgifan.com # hosts anti-adware / pups127.0.0.1 xxxgirlfan.com # hosts anti-adware / pups127.0.0.1 xxx-values.com # hosts anti-adware / pups127.0.0.1 youngporn.it # hosts anti-adware / pups127.0.0.1 youngporn.it # hosts anti-adware / pups127.0.0.1 yourfiledownloader.net # hosts anti-adware / pups127.0.0.1 youwatch.org # hosts anti-adware / pups127.0.0.1 yrueo.info # hosts anti-adware / pups127.0.0.1 zvswmqoh.changeip.name # hosts anti-adware / pups# Copyright © 1993-2009 Microsoft Corp.## This is a sample HOSTS file used by Microsoft TCP/IP for Windows.## This file contains the mappings of IP addresses to host names. Each# entry should be kept on an individual line. The IP address should# be placed in the first column followed by the corresponding host name.# The IP address and the host name should be separated by at least one# space.## Additionally, comments (such as these) may be inserted on individual# lines or following the machine name denoted by a '#' symbol.## For example:## 102.54.94.97 rhino.acme.com # source server# 38.25.63.10 x.acme.com # x client host# localhost name resolution is handled within DNS itself.# 127.0.0.1 localhost# ::1 localhost#74.208.10.249 gs.apple.com Link to post Share on other sites More sharing options...
Maniac Posted May 21, 2013 ID:682274 Share Posted May 21, 2013 Hello frozengamer and ! My name is Maniac and I will be glad to help you solve your malware problem.Please note:If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.Make sure you read all of the instructions and fixes thoroughly before continuing with them.Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.Please post the content of Attach.txt . Link to post Share on other sites More sharing options...
frozengamer Posted May 21, 2013 Author ID:682280 Share Posted May 21, 2013 Here is the attach file.Attach.zip Link to post Share on other sites More sharing options...
frozengamer Posted May 21, 2013 Author ID:682312 Share Posted May 21, 2013 Conflicting info so i am pasting contents of attached.txt as well..UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 UltimateBoot Device: \Device\HarddiskVolume3Install Date: 4/15/2011 11:42:30 AMSystem Uptime: 5/21/2013 8:02:13 AM (4 hours ago).Motherboard: ASRock | | P67 Extreme6Processor: Intel® Core i5-2500K CPU @ 3.30GHz | CPUSocket | 3301/100mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 238 GiB total, 5.716 GiB free.D: is FIXED (NTFS) - 1397 GiB total, 1172.174 GiB free.E: is FIXED (NTFS) - 1397 GiB total, 994.452 GiB free.F: is FIXED (NTFS) - 1397 GiB total, 487.476 GiB free.G: is CDROM ()H: is FIXED (NTFS) - 0 GiB total, 0.06 GiB free.I: is FIXED (NTFS) - 2794 GiB total, 37.044 GiB free.J: is FIXED (NTFS) - 2795 GiB total, 1663.123 GiB free.K: is FIXED (NTFS) - 0 GiB total, 0.06 GiB free.L: is FIXED (NTFS) - 2795 GiB total, 2373.684 GiB free..==== Disabled Device Manager Items =============.==== System Restore Points ===================.No restore point in system..==== Installed Programs ======================."Vivisector" (Remove Only)4 ElementsA Game of DwarvesABBYY FineReader for ScanSnap 4.1ACE COMBAT™ ASSAULT HORIZON Enhanced EditionAcroPano Photo Stitcher, Panorama softwareAdam's Venture Episode 1: The Search For The Lost GardenAdam's Venture Episode 2: Solomon's SecretAdam's Venture Episode 3: RevelationsAdobe AIRAdobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAdobe Photoshop Lightroom 5 Beta 64-bitAdobe Reader X (10.1.7)Aeon Command version 1.0.0.563Air ForteAirBuccaneersAiseesoft Blu-ray Ripper 6.3.62Aiseesoft iTunes Backup Genius 2.1.2Aiseesoft Total Media Converter 6.2.26Alan WakeAlan Wake's American NightmareAlawar Game BoxAlice Madness ReturnsAlice: Madness ReturnsAlien Shooter: RevisitedAlter EgoAmazon KindleAmazon MP3 Downloader 1.0.17AMD Accelerated Video TranscodingAMD APP SDK RuntimeAMD Catalyst Install ManagerAMD Drag and Drop TranscodingAMD Media Foundation DecodersAmerican ConquestAmerican Conquest - Fight BackAnnie's MillionsAnodyneAnVir Task ManagerAOMEI Partition Assistant Pro Edition 5.1Apple Application SupportApple Mobile Device SupportApple Software UpdateApplication ProfilesArma 2: FreeAround the World in 80 DaysAshampoo Snap 4 v.4.3.1ASRock eXtreme Tuner v0.1.54Audiobook Downloader Pro 1.3Autonomous PrototypeAutoUnpack 4.5.2Autumn's Treasures the Jade CoinAvadon: The Black FortressAvery Wizard 4.0AwesomenautsAztakaBack to the Future: Ep 1 - It's About TimeBack to the Future: Ep 2 - Get Tannen!Back to the Future: Ep 3 - Citizen BrownBack to the Future: Ep 4 - Double VisionsBack to the Future: Ep 5 - OUTATIMEBarricade 3.5.1Batman - Arkham CityBatman: Arkham City™Battlefield 3™Battlefield: Bad Company™ 2BeamDog Launcher 1.8.1.0Bigasoft Total Video Converter 3.5.18.4353BioShock InfiniteBlack Lake PrototypeBlades of TimeBlocklandBlood Bowl: Legendary EditionBoilsoft Video Splitter 6.34BonjourBonjour Print ServicesBreachBrütal LegendBulletstormBYclouder Data Recovery ProcalibreCardMinderCardMinder V4.1Cargo CommanderCatalyst Control CenterCatalyst Control Center - BrandingCatalyst Control Center Graphics Previews CommonCatalyst Control Center InstallProxyCatalyst Control Center Localization Allccc-utility64CCC Help Chinese StandardCCC Help Chinese TraditionalCCC Help CzechCCC Help DanishCCC Help DutchCCC Help EnglishCCC Help FinnishCCC Help FrenchCCC Help GermanCCC Help GreekCCC Help HungarianCCC Help ItalianCCC Help JapaneseCCC Help KoreanCCC Help NorwegianCCC Help PolishCCC Help PortugueseCCC Help RussianCCC Help SpanishCCC Help SwedishCCC Help ThaiCCC Help TurkishCCleanerCDRWIN 9Cities XL PlatinumCleverPrintClosureCoastal ExplorerCodename GordonCoilColour BindCommand & Conquer The First DecadeCompany of Heroes (New Steam Version)Condemned: Criminal OriginsConquest of Elysium 3Cossacks II: Battle for EuropeCossacks II: Napoleonic WarsCossacks: Art of WarCossacks: Back to WarCossacks: European WarsCPUID HWMonitor Pro 1.12CrashPlanCrazy MachinesCrazy Machines 1.5 Inventors Training CampCrazy Machines 1.5 New from the LabCrazy Machines 2Crazy Machines ElementsCrusader Kings IICrysis® 2Crysis®3Dark Souls: Prepare to Die EditionDarksiders IIDarksidersInstallerDarkspore™Dawn of Discovery - VeniceDawn of Fantasy: Kingdom WarsdBpoweramp Music ConverterDead PixelsDead Space™ 2DeadlightDebenu PDF Maximus 1.1.0.28Defenders of ArdaniaDefinition Update for Microsoft Office 2010 (KB982726) 64-Bit EditionDemigodDeponiaDesuraDesura:Desura: 3079Desura: 8-Bit CommandoDesura: 99 Levels To HellDesura: A Kingdom for KeflingsDesura: Acceleration Of Suguri X-EditionDesura: AlterEgo: DreamWalkerDesura: Arkhelom 3DDesura: Band of BugsDesura: Bionic HeartDesura: Bullet Candy PerfectDesura: Cardinal QuestDesura: Caveman Craig 2Desura: Corril SlayerDesura: Da New GuysDesura: Dino Run SEDesura: DysisDesura: EnolaDesura: ERIEDesura: Escape GoatDesura: FireballDesura: Gentrieve 2Desura: HauntDesura: HeileenDesura: Helena The 3rdDesura: Hitogata HappaDesura: IchiDesura: Inferno+Desura: InfluenceDesura: Knytt UndergroundDesura: Koya RiftDesura: Lair of the EvildoerDesura: Little Racers STREETDesura: Love, By Fred WoodDesura: Lunnye Devitsy 2013Desura: ManhunterDesura: Metal DeadDesura: Miner Wars ArenaDesura: MiniFlakeDesura: moon.chase.starDesura: Mutant MuddsDesura: One Night: Full CircleDesura: Oozi: Earth AdventureDesura: OrczzDesura: Outpost KalokiDesura: PathologicDesura: PitmanDesura: Platformance: Castle PainDesura: Platformance: Temple DeathDesura: Private InfiltratorDesura: PushcatDesura: Qasir Al-Wasat: A Night in-BetweenDesura: RecruitsDesura: ReprisalDesura: RobotRiotDesura: Salvation ProphecyDesura: Savage XRDesura: Slender's WoodsDesura: SoulcasterDesura: Soulcaster IIDesura: SQUIDSDesura: stay deadDesura: Super CrossfireDesura: Super Space RubbishDesura: Talisman PrologueDesura: The NetworkDesura: The Real TexasDesura: The ShivahDesura: Tompi JonesDesura: TownsDesura: UnepicDesura: VitrumDesura: Wake 2013Desura: Warzone 2100Desura: Weird Worlds: Return to Infinite SpaceDesura: Wimp: Who Stole My Pants?Desura: Wyv and KeepDesura: Zafehouse: DiariesDesura: Zombies.Diablo IIIDiscord TimesDishonoredDLC QuestDOOM 3: BFG EditionDragon Age IIDrakensangDrakensang 2 - Phileasson's SecretDriver Magician 3.65Driver San FranciscoDriver Sweeper 2.1.0DropboxDungeon HeartsDUNGEONS - The Dark Lord (Steam Special Edition)Dungeons and Dragons Anthology: The Master CollectionDuplicate Cleaner 2.1bDuplicate Cleaner Pro 3.0.4EA Shared Game Component: ActivationEarth Defense Force: Insect ArmageddonEaseUS Data Recovery Wizard 5.6.5EASEUS Data Recovery Wizard Free Edition 5.5.1EaseUS Partition Master 9.2.1 ProfessionalEasy Drive Data RecoveryEdna & Harvey: Harvey's New EyesEnclaveESN SonareSupport UndeletePlus 3.0.2.1214Etron USB3.0 Host ControllerEvernote v. 4.6.3Everything 1.2.1.371Evochron MercenaryExplodemonExplorerXP (remove only)F.luxFairy Bloom FreesiaFantapper PlayerFar Cry 3Far Cry 3 Blood DragonFarmscapesFashion Seasonffdshow [rev 3154] [2009-12-09]FileAlyzer 2FileToFolderFishdomFishdom H2O - Hidden OdysseyForgeForge Beta version 1.0FreeArc 0.666Freespace 2FTL: Faster Than LightGalactic Civilizations I: Ultimate EditionGame Booster 3GameFlyGameSave ManagerGameStop AppGatling GearsGettysburg: Armored WarfareGlary Utilities 2.54.0.1759GOG.com Downloader version 3.4.8GOG.com PowerslideGoogle ChromeGoogle Talk PluginGoogle Update HelperGratuitous Space BattlesGrotesque Tactics 2 - Dungeons and DonutsGuns of Icarus OnlineHack n Slash PrototypeHamlet or the last game without MMORPG features, shaders and product placementHD Tune 2.55HD Tune Pro 5.00HinterlandHotel Giant 2Hotline MiamiHP webOS® Doctor Build 71.68, webOS 3.0.2I Am AliveiBomber AttackiBomber Defense PacificImgBurnInca BallInpaint 4.3Intel® Control CenterIntel® Rapid Storage TechnologyInversion™Iron BrigadeIronclads: American Civil WarIronclads: Anglo Russian War 1866Ironclads: Chincha Islands War 1866Ironclads: High SeasIronclads: Schleswig War 1864iTunesJava 7 Update 21Java Auto UpdaterJava 6 Update 26Jet Downloaderjust another nasty editorKao - 2nd roundKilling FloorKilling Floor Mod: Defence Alliance 2King's Bounty: Warriors of the NorthKing Arthur II - The Role-playing WargameKingdoms of Amalur: ReckoningKingdoms of Amalur: Reckoning™Knytt Underground 1.0KraterKung Fu Strike: The Warrior's RiseLa-MulanaLangoMax Adult AdvantageLastPass (uninstall only)LEGO Lord of the RingsLink Shell ExtensionLogitech Gaming SoftwareLogitech Gaming Software 8.40LuciusLunnye DevitsyMagi version 1.4MahJong Suite 2012 v9.0Malwarebytes Anti-Malware version 1.75.0.1300Mark of the Ninjamarvell 91xx driverMass Effect 2Mata HariMelomaniaMercenaries 2 World in Flames™Microsoft .NET Framework 1.1Microsoft .NET Framework 4 Client ProfileMicrosoft .NET Framework 4 ExtendedMicrosoft Application Error ReportingMicrosoft Games for Windows - LIVE RedistributableMicrosoft Games for Windows MarketplaceMicrosoft IntelliPoint 8.2Microsoft Office 2010 Service Pack 1 (SP1)Microsoft Office Access MUI (English) 2010Microsoft Office Access Setup Metadata MUI (English) 2010Microsoft Office Excel MUI (English) 2010Microsoft Office Groove MUI (English) 2010Microsoft Office InfoPath MUI (English) 2010Microsoft Office Office 32-bit Components 2010Microsoft Office OneNote MUI (English) 2010Microsoft Office Outlook MUI (English) 2010Microsoft Office PowerPoint MUI (English) 2010Microsoft Office Professional Plus 2010Microsoft Office Proof (English) 2010Microsoft Office Proof (French) 2010Microsoft Office Proof (Spanish) 2010Microsoft Office Proofing (English) 2010Microsoft Office Publisher MUI (English) 2010Microsoft Office Shared 32-bit MUI (English) 2010Microsoft Office Shared MUI (English) 2010Microsoft Office Shared Setup Metadata MUI (English) 2010Microsoft Office Word MUI (English) 2010Microsoft Security ClientMicrosoft Security EssentialsMicrosoft SilverlightMicrosoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2005 Redistributable (x64)Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219Microsoft Windows SDK for Windows 7 (7.0)Microsoft Windows SDK for Windows 7 Common Utilities (40715)Microsoft Windows SDK for Windows 7 Utilities for Win32 Development (40715)Microsoft Windows SDK Intellisense and Reference Assemblies (40715)Microsoft Xbox 360 Accessories 1.2Microsoft XNA Framework Redistributable 3.0Microsoft XNA Framework Redistributable 3.1Microsoft XNA Framework Redistributable 4.0MightierMiner Wars 2081Miner Wars Arena Special EditionMoonbase AlphaMozilla Firefox 20.0.1 (x86 en-US)Mozilla Maintenance ServiceMp3tag v2.50MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)MSXML 4.0 SP3 ParserMSXML 4.0 SP3 Parser (KB2721691)MSXML 4.0 SP3 Parser (KB2758694)MUD - FIM Motocross World Championship™MusicIP Mixer 1.9My Game Long NameMyKeyFinderMystery of Mortlake MansionNaval War: Arctic CircleNeed for Speed Hot PursuitNethergate: ResurrectionNeverwinternGlide 1.00NiGHTS into Dreams...NirSoft BlueScreenViewnito InstallerNitronic Rush (2012-06-19) version 20120619.0NovacomdNVIDIA Install ApplicationNVIDIA PhysXOffspring Fling!Ontrack EasyRecovery ProfessionalOpenALOracle VM VirtualBox 4.2.12OriginPainkiller Hell & DamnationPando Media BoosterPar-N-Rar 1.3Paragon Backup and Recovery™ 11 Compact EditionParty of SinPath of ExilePDF24 Creator 5.2.0Peggle ExtremePenny Arcade's On the Rain-Slick Precipice of Darkness 3PerimeterPeter Jackson's King Kong - Gamers EditionPicasa 3Picasa UploaderPidPirates of Black CovePlanets Under AttackPlexPlus Pack for Acronis True Image Home 2012POSTALPowerslidePrimal CarnagePrimal FearsProcess LassoProject SPunkBuster ServicesQuickPar 0.9QuickSFV (Remove only)Race Cars - The Extreme RallyRainlendar2 (remove only)Rapture3D 2.4.8 GameRayman 3 version 1.0Realtek Ethernet Controller DriverRealtek High Definition Audio DriverRecoveryDesk 3.7.1RecuvaRed Orchestra 2: Heroes of StalingradRed Orchestra 2: Heroes of Stalingrad BetaResonanceRetouch Pilot Free 3.4.1RhapsodyRidge Racer™ UnboundedRidNacs 2.0.3RIFT™Roblox for ChrisRocketbirds: Hardboiled ChickenRocksmithRockstar Games Social ClubRoyal EnvoySacrificeSandboxie 3.56 (64-bit)SataziusScanSnapScanSnap ManagerScanSnap OrganizerScraplandScribblenauts UnlimitedSeaTools for WindowsSecunia PSI (3.0.0.3001)Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)Security Update for Microsoft .NET Framework 4 Extended (KB2416472)Security Update for Microsoft .NET Framework 4 Extended (KB2487367)Security Update for Microsoft .NET Framework 4 Extended (KB2656351)Security Update for Microsoft .NET Framework 4 Extended (KB2736428)Security Update for Microsoft .NET Framework 4 Extended (KB2742595)Security Update for Microsoft Excel 2010 (KB2597126) 64-Bit EditionSecurity Update for Microsoft Filter Pack 2.0 (KB2553501) 64-Bit EditionSecurity Update for Microsoft InfoPath 2010 (KB2687422) 64-Bit EditionSecurity Update for Microsoft InfoPath 2010 (KB2760406) 64-Bit EditionSecurity Update for Microsoft Office 2010 (KB2553091)Security Update for Microsoft Office 2010 (KB2553096)Security Update for Microsoft Office 2010 (KB2553371) 64-Bit EditionSecurity Update for Microsoft Office 2010 (KB2553447) 64-Bit EditionSecurity Update for Microsoft Office 2010 (KB2589320) 64-Bit EditionSecurity Update for Microsoft Office 2010 (KB2598243) 64-Bit EditionSecurity Update for Microsoft Office 2010 (KB2687501) 64-Bit EditionSecurity Update for Microsoft Office 2010 (KB2687510) 64-Bit EditionSecurity Update for Microsoft OneNote 2010 (KB2760600) 64-Bit EditionSecurity Update for Microsoft Publisher 2010 (KB2553147) 64-Bit EditionSecurity Update for Microsoft Visio 2010 (KB2810068) 64-Bit EditionSecurity Update for Microsoft Visio Viewer 2010 (KB2687505) 64-Bit EditionSecurity Update for Microsoft Word 2010 (KB2760410) 64-Bit EditionSEGA Genesis & Mega Drive ClassicsSerif PanoramaPlus Starter EditionShad'OShadow DefenderShadow Harvest: Phantom OpsShank 2Shift 2 UnleashedSHIFT 2 UNLEASHED™Skype™ 5.10Slam Bolt ScrappersSnapshotSniper: Ghost WarriorSnuggle TruckSpacebase DF-9 PrototypeSpacewarSpartanSpirit Of WanderingSpliceSplit/SecondSpotifySpybot - Search & DestroyStar Prospector 1.01SteamStill LifeStorm in a TeacupSTORM: Frontline NationSugar Cube: Bittersweet FactorySuper HexagonSuper House of Dead NinjasSUPERAntiSpywareSuperCopier2Sword of the Stars II: Enhanced EditionSystem Requirements Lab for IntelTag&Rename 3.6.1TagScanner 5.1.610TeamSpeak 3 ClientTeamViewer 8The Basement CollectionThe Chronicles of Riddick - Assault on Dark AthenaThe Journey Down: Chapter OneThe Lost Inca ProphecyThe Saboteur™The Secret WorldThe Tiny Bang StoryThe Whispered WorldThe White Birch PrototypeThe Witcher 2 - Assassins of KingsThirty Flights of LovingTicket to RideTides & CurrentsTiny and Big - Grandpa's Leftovers (remove only)Tiny TroopersTipard Video Converter Platinum 6.2.16Tom Clancy's Rainbow Six 3: Athena SwordTomb RaiderTomTom HOME 2.8.3.2499TomTom HOME Visual Studio Merge ModulesTotal Annihilation KingdomsTrackMania² Stadium Open BetaTranscriptedtruShuffle 1.5Two Worlds II Castle DefenseUbisoft Game LauncherUE3RedistUndelete 360Unity Web PlayerUnmechanicalUpdate for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2473228)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Extended (KB2468871)Update for Microsoft .NET Framework 4 Extended (KB2533523)Update for Microsoft .NET Framework 4 Extended (KB2600217)Update for Microsoft Office 2010 (KB2494150)Update for Microsoft Office 2010 (KB2553065)Update for Microsoft Office 2010 (KB2553092)Update for Microsoft Office 2010 (KB2553181) 64-Bit EditionUpdate for Microsoft Office 2010 (KB2553267) 64-Bit EditionUpdate for Microsoft Office 2010 (KB2553310) 64-Bit EditionUpdate for Microsoft Office 2010 (KB2553378) 64-Bit EditionUpdate for Microsoft Office 2010 (KB2566458)Update for Microsoft Office 2010 (KB2598242) 64-Bit EditionUpdate for Microsoft Office 2010 (KB2687509) 64-Bit EditionUpdate for Microsoft Office 2010 (KB2760631) 64-Bit EditionUpdate for Microsoft Office 2010 (KB2767886) 64-Bit EditionUpdate for Microsoft OneNote 2010 (KB2553290) 64-Bit EditionUpdate for Microsoft Outlook 2010 (KB2597090) 64-Bit EditionUpdate for Microsoft Outlook 2010 (KB2687623) 64-Bit EditionUpdate for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit EditionUpdate for Microsoft PowerPoint 2010 (KB2598240) 64-Bit EditionUpdate for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit EditionUplayVideo Cutter 1.0Viking: Battle for AsgardVirtualCloneDriveVLC media player 2.0.6Voxatron 0.1.3WakeWaking MarsWarcraft IIIWarhammer 40,000: Dawn of War - Game of the Year EditionWarhammer® 40,000™: Dawn of War® II - Chaos Rising™Warhammer® 40,000™: Dawn of War® II – Retribution™Warlock - Master of the ArcaneWeird Worlds: Return to Infinite SpaceWhereIsIt? 2011WinampWinamp Detector Plug-inWindows Driver Package - Palm (WinUSB) Palm Devices (10/09/2009 1.0.1)Windows Live ID Sign-in AssistantWindows SDK IntellidocsWinISOWinRAR 4.01 (64-bit)WinX DVD Copy Pro 3.4.3Wondershare PDF Converter (Build 3.0.0)Wondershare Video Studio Express(Build 1.2.0.5)World's Greatest Places MahjongXBMCHUB WizardXfire (remove only)XYplorer 11.90Yahoo! BrowserPlus 2.9.8YOU DON'T KNOW JACKZombie Driver HDZombie Pirates.==== Event Viewer Messages From Past Week ========.5/21/2013 8:45:10 AM, Error: Microsoft-Windows-DNS-Client [1012] - There was an error while attempting to read the local hosts file.5/21/2013 8:09:15 AM, Error: Service Control Manager [7030] - The HOSTS Anti-PUPs service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.5/21/2013 8:02:44 AM, Error: Service Control Manager [7000] - The NVIDIA Stereoscopic 3D Driver Service service failed to start due to the following error: The system cannot find the file specified.5/20/2013 8:44:59 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.5/20/2013 8:44:59 AM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion..==== End Of File =========================== Link to post Share on other sites More sharing options...
Maniac Posted May 22, 2013 ID:682434 Share Posted May 22, 2013 Step 1Please uninstall this application: Fantapper PlayerStep 2Please download Junkware Removal Tool to your desktop.Shut down your protection software now to avoid potential conflicts.Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.The tool will open and start scanning your system.Please be patient as this can take a while to complete depending on your system's specifications.On completion, a log (JRT.txt) is saved to your desktop and will automatically open.Post the contents of JRT.txt into your next message.Step 3Launch Malwarebytes' Anti-MalwareGo to Update tab and select Check for Updates. If an update is found, it will download and install the latest version. Go to Scanner tab and select Perform Quick Scan, then click Scan.The scan may take some time to finish,so please be patient.When the scan is complete, click OK, then Show Results to view the results.Make sure that everything is checked, and click Remove Selected.When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.Copy&Paste the entire report in your next reply.Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.Step 4Please download AdwCleaner from here and save it on your Desktop. Right-click on adwcleaner.exe and select Run As Administrator to launch the application.Now click on the Search tab.Please post the contents of the log-file created in your next post.Note: The log can also be located at C:\ >> AdwCleaner[XX].txt >> XX <-- Denotes the number of times the application has been ran, so in this should be something like R1.Step 5 Download on the desktop RogueKiller Quit all programs Start RogueKiller.exe Wait until Prescan has finished ... Click on Scan. Click on Report and copy/paste the content of the notepad in your next reply.In your next reply, post the following log files:Junkware Removal Tool logMalwarebytes' Anti-Malware logAdwCleaner logRogueKiller log Link to post Share on other sites More sharing options...
frozengamer Posted May 22, 2013 Author ID:682715 Share Posted May 22, 2013 I ran into at least one problem. Roguekiller crashes on MBR scan, i have attached the log of everything but MBR scan. I tried this quite a few times, also something filled my C drive and brought it to zero space a few times and at least once hosts file was infected while i have been working on the steps. I changed hosts file back to original and then i made it read only and it hasn't been infected since.Here are the logs.Fantapper player uninstalled successfully according to add remove programs.~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 4.9.4 (05.06.2013:1)OS: Windows 7 Ultimate x64Ran by Chris on Wed 05/22/2013 at 7:13:27.34~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Services~~~ Registry Values~~~ Registry Keys~~~ Files~~~ FoldersSuccessfully deleted: [Folder] "C:\Program Files (x86)\wondershare"~~~ FireFoxSuccessfully deleted: [File] "C:\Users\Chris\AppData\Roaming\mozilla\firefox\profiles\vwt9s9m4.default\extensions\sabnzbdstatus@dq5studios.com.xpi"Successfully deleted: [Folder] C:\Users\Chris\AppData\Roaming\mozilla\firefox\profiles\vwt9s9m4.default\jetpackSuccessfully deleted: [Folder] C:\Users\Chris\AppData\Roaming\mozilla\firefox\profiles\vwt9s9m4.default\extensions\stagedEmptied folder: C:\Users\Chris\AppData\Roaming\mozilla\firefox\profiles\vwt9s9m4.default\minidumps [39 files]~~~ Event Viewer Logs were clearedMalwarebytes Anti-Malware 1.75.0.1300www.malwarebytes.orgDatabase version: v2013.05.21.06Windows 7 Service Pack 1 x64 NTFSInternet Explorer 10.0.9200.16576Chris :: BOSS [administrator]5/22/2013 8:55:56 AMmbam-log-2013-05-22 (08-55-56).txtScan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 228664Time elapsed: 2 minute(s), 38 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 0(No malicious items detected)Registry Values Detected: 0(No malicious items detected)Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 0(No malicious items detected)Files Detected: 0(No malicious items detected)(end)# AdwCleaner v2.301 - Logfile created 05/22/2013 at 09:18:51# Updated 16/05/2013 by Xplode# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)# User : Chris - BOSS# Boot Mode : Normal# Running from : C:\Users\Chris\Desktop\adwcleaner(1).exe# Option [search]***** [services] ********** [Files / Folders] *****Folder Found : C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\vwt9s9m4.default\extensions\staged***** [Registry] ********** [internet Browsers] *****-\\ Internet Explorer v10.0.9200.16576[OK] Registry is clean.-\\ Mozilla Firefox v21.0 (en-US)File : C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\vwt9s9m4.default\prefs.js[OK] File is clean.-\\ Google Chrome v26.0.1410.64File : C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Preferences[OK] File is clean.*************************AdwCleaner[R1].txt - [2844 octets] - [21/05/2013 08:00:05]AdwCleaner[R2].txt - [1138 octets] - [21/05/2013 08:37:34]AdwCleaner[R3].txt - [1031 octets] - [22/05/2013 09:18:51]AdwCleaner[s1].txt - [2793 octets] - [21/05/2013 08:00:41]########## EOF - C:\AdwCleaner[R3].txt - [1151 octets] ##########RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzymail : tigzyRK<at>gmail<dot>comFeedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/Website : http://tigzy.geekstogo.com/roguekiller.phpBlog : http://tigzyrk.blogspot.com/Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits versionStarted in : Normal modeUser : Chris [Admin rights]Mode : Scan -- Date : 05/22/2013 13:56:30| ARK || FAK |¤¤¤ Bad processes : 0 ¤¤¤¤¤¤ Registry Entries : 4 ¤¤¤[HJPOL] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND[HJPOL] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND¤¤¤ Particular Files / Folders: ¤¤¤¤¤¤ Driver : [NOT LOADED] ¤¤¤¤¤¤ Extern Hives: ¤¤¤-> D:\windows\system32\config\SOFTWARE-> D:\windows\system32\config\SYSTEM-> D:\Users\chris\NTUSER.DAT-> D:\Users\Default\NTUSER.DAT-> D:\Users\Default User\NTUSER.DAT-> D:\Documents and Settings\Default\NTUSER.DAT-> D:\Documents and Settings\Default User\NTUSER.DAT¤¤¤ HOSTS File: ¤¤¤--> C:\Windows\system32\drivers\etc\hosts¤¤¤ MBR Check: ¤¤¤Finished : << RKreport[2]_S_05222013_02d1356.txt >>RKreport[1]_S_05222013_02d1343.txt ; RKreport[2]_S_05222013_02d1356.txt Link to post Share on other sites More sharing options...
Maniac Posted May 23, 2013 ID:682839 Share Posted May 23, 2013 Step 1Please re-run AdwCleanerClick on Delete button.Confirm each time with OK.Your computer will be rebooted automatically. A text file will open after the restart. Please post the content of that logfile in your reply.Note: You can find the logfile at C:\AdwCleaner[sn].txt as well - n is the order number.Step 2Please scan your machine with ESET OnlineScanHold down Control and click on the following link to open ESET OnlineScan in a new window. ESET OnlineScanClick the button.For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer.Save it to your Desktop.Double click on the to download the ESET Smart Installer. icon on your Desktop.[*]Check "YES, I accept the Terms of Use."[*]Click the Start button.[*]Accept any security warnings from your browser.[*]Under Scan Settings, check "Scan Archives" and "Remove found threats" [*]Click Advanced settings and select the following:Scan potentially unwanted applicationsScan for potentially unsafe applicationsEnable Anti-Stealth technology[*]ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.[*]When the scan completes, click List Threats[*]Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.[*]Click the Back button.[*]Click the Finish button.In your next reply, post the following log files:AdwCleaner logESET Online Scanner log Link to post Share on other sites More sharing options...
frozengamer Posted May 25, 2013 Author ID:683418 Share Posted May 25, 2013 Here are the scans,Please note that since i have made hosts file to read only that every time i reboot a corrupted hosts.txt file shows up in C:/windows/temp/ with the following text, but does not successfully change the hosts file.127.0.0.1 00aaf101a7.gougava.asia # hosts anti-adware / pups127.0.0.1 08sr.combineads.info # hosts anti-adware / pups127.0.0.1 08srvr.combineads.info # hosts anti-adware / pups127.0.0.1 12srvr.combineads.info # hosts anti-adware / pups127.0.0.1 1a2e115593.efacen.pro # hosts anti-adware / pups127.0.0.1 1f1.fr # hosts anti-adware / pups127.0.0.1 1facebookhackeronline.blogspot.no # hosts anti-adware / pups127.0.0.1 2010-fr.com # hosts anti-adware / pups127.0.0.1 2012-new.biz # hosts anti-adware / pups127.0.0.1 2319825.ourtoolbar.com # hosts anti-adware / pups127.0.0.1 24h00business.com # hosts anti-adware / pups127.0.0.1 33black.porn-quest.net # hosts anti-adware / pups127.0.0.1 4672ee0bc8.laibritec.waw.pl # hosts anti-adware / pups127.0.0.1 4990usd.com # hosts anti-adware / pups127.0.0.1 4xp.com # hosts anti-adware / pups127.0.0.1 74.80.131.123 # hosts anti-adware / pups127.0.0.1 78031d2298.tradorad.waw.pl # hosts anti-adware / pups127.0.0.1 80323fcc6e.starsogor.waw.pl # hosts anti-adware / pups127.0.0.1 888.rahon.org # hosts anti-adware / pups127.0.0.1 8e47c22037.temavi.pro # hosts anti-adware / pups127.0.0.1 94eb028571.eimeefiewe.pisz.pl # hosts anti-adware / pups127.0.0.1 96910cbcd4.nicero.pro # hosts anti-adware / pups127.0.0.1 96fb625592.tysofque.waw.pl:82 # hosts anti-adware / pups127.0.0.1 98eu.info # hosts anti-adware / pups127.0.0.1 ack.cdnperformance.info # hosts anti-adware / pups127.0.0.1 acking.conversionads.com # hosts anti-adware / pups127.0.0.1 a.daasafterdusk.com # hosts anti-adware / pups127.0.0.1 ad.adn360.com # hosts anti-adware / pups127.0.0.1 adeartss.eu # hosts anti-adware / pups127.0.0.1 adesoeasy.eu # hosts anti-adware / pups127.0.0.1 adf.girldatesforfree.net # hosts anti-adware / pups127.0.0.1 adomicileavail.googlepages.com # hosts anti-adware / pups127.0.0.1 ads7.complexadveising.com # hosts anti-adware / pups127.0.0.1 ads.aff.co # hosts anti-adware / pups127.0.0.1 ads.alpha00001.com # hosts anti-adware / pups127.0.0.1 ads.cloud4ads.com # hosts anti-adware / pups127.0.0.1 ads.eorezo.com # hosts anti-adware / pups127.0.0.1 ads.hooqy.com # hosts anti-adware / pups127.0.0.1 ads.icksor.com # hosts anti-adware / pups127.0.0.1 ads.regiedepub.com # hosts anti-adware / pups127.0.0.1 ads.sucomspot.com # hosts anti-adware / pups127.0.0.1 ads.tersecta.com # hosts anti-adware / pups127.0.0.1 aduatnight.com # hosts anti-adware / pups127.0.0.1 adultatnight.com # hosts anti-adware / pups127.0.0.1 adultsextools.com # hosts anti-adware / pups127.0.0.1 a.dungtank.com # hosts anti-adware / pups127.0.0.1 adwareale.com # hosts anti-adware / pups127.0.0.1 aff.foxtab.com # hosts anti-adware / pups127.0.0.1 affilibot.eu # hosts anti-adware / pups127.0.0.1 afhhhfegd.co.cc # hosts anti-adware / pups127.0.0.1 afhhhfegd.co. # hosts anti-adware / pups127.0.0.1 afoula.biz # hosts anti-adware / pups127.0.0.1 agence-exusive.com # hosts anti-adware / pups127.0.0.1 a.juiceknowledge.com # hosts anti-adware / pups127.0.0.1 ak.imgfa.com # hosts anti-adware / pups127.0.0.1 ak.imgfarm.com # hosts anti-adware / pups127.0.0.1 amaranth-plant.ru # hosts anti-adware / pups127.0.0.1 antivirusgratuit.vg # hosts anti-adware / pups127.0.0.1 antivirus.nouvee-version.net # hosts anti-adware / pups127.0.0.1 anygadget.info # hosts anti-adware / pups127.0.0.1 api.downloadmr.com # hosts anti-adware / pups127.0.0.1 api.yontoo.com # hosts anti-adware / pups127.0.0.1 apnmedia.ask.com # hosts anti-adware / pups127.0.0.1 application-eor.net # hosts anti-adware / pups127.0.0.1 application-error.net # hosts anti-adware / pups127.0.0.1 app.media-app.com # hosts anti-adware / pups127.0.0.1 app.offerbox.com # hosts anti-adware / pups127.0.0.1 app.softimizer.com # hosts anti-adware / pups127.0.0.1 app.wideseam6.com # hosts anti-adware / pups127.0.0.1 argentastuce.com # hosts anti-adware / pups127.0.0.1 argent-avail-domicile.fr # hosts anti-adware / pups127.0.0.1 argent-domicile.eu # hosts anti-adware / pups127.0.0.1 argent-vital.com # hosts anti-adware / pups127.0.0.1 ascentive.com # hosts anti-adware / pups127.0.0.1 atelecharger.info # hosts anti-adware / pups127.0.0.1 augmentersesrevenus.pyie.com # hosts anti-adware / pups127.0.0.1 auto-webcash.com # hosts anti-adware / pups127.0.0.1 avaaffic.com # hosts anti-adware / pups127.0.0.1 availchezsoi.onlc.fr # hosts anti-adware / pups127.0.0.1 avail-d-equipe.com # hosts anti-adware / pups127.0.0.1 availleur-a-domicile.com # hosts anti-adware / pups127.0.0.1 avigora.com # hosts anti-adware / pups127.0.0.1 avs4you.com # hosts anti-adware / pups127.0.0.1 bababiz.com # hosts anti-adware / pups127.0.0.1 badusoft.com # hosts anti-adware / pups127.0.0.1 banner.kuliyev.com # hosts anti-adware / pups127.0.0.1 b.bestofmedia.com # hosts anti-adware / pups127.0.0.1 be2.fr # hosts anti-adware / pups127.0.0.1 bestflvplayer.net # hosts anti-adware / pups127.0.0.1 bfd34af056e54c8abcb9dd50862f0b9b.integration.download.conduit-services.com # hosts anti-adware / pups127.0.0.1 bidfun.fr # hosts anti-adware / pups127.0.0.1 bisexywoman.biz # hosts anti-adware / pups127.0.0.1 b.juiceknowledge.com # hosts anti-adware / pups127.0.0.1 blacksxxx.org # hosts anti-adware / pups127.0.0.1 blog.upoharbd.com # hosts anti-adware / pups127.0.0.1 boolu.springjapan.info # hosts anti-adware / pups127.0.0.1 boostersonpc.com # hosts anti-adware / pups127.0.0.1 buzz-france.info # hosts anti-adware / pups127.0.0.1 byteseeder.com # hosts anti-adware / pups127.0.0.1 c756514600.phailifaiy.nysa.pl # hosts anti-adware / pups127.0.0.1 c8783b9ac3.ebafap.pro # hosts anti-adware / pups127.0.0.1 cache-download.real.com # hosts anti-adware / pups127.0.0.1 caefourinternet.com # hosts anti-adware / pups127.0.0.1 cash-avalanches.com # hosts anti-adware / pups127.0.0.1 cash-methodes.be # hosts anti-adware / pups127.0.0.1 cash-professor.com # hosts anti-adware / pups127.0.0.1 casinoonlinecash.org # hosts anti-adware / pups127.0.0.1 cdn.appround.biz # hosts anti-adware / pups127.0.0.1 cdn.bigspeedpro.com # hosts anti-adware / pups127.0.0.1 cdn.bispd.com # hosts anti-adware / pups127.0.0.1 cdn.bisrv.com # hosts anti-adware / pups127.0.0.1 cdn.download.sweetpacks.com # hosts anti-adware / pups127.0.0.1 cdneu.bestflvplayer.net # hosts anti-adware / pups127.0.0.1 cdneu.coolvideoconveer.com # hosts anti-adware / pups127.0.0.1 cdneu.coolvideoconverter.com # hosts anti-adware / pups127.0.0.1 cdneu.driverpackcdn.com # hosts anti-adware / pups127.0.0.1 cdneu.friedcookiescdn.com # hosts anti-adware / pups127.0.0.1 cdneu.onedownloadspot.com # hosts anti-adware / pups127.0.0.1 cdneu.telechargercdn.com # hosts anti-adware / pups127.0.0.1 cdn.guttastatdk.us # hosts anti-adware / pups127.0.0.1 cdn.inskinmedia.com # hosts anti-adware / pups127.0.0.1 cdn.insta.oibundles2.com # hosts anti-adware / pups127.0.0.1 cdn.insta.playbryte.com # hosts anti-adware / pups127.0.0.1 cdn.llogetfastcach.us # hosts anti-adware / pups127.0.0.1 cdn.montiera.com # hosts anti-adware / pups127.0.0.1 cdn.msdwnld.com # hosts anti-adware / pups127.0.0.1 cdn.shyapotato.us # hosts anti-adware / pups127.0.0.1 cdn.solimba.com # hosts anti-adware / pups127.0.0.1 cdn.tuto4pc.com # hosts anti-adware / pups127.0.0.1 cdnus.bestflvplayer.net # hosts anti-adware / pups127.0.0.1 cdnus.coolflvplayer.com # hosts anti-adware / pups127.0.0.1 cdnus.driverpackcdn.com # hosts anti-adware / pups127.0.0.1 cdnus.extrimdownloadmanager.com # hosts anti-adware / pups127.0.0.1 cdnus.ironcdn.com # hosts anti-adware / pups127.0.0.1 cdnus.onedownloadspot.com # hosts anti-adware / pups127.0.0.1 cdnus.telechargercdn.com # hosts anti-adware / pups127.0.0.1 c.download-best-softwares.com # hosts anti-adware / pups127.0.0.1 cen.incredibar.com # hosts anti-adware / pups127.0.0.1 centerblog.net # hosts anti-adware / pups127.0.0.1 cf1.vuze.com # hosts anti-adware / pups127.0.0.1 cfnmhdtube.net # hosts anti-adware / pups127.0.0.1 cfnmhdtube.org # hosts anti-adware / pups127.0.0.1 c-full.info # hosts anti-adware / pups127.0.0.1 checkmate121.com # hosts anti-adware / pups127.0.0.1 chevaux8.free.fr # hosts anti-adware / pups127.0.0.1 choiceadu.com # hosts anti-adware / pups127.0.0.1 choiceadult.com # hosts anti-adware / pups127.0.0.1 cia.mediahubaffiliates.biz # hosts anti-adware / pups127.0.0.1 clubcasino.biz # hosts anti-adware / pups127.0.0.1 c-mediaplayer-2010.com # hosts anti-adware / pups127.0.0.1 cms.distributionengine.conduit-services.com # hosts anti-adware / pups127.0.0.1 coachforlife.info # hosts anti-adware / pups127.0.0.1 commeneussir.com # hosts anti-adware / pups127.0.0.1 comment-gagner-argent-internet.fr # hosts anti-adware / pups127.0.0.1 content.sweetim.com # hosts anti-adware / pups127.0.0.1 couplefree.com # hosts anti-adware / pups127.0.0.1 cpafixadvertiser.info # hosts anti-adware / pups127.0.0.1 cp.tuguu.com # hosts anti-adware / pups127.0.0.1 crakkkus.tk # hosts anti-adware / pups127.0.0.1 crazyspandacasino.com # hosts anti-adware / pups127.0.0.1 create-ringtones.com # hosts anti-adware / pups127.0.0.1 cs.adxpansion.com # hosts anti-adware / pups127.0.0.1 c.vg # hosts anti-adware / pups127.0.0.1 d1m9ge5vns34so.oudfront.net # hosts anti-adware / pups127.0.0.1 d1w467en2eqqh2.oudfront.net # hosts anti-adware / pups127.0.0.1 d2qsma9t6l5kt7.oudfront.net # hosts anti-adware / pups127.0.0.1 d30p0quhwpvm.cloudfront.net # hosts anti-adware / pups127.0.0.1 d61.newplaysite.com # hosts anti-adware / pups127.0.0.1 d62.newplaysite.com # hosts anti-adware / pups127.0.0.1 d63.newplaysite.com # hosts anti-adware / pups127.0.0.1 d64.newplaysite.com # hosts anti-adware / pups127.0.0.1 d71.newplaysite.com # hosts anti-adware / pups127.0.0.1 d74.newplaysite.com # hosts anti-adware / pups127.0.0.1 dagence.com # hosts anti-adware / pups127.0.0.1 data.downloadstaer.net # hosts anti-adware / pups127.0.0.1 data.oa-software.com # hosts anti-adware / pups127.0.0.1 datefks.info # hosts anti-adware / pups127.0.0.1 dating-adult-sex.com # hosts anti-adware / pups127.0.0.1 dating-club.biz # hosts anti-adware / pups127.0.0.1 dating.marmaladepark.com # hosts anti-adware / pups127.0.0.1 datingpoland.com # hosts anti-adware / pups127.0.0.1 datingsitenow.com # hosts anti-adware / pups127.0.0.1 dating.voltesempre.org # hosts anti-adware / pups127.0.0.1 db.nordicx.net # hosts anti-adware / pups127.0.0.1 db.prepay-africa.com # hosts anti-adware / pups127.0.0.1 dde.integration.storage.conduit-services.com # hosts anti-adware / pups127.0.0.1 dec.pcvideosfreedownload.com # hosts anti-adware / pups127.0.0.1 delargenapide.canalblog.com # hosts anti-adware / pups127.0.0.1 delivery.afficbroker.com # hosts anti-adware / pups127.0.0.1 delta.goforfiles.com # hosts anti-adware / pups127.0.0.1 depanne-pc.com # hosts anti-adware / pups127.0.0.1 depanne-pc.info # hosts anti-adware / pups127.0.0.1 dereteweret.org # hosts anti-adware / pups127.0.0.1 dev.oud4pc.com # hosts anti-adware / pups127.0.0.1 dfast.us # hosts anti-adware / pups127.0.0.1 dfc.mediaformatconverter.com # hosts anti-adware / pups127.0.0.1 d.freevideosfordownload.com # hosts anti-adware / pups127.0.0.1 dfr.eorezo.com # hosts anti-adware / pups127.0.0.1 dhc.freewindowsmediaconverter.com # hosts anti-adware / pups127.0.0.1 direct.excellerater.com # hosts anti-adware / pups127.0.0.1 dl01.socdn.com # hosts anti-adware / pups127.0.0.1 dl6.iq7download.com # hosts anti-adware / pups127.0.0.1 dl.babylon.com # hosts anti-adware / pups127.0.0.1 dl.cdn-services.com # hosts anti-adware / pups127.0.0.1 dlfr.tuto4pc.com # hosts anti-adware / pups127.0.0.1 dl.instaiq.com # hosts anti-adware / pups127.0.0.1 dlmanager.net # hosts anti-adware / pups127.0.0.1 dl-plugin.com # hosts anti-adware / pups127.0.0.1 dls.nicdls.com # hosts anti-adware / pups127.0.0.1 dls.softgratuit.com # hosts anti-adware / pups127.0.0.1 dls.softlate.com # hosts anti-adware / pups127.0.0.1 dl.v2.domaiq.com # hosts anti-adware / pups127.0.0.1 dn.download-manage.com # hosts anti-adware / pups127.0.0.1 dnld.instacore.com # hosts anti-adware / pups127.0.0.1 dofus-kamas.net # hosts anti-adware / pups127.0.0.1 domaiq.com # hosts anti-adware / pups127.0.0.1 downlesoft.com # hosts anti-adware / pups127.0.0.1 download2.us # hosts anti-adware / pups127.0.0.1 downloadcdn.beerinstaller.com # hosts anti-adware / pups127.0.0.1 downloadcdn.betterinstaller.com # hosts anti-adware / pups127.0.0.1 downloadcdn.betterinstaller.com # hosts anti-adware / pups127.0.0.1 downloadcdn.filebulldog.com # hosts anti-adware / pups127.0.0.1 download.cdn.ftalk.com # hosts anti-adware / pups127.0.0.1 download.cdn.imesh.com # hosts anti-adware / pups127.0.0.1 download.cdn.koyotesoft.com # hosts anti-adware / pups127.0.0.1 download.cdnperfoance.info # hosts anti-adware / pups127.0.0.1 download.cdnperformance.info # hosts anti-adware / pups127.0.0.1 download.cdn.torchbrowser.com # hosts anti-adware / pups127.0.0.1 do-wn-lo-ad.com # hosts anti-adware / pups127.0.0.1 download.fr.filewin.com # hosts anti-adware / pups127.0.0.1 download.fuzezip.com # hosts anti-adware / pups127.0.0.1 download.ilivid.com # hosts anti-adware / pups127.0.0.1 download.imesh.com # hosts anti-adware / pups127.0.0.1 download.instabrain.com # hosts anti-adware / pups127.0.0.1 download.ircfast.com # hosts anti-adware / pups127.0.0.1 download.jzip.com # hosts anti-adware / pups127.0.0.1 download.loipop-network.com # hosts anti-adware / pups127.0.0.1 download.lollipop-network.com # hosts anti-adware / pups127.0.0.1 downloadsecurise.com # hosts anti-adware / pups127.0.0.1 download.shoptowin.net # hosts anti-adware / pups127.0.0.1 downloads.malavida.net # hosts anti-adware / pups127.0.0.1 downloadsoftfr.com # hosts anti-adware / pups127.0.0.1 download.softiglu.com # hosts anti-adware / pups127.0.0.1 download.telechargers.net # hosts anti-adware / pups127.0.0.1 download.televisionfanatic.com # hosts anti-adware / pups127.0.0.1 download.toggle.com # hosts anti-adware / pups127.0.0.1 download.wajam.com # hosts anti-adware / pups127.0.0.1 download.winds10.com # hosts anti-adware / pups127.0.0.1 driverutilities.com # hosts anti-adware / pups127.0.0.1 dt3j8jg8ei6zr.oudfront.net # hosts anti-adware / pups127.0.0.1 durable.com # hosts anti-adware / pups127.0.0.1 e446c146c2.artrardf.su # hosts anti-adware / pups127.0.0.1 easyformulaforsuccess.org # hosts anti-adware / pups127.0.0.1 easyfoulaforsuccess.org # hosts anti-adware / pups127.0.0.1 ebook-generation.com # hosts anti-adware / pups127.0.0.1 ebooks-reussite.com # hosts anti-adware / pups127.0.0.1 eee791ae0f.iffica.waw.pl # hosts anti-adware / pups127.0.0.1 egirlsex.com # hosts anti-adware / pups127.0.0.1 egisex.com # hosts anti-adware / pups127.0.0.1 elecharger.superfiles.com # hosts anti-adware / pups127.0.0.1 enigmasoftware.com # hosts anti-adware / pups127.0.0.1 eorezo.com # hosts anti-adware / pups127.0.0.1 ero-odnoklassniki.info # hosts anti-adware / pups127.0.0.1 eu.paydaycashloanadvancea2478.com # hosts anti-adware / pups127.0.0.1 explorer-2010.com # hosts anti-adware / pups127.0.0.1 facebookmotdepasse.blogspot.fr # hosts anti-adware / pups127.0.0.1 facebook-piraters.blogspot.fr # hosts anti-adware / pups127.0.0.1 facenouf.com # hosts anti-adware / pups127.0.0.1 fafrenzyforwindows.com # hosts anti-adware / pups127.0.0.1 farmfrenzyforwindows.com # hosts anti-adware / pups127.0.0.1 fatihkocyigit.com.tr # hosts anti-adware / pups127.0.0.1 fedrekpolik.org # hosts anti-adware / pups127.0.0.1 feed.extremelyorange.com # hosts anti-adware / pups127.0.0.1 feed.gadarnews.com # hosts anti-adware / pups127.0.0.1 fetolbus.ru # hosts anti-adware / pups127.0.0.1 ff.conduit-download.com # hosts anti-adware / pups127.0.0.1 fichier1.easycommander.com # hosts anti-adware / pups127.0.0.1 file-exactor.com # hosts anti-adware / pups127.0.0.1 files123321.uk.to # hosts anti-adware / pups127.0.0.1 files.download1ick.ws # hosts anti-adware / pups127.0.0.1 files.iranapps.com # hosts anti-adware / pups127.0.0.1 files.vaultnoir.com # hosts anti-adware / pups127.0.0.1 find2download.fr # hosts anti-adware / pups127.0.0.1 flexweb.getyoursoft.com # hosts anti-adware / pups127.0.0.1 flintporn.com # hosts anti-adware / pups127.0.0.1 flirtube.com # hosts anti-adware / pups127.0.0.1 flvmplayer.com # hosts anti-adware / pups127.0.0.1 flvmplayer.s3-website-us-east-1.amazonaws.com # hosts anti-adware / pups127.0.0.1 fmccijsu.changeip.org # hosts anti-adware / pups127.0.0.1 founeacademie.com # hosts anti-adware / pups127.0.0.1 francais.babylon.com # hosts anti-adware / pups127.0.0.1 fr.ask.com # hosts anti-adware / pups127.0.0.1 freeaddons.free.fr # hosts anti-adware / pups127.0.0.1 freecompressor.com # hosts anti-adware / pups127.0.0.1 freecensoredvidz.org # hosts anti-adware / pups127.0.0.1 freemomsexxx7.com # hosts anti-adware / pups127.0.0.1 french.ircfast.com # hosts anti-adware / pups127.0.0.1 fr.excite.eu # hosts anti-adware / pups127.0.0.1 fr.iminent.com # hosts anti-adware / pups127.0.0.1 fr.malavida.com # hosts anti-adware / pups127.0.0.1 fr.phreat.com # hosts anti-adware / pups127.0.0.1 fr.smeet.com # hosts anti-adware / pups127.0.0.1 fr.winds10.com # hosts anti-adware / pups127.0.0.1 ftp2solls.org # hosts anti-adware / pups127.0.0.1 functionjs.com # hosts anti-adware / pups127.0.0.1 functionjs.com # hosts anti-adware / pups127.0.0.1 fupackcodecs.com # hosts anti-adware / pups127.0.0.1 fupackvista.com # hosts anti-adware / pups127.0.0.1 gagner-argent.blog4ever.com # hosts anti-adware / pups127.0.0.1 gagnerargent.blog4ever.com # hosts anti-adware / pups127.0.0.1 gagner-argent-domicile.be # hosts anti-adware / pups127.0.0.1 gagnerargentnet.canalblog.com # hosts anti-adware / pups127.0.0.1 gagner-de-l-argent-facile.net # hosts anti-adware / pups127.0.0.1 gagner-de-l-argent.org # hosts anti-adware / pups127.0.0.1 gagner-du-temps.eu # hosts anti-adware / pups127.0.0.1 gagner-facile.net # hosts anti-adware / pups127.0.0.1 gagner-rapidemen.ifrance.com # hosts anti-adware / pups127.0.0.1 gagner-rapidement.ifrance.com # hosts anti-adware / pups127.0.0.1 gains-complementaires.com # hosts anti-adware / pups127.0.0.1 gamedue.fr # hosts anti-adware / pups127.0.0.1 gamepoluss.eu # hosts anti-adware / pups127.0.0.1 gamesxite.com # hosts anti-adware / pups127.0.0.1 ganerecker.com # hosts anti-adware / pups127.0.0.1 gapokga.com # hosts anti-adware / pups127.0.0.1 gask.samo-project.com # hosts anti-adware / pups127.0.0.1 gefendok.org # hosts anti-adware / pups127.0.0.1 getfreemediaonline.com # hosts anti-adware / pups127.0.0.1 gilikesex.com # hosts anti-adware / pups127.0.0.1 gimp.soft32.fr # hosts anti-adware / pups127.0.0.1 ging8.com # hosts anti-adware / pups127.0.0.1 ginyas.com # hosts anti-adware / pups127.0.0.1 girllikesex.com # hosts anti-adware / pups127.0.0.1 giuna.info # hosts anti-adware / pups127.0.0.1 glamorousgirl.net # hosts anti-adware / pups127.0.0.1 glamorous-girls-models.net # hosts anti-adware / pups127.0.0.1 glamorous-girls.net # hosts anti-adware / pups127.0.0.1 glamorous-model.com # hosts anti-adware / pups127.0.0.1 glamorousmodelsgirl.net # hosts anti-adware / pups127.0.0.1 glamorous-models-girls.com # hosts anti-adware / pups127.0.0.1 gogo20.cusi.fr # hosts anti-adware / pups127.0.0.1 go.goforfiles.com # hosts anti-adware / pups127.0.0.1 goldaa.com # hosts anti-adware / pups127.0.0.1 gooofu.com # hosts anti-adware / pups127.0.0.1 go.tvnoop.com # hosts anti-adware / pups127.0.0.1 gratisporno69.info # hosts anti-adware / pups127.0.0.1 greattubeporn.com # hosts anti-adware / pups127.0.0.1 gudfaj.info # hosts anti-adware / pups127.0.0.1 h4r3.hopto.org # hosts anti-adware / pups127.0.0.1 hit.afficholder.com # hosts anti-adware / pups127.0.0.1 hit-sex.com # hosts anti-adware / pups127.0.0.1 hit-sex.com # hosts anti-adware / pups127.0.0.1 homemadempegs.com # hosts anti-adware / pups127.0.0.1 homevideonews.biz # hosts anti-adware / pups127.0.0.1 hotandfreeporno.net # hosts anti-adware / pups127.0.0.1 hotporngirls.com # hosts anti-adware / pups127.0.0.1 hotporngis.com # hosts anti-adware / pups127.0.0.1 hotxxx-gi.com # hosts anti-adware / pups127.0.0.1 hotxxx-girl.com # hosts anti-adware / pups127.0.0.1 hpm.tbm-ntwk.com # hosts anti-adware / pups127.0.0.1 http://www.telecharger.org # hosts anti-adware / pups127.0.0.1 icargent.com # hosts anti-adware / pups127.0.0.1 ic.illyx.com # hosts anti-adware / pups127.0.0.1 ie.conduit-download.com # hosts anti-adware / pups127.0.0.1 ie.dealply.com # hosts anti-adware / pups127.0.0.1 igvau.fr # hosts anti-adware / pups127.0.0.1 imesh.com # hosts anti-adware / pups127.0.0.1 img.planetsappho.net # hosts anti-adware / pups127.0.0.1 imvux.com # hosts anti-adware / pups127.0.0.1 index.myftp.org # hosts anti-adware / pups127.0.0.1 insta2.optimum-installer.com # hosts anti-adware / pups127.0.0.1 insta.blamcity.com # hosts anti-adware / pups127.0.0.1 instaer.betterinstaller.com # hosts anti-adware / pups127.0.0.1 instaer.filebulldog.com # hosts anti-adware / pups127.0.0.1 insta.iminent.com # hosts anti-adware / pups127.0.0.1 installer.betterinstaller.com # hosts anti-adware / pups127.0.0.1 installer.filebulldog.com # hosts anti-adware / pups127.0.0.1 installertechcontent.com # hosts anti-adware / pups127.0.0.1 install.outbrowse.com # hosts anti-adware / pups127.0.0.1 insta.optimum-installer.com # hosts anti-adware / pups127.0.0.1 insta.optimuminstaller.com # hosts anti-adware / pups127.0.0.1 institut-dulac.com # hosts anti-adware / pups127.0.0.1 interdescargas.com # hosts anti-adware / pups127.0.0.1 iogiciel.com # hosts anti-adware / pups127.0.0.1 ip.freepiv.net # hosts anti-adware / pups127.0.0.1 iyx.co # hosts anti-adware / pups127.0.0.1 jdownloader.org # hosts anti-adware / pups127.0.0.1 jeboost.com # hosts anti-adware / pups127.0.0.1 je-mange-et-je-maigris.com # hosts anti-adware / pups127.0.0.1 jlyxe.changeip.name # hosts anti-adware / pups127.0.0.1 jscontent.com # hosts anti-adware / pups127.0.0.1 jshref.com # hosts anti-adware / pups127.0.0.1 jsmeta.com # hosts anti-adware / pups127.0.0.1 kiyure.com # hosts anti-adware / pups127.0.0.1 koyotstar.free.fr # hosts anti-adware / pups127.0.0.1 krupse.info # hosts anti-adware / pups127.0.0.1 kuyqen.info # hosts anti-adware / pups127.0.0.1 landing.etype.com # hosts anti-adware / pups127.0.0.1 lcstatx.dallasdroidapps.com # hosts anti-adware / pups127.0.0.1 lecoindesinsiders.com # hosts anti-adware / pups127.0.0.1 le-dire.tv # hosts anti-adware / pups127.0.0.1 lerwik.info # hosts anti-adware / pups127.0.0.1 lesexgir.com # hosts anti-adware / pups127.0.0.1 lestutoriels-enarchives.com # hosts anti-adware / pups127.0.0.1 lesvirus.fr # hosts anti-adware / pups127.0.0.1 linkfixerplus.com # hosts anti-adware / pups127.0.0.1 linkmeee.com # hosts anti-adware / pups127.0.0.1 lishros.info # hosts anti-adware / pups127.0.0.1 live-casino-online.org # hosts anti-adware / pups127.0.0.1 live-sex-x.com # hosts anti-adware / pups127.0.0.1 load.keygendb.net # hosts anti-adware / pups127.0.0.1 load.scanscout.com # hosts anti-adware / pups127.0.0.1 logi-secure.eu # hosts anti-adware / pups127.0.0.1 lollipoporno.org # hosts anti-adware / pups127.0.0.1 lp.ick2saveapp.com # hosts anti-adware / pups127.0.0.1 lp.ilivid.com # hosts anti-adware / pups127.0.0.1 lp.imesh.com # hosts anti-adware / pups127.0.0.1 lp.sweetim.com # hosts anti-adware / pups127.0.0.1 lp.torchbrowser.com # hosts anti-adware / pups127.0.0.1 lsdgroupg.com # hosts anti-adware / pups127.0.0.1 luda9wmsiteza.eu # hosts anti-adware / pups127.0.0.1 lunarnewyearhouston.com # hosts anti-adware / pups127.0.0.1 lyotir.info # hosts anti-adware / pups127.0.0.1 maosvonring.net # hosts anti-adware / pups127.0.0.1 maprado.com # hosts anti-adware / pups127.0.0.1 mariavoyance.com # hosts anti-adware / pups127.0.0.1 mariins.com # hosts anti-adware / pups127.0.0.1 matureagent.com # hosts anti-adware / pups127.0.0.1 matureboytubes.com # hosts anti-adware / pups127.0.0.1 maturepornxtube.com # hosts anti-adware / pups127.0.0.1 max-adult-tube.com # hosts anti-adware / pups127.0.0.1 max-adu-tube.com # hosts anti-adware / pups127.0.0.1 media-app.com # hosts anti-adware / pups127.0.0.1 media.comesvita.com.es # hosts anti-adware / pups127.0.0.1 mediaplayer-codecpack.com # hosts anti-adware / pups127.0.0.1 media-player-helper.com # hosts anti-adware / pups127.0.0.1 media.pussycash.com # hosts anti-adware / pups127.0.0.1 medicumnnova.eu # hosts anti-adware / pups127.0.0.1 medvenerologsz.eu # hosts anti-adware / pups127.0.0.1 meetandlovesz.eu # hosts anti-adware / pups127.0.0.1 mega-cool-bonus.org # hosts anti-adware / pups127.0.0.1 megoads.eu # hosts anti-adware / pups127.0.0.1 messenger.descargar.es # hosts anti-adware / pups127.0.0.1 methode-cash.com # hosts anti-adware / pups127.0.0.1 methodegagnante.com # hosts anti-adware / pups127.0.0.1 mfd.malavida.com # hosts anti-adware / pups127.0.0.1 mflashplayer.com # hosts anti-adware / pups127.0.0.1 mfzplecp.changeip.name # hosts anti-adware / pups127.0.0.1 milfscunt.com # hosts anti-adware / pups127.0.0.1 mires.eorezo.com # hosts anti-adware / pups127.0.0.1 mirfr.eorezo.com # hosts anti-adware / pups127.0.0.1 mn.babcdn.com # hosts anti-adware / pups127.0.0.1 moneywin24.biz # hosts anti-adware / pups127.0.0.1 monij.info # hosts anti-adware / pups127.0.0.1 muibar.me # hosts anti-adware / pups127.0.0.1 mysexpalace.com # hosts anti-adware / pups127.0.0.1 need4video.com # hosts anti-adware / pups127.0.0.1 neo-bux.fr # hosts anti-adware / pups127.0.0.1 new-2011.net # hosts anti-adware / pups127.0.0.1 new-2012.net # hosts anti-adware / pups127.0.0.1 new-club-casino.org # hosts anti-adware / pups127.0.0.1 newt7.aduadworld.com # hosts anti-adware / pups127.0.0.1 new-windows7.com # hosts anti-adware / pups127.0.0.1 nocghnr.changeip.org # hosts anti-adware / pups127.0.0.1 nomeraodessas.eu # hosts anti-adware / pups127.0.0.1 nopebivernmss.eu # hosts anti-adware / pups127.0.0.1 noproblemss.eu # hosts anti-adware / pups127.0.0.1 nude-passion.com # hosts anti-adware / pups127.0.0.1 obdurp.info # hosts anti-adware / pups127.0.0.1 offagnopz.changeip.name # hosts anti-adware / pups127.0.0.1 offers.avazuscd.net # hosts anti-adware / pups127.0.0.1 offre-surprise.com # hosts anti-adware / pups127.0.0.1 ogpal.com # hosts anti-adware / pups127.0.0.1 ojan-killer.net # hosts anti-adware / pups127.0.0.1 onedownloadspot.com # hosts anti-adware / pups127.0.0.1 opalki.info # hosts anti-adware / pups127.0.0.1 opasi.com # hosts anti-adware / pups127.0.0.1 osbasedreceiva.pl # hosts anti-adware / pups127.0.0.1 os.coolvideoconverter.com # hosts anti-adware / pups127.0.0.1 oud4pc.com # hosts anti-adware / pups127.0.0.1 out.popads.net # hosts anti-adware / pups127.0.0.1 pageerror-download.com # hosts anti-adware / pups127.0.0.1 pair.homecomputerrepair.ca # hosts anti-adware / pups127.0.0.1 pcpitstop.com # hosts anti-adware / pups127.0.0.1 pctuto.com # hosts anti-adware / pups127.0.0.1 pdf-reader-eator.com # hosts anti-adware / pups127.0.0.1 phprocket.net # hosts anti-adware / pups127.0.0.1 phytolabel.com # hosts anti-adware / pups127.0.0.1 phytolabel.fr # hosts anti-adware / pups127.0.0.1 pikkolorgy.org # hosts anti-adware / pups127.0.0.1 pio-data2.info # hosts anti-adware / pups127.0.0.1 planscools.fr # hosts anti-adware / pups127.0.0.1 playgil.org # hosts anti-adware / pups127.0.0.1 plugnrex.info # hosts anti-adware / pups127.0.0.1 plusrichedemain.fr # hosts anti-adware / pups127.0.0.1 pnads.com # hosts anti-adware / pups127.0.0.1 pognonfacile.com # hosts anti-adware / pups127.0.0.1 p.online-hd.tv # hosts anti-adware / pups127.0.0.1 popander.mobi # hosts anti-adware / pups127.0.0.1 pornoinpark.net # hosts anti-adware / pups127.0.0.1 pornoow.com # hosts anti-adware / pups127.0.0.1 pornotube.grangnp.com # hosts anti-adware / pups127.0.0.1 promoution231.ru # hosts anti-adware / pups127.0.0.1 promo.vador.com # hosts anti-adware / pups127.0.0.1 proteorlb-1556088852.us-east-1.elb.amazonaws.com # hosts anti-adware / pups127.0.0.1 pu.plugrush.com # hosts anti-adware / pups127.0.0.1 purebot2.sytes.net # hosts anti-adware / pups127.0.0.1 push.ping.com # hosts anti-adware / pups127.0.0.1 puto.com # hosts anti-adware / pups127.0.0.1 qiweol.info # hosts anti-adware / pups127.0.0.1 quad-anti-spyware.com # hosts anti-adware / pups127.0.0.1 quad-eaner.com # hosts anti-adware / pups127.0.0.1 quadriviuma.eu # hosts anti-adware / pups127.0.0.1 qualityhqporn.com # hosts anti-adware / pups127.0.0.1 quegeek.com # hosts anti-adware / pups127.0.0.1 qumxav.changeip.name # hosts anti-adware / pups127.0.0.1 qwe.goforfiles.com # hosts anti-adware / pups127.0.0.1 real-boardsz.eu # hosts anti-adware / pups127.0.0.1 real-cenesz.eu # hosts anti-adware / pups127.0.0.1 real-centresz.eu # hosts anti-adware / pups127.0.0.1 redir.ballysbs.com # hosts anti-adware / pups127.0.0.1 redirect.ad-feeds.net # hosts anti-adware / pups127.0.0.1 reedomparty.com # hosts anti-adware / pups127.0.0.1 reedompay.com # hosts anti-adware / pups127.0.0.1 regarder-tv.com # hosts anti-adware / pups127.0.0.1 regisybooster2010.fr # hosts anti-adware / pups127.0.0.1 regisyonwindows.com # hosts anti-adware / pups127.0.0.1 regisywinner.com # hosts anti-adware / pups127.0.0.1 reimage.com # hosts anti-adware / pups127.0.0.1 repair-my-pc.info # hosts anti-adware / pups127.0.0.1 repair-pc-eors.info # hosts anti-adware / pups127.0.0.1 repare-internet-explorer.com # hosts anti-adware / pups127.0.0.1 reparer-windowsvista.com # hosts anti-adware / pups127.0.0.1 reparer-windowsxp.com # hosts anti-adware / pups127.0.0.1 reparez-internet-explorer.com # hosts anti-adware / pups127.0.0.1 reparez-windows.com # hosts anti-adware / pups127.0.0.1 reparez-windows.info # hosts anti-adware / pups127.0.0.1 reparez-windows-vista.com # hosts anti-adware / pups127.0.0.1 reparez-windows-xp.com # hosts anti-adware / pups127.0.0.1 rester-anquile.com # hosts anti-adware / pups127.0.0.1 reussiteaffiliation.com # hosts anti-adware / pups127.0.0.1 rezinovsap.co.cc # hosts anti-adware / pups127.0.0.1 rezinovsap.co. # hosts anti-adware / pups127.0.0.1 ron.protectorwide.asia # hosts anti-adware / pups127.0.0.1 rpc.hitexchangeserver.com # hosts anti-adware / pups127.0.0.1 rp.funmoodscdn.com # hosts anti-adware / pups127.0.0.1 rp.telechargercdn.com # hosts anti-adware / pups127.0.0.1 rztube.com # hosts anti-adware / pups127.0.0.1 s58036.gridserver.com # hosts anti-adware / pups127.0.0.1 samcro.fr # hosts anti-adware / pups127.0.0.1 satch2cash.com # hosts anti-adware / pups127.0.0.1 scache.regiedepub.com # hosts anti-adware / pups127.0.0.1 scriptsname.com # hosts anti-adware / pups127.0.0.1 sdgsdgsdg.at.tf # hosts anti-adware / pups127.0.0.1 search.babylon.com # hosts anti-adware / pups127.0.0.1 searchqu.com # hosts anti-adware / pups127.0.0.1 sec-france.info # hosts anti-adware / pups127.0.0.1 securelinkdownload.com # hosts anti-adware / pups127.0.0.1 securisedownload.com # hosts anti-adware / pups127.0.0.1 seet-internet.com # hosts anti-adware / pups127.0.0.1 semsols123.comodo.revenuewire.net # hosts anti-adware / pups127.0.0.1 semsols123.comodo.safeca.com # hosts anti-adware / pups127.0.0.1 servicemap.conduit-services.com # hosts anti-adware / pups127.0.0.1 service.yontoo.com # hosts anti-adware / pups127.0.0.1 serw2.chujon.info # hosts anti-adware / pups127.0.0.1 serw.icksor.com # hosts anti-adware / pups127.0.0.1 serw.lunjli.info # hosts anti-adware / pups127.0.0.1 serw.schworis.com # hosts anti-adware / pups127.0.0.1 setup2.iminent.com # hosts anti-adware / pups127.0.0.1 sexanaltube.com # hosts anti-adware / pups127.0.0.1 sex-here.com # hosts anti-adware / pups127.0.0.1 sex-lites.com # hosts anti-adware / pups127.0.0.1 sexopartynow.biz # hosts anti-adware / pups127.0.0.1 sexsweetie.com # hosts anti-adware / pups127.0.0.1 sexvamnet.com # hosts anti-adware / pups127.0.0.1 sexvideofile.com # hosts anti-adware / pups127.0.0.1 sexvideomix.biz # hosts anti-adware / pups127.0.0.1 sexwetgirls.com # hosts anti-adware / pups127.0.0.1 sexwetgis.com # hosts anti-adware / pups127.0.0.1 sexwu.com # hosts anti-adware / pups127.0.0.1 sexycats18yearme.com # hosts anti-adware / pups127.0.0.1 sexysatan.com # hosts anti-adware / pups127.0.0.1 sexywally.com # hosts anti-adware / pups127.0.0.1 sexyway.com # hosts anti-adware / pups127.0.0.1 siterusza.eu # hosts anti-adware / pups127.0.0.1 skype.telecharger-france.com # hosts anti-adware / pups127.0.0.1 slotonlinecasino.org # hosts anti-adware / pups127.0.0.1 sms-rostovs.eu # hosts anti-adware / pups127.0.0.1 socialmediahelpme.info # hosts anti-adware / pups127.0.0.1 soft-2011.com # hosts anti-adware / pups127.0.0.1 soft2pcfr.com # hosts anti-adware / pups127.0.0.1 soft4click.com # hosts anti-adware / pups127.0.0.1 soft.foxtab.com # hosts anti-adware / pups127.0.0.1 softgratuit.com # hosts anti-adware / pups127.0.0.1 softigloo.com # hosts anti-adware / pups127.0.0.1 softingo.com # hosts anti-adware / pups127.0.0.1 softmor.org # hosts anti-adware / pups127.0.0.1 soft.tc # hosts anti-adware / pups127.0.0.1 soft.telecharger.com # hosts anti-adware / pups127.0.0.1 software.cdnredire01.info # hosts anti-adware / pups127.0.0.1 softwareprovisioning.com # hosts anti-adware / pups127.0.0.1 softwares.the-ad.net # hosts anti-adware / pups127.0.0.1 software.the-ad.net # hosts anti-adware / pups127.0.0.1 solutionsmiions.com # hosts anti-adware / pups127.0.0.1 sondages-remuneres.net # hosts anti-adware / pups127.0.0.1 spamfighter.com # hosts anti-adware / pups127.0.0.1 speedmaxpc.com # hosts anti-adware / pups127.0.0.1 spoau.com # hosts anti-adware / pups127.0.0.1 spybotseah-full.info # hosts anti-adware / pups127.0.0.1 spynomore.com # hosts anti-adware / pups127.0.0.1 spywareremove.com # hosts anti-adware / pups127.0.0.1 static.bicdn.com # hosts anti-adware / pups127.0.0.1 static.v2.madodls.com # hosts anti-adware / pups127.0.0.1 step.yourfiledownloader.com # hosts anti-adware / pups127.0.0.1 storage.conduit.com # hosts anti-adware / pups127.0.0.1 storagenl.info # hosts anti-adware / pups127.0.0.1 stp.babylon.com # hosts anti-adware / pups127.0.0.1 stream-actu.com # hosts anti-adware / pups127.0.0.1 streaming-direct.tv # hosts anti-adware / pups127.0.0.1 streaming-vlc.com # hosts anti-adware / pups127.0.0.1 suesliberte.net # hosts anti-adware / pups127.0.0.1 suppo0070.homelinux.com # hosts anti-adware / pups127.0.0.1 suppo211.dnsalias.com # hosts anti-adware / pups127.0.0.1 suppo533333.homelinux.net # hosts anti-adware / pups127.0.0.1 suppo8881.homelinux.com # hosts anti-adware / pups127.0.0.1 support0070.homelinux.com # hosts anti-adware / pups127.0.0.1 support211.dnsalias.com # hosts anti-adware / pups127.0.0.1 support533333.homelinux.net # hosts anti-adware / pups127.0.0.1 support8881.homelinux.com # hosts anti-adware / pups127.0.0.1 supprimeevirus.blogspot.com # hosts anti-adware / pups127.0.0.1 supprimeevirus.blogspot.fr # hosts anti-adware / pups127.0.0.1 supprimer-spyware.com # hosts anti-adware / pups127.0.0.1 sweethoneysexbaby.com # hosts anti-adware / pups127.0.0.1 swetkittyxxx.biz # hosts anti-adware / pups127.0.0.1 sybiedejanville.com # hosts anti-adware / pups127.0.0.1 tarhankyte.info # hosts anti-adware / pups127.0.0.1 telecharger-0.driverutilities.com # hosts anti-adware / pups127.0.0.1 telecharger-2012.com # hosts anti-adware / pups127.0.0.1 telecharger-gratuit.com # hosts anti-adware / pups127.0.0.1 telecharger.logiciel.net # hosts anti-adware / pups127.0.0.1 tele-charger.org # hosts anti-adware / pups127.0.0.1 telecharger.toggle.com # hosts anti-adware / pups127.0.0.1 test.auvixa.com # hosts anti-adware / pups127.0.0.1 test.rooferslongislandroofing.com # hosts anti-adware / pups127.0.0.1 the0606.com # hosts anti-adware / pups127.0.0.1 thebestonlinecasino.org # hosts anti-adware / pups127.0.0.1 theparadiseisland.net # hosts anti-adware / pups127.0.0.1 tioblipla.com # hosts anti-adware / pups127.0.0.1 todownloadcdn.com # hosts anti-adware / pups127.0.0.1 top-2011.com # hosts anti-adware / pups127.0.0.1 top-2012.com # hosts anti-adware / pups127.0.0.1 top-regisy-cleaner.net # hosts anti-adware / pups127.0.0.1 totaediaconverter-u.com # hosts anti-adware / pups127.0.0.1 totalmediaconverter-u.com # hosts anti-adware / pups127.0.0.1 totalmediaconverter-u.com # hosts anti-adware / pups127.0.0.1 trackstatsnow.com # hosts anti-adware / pups127.0.0.1 tradeartss.eu # hosts anti-adware / pups127.0.0.1 trafficadward.homelinux.com # hosts anti-adware / pups127.0.0.1 truitow.info # hosts anti-adware / pups127.0.0.1 tube4free.zorfu.com # hosts anti-adware / pups127.0.0.1 tuheyds.changeip.name # hosts anti-adware / pups127.0.0.1 tuto4pc.com # hosts anti-adware / pups127.0.0.1 tutoriales100.com # hosts anti-adware / pups127.0.0.1 tv-dire.fr # hosts anti-adware / pups127.0.0.1 tviexpress-france.com # hosts anti-adware / pups127.0.0.1 tvuzz.com # hosts anti-adware / pups127.0.0.1 tweaks-soft.com # hosts anti-adware / pups127.0.0.1 ub-positif.com # hosts anti-adware / pups127.0.0.1 ude.conduit-data.com # hosts anti-adware / pups127.0.0.1 uitow.info # hosts anti-adware / pups127.0.0.1 uniblue.com # hosts anti-adware / pups127.0.0.1 universal-downloader.en.softonic.com # hosts anti-adware / pups127.0.0.1 universal-downloader.softonic.fr # hosts anti-adware / pups127.0.0.1 up.lollipop-network.com # hosts anti-adware / pups127.0.0.1 uprsimy.changeip.org # hosts anti-adware / pups127.0.0.1 usage.toolbar.conduit-services.com # hosts anti-adware / pups127.0.0.1 us.mambasextube.com # hosts anti-adware / pups127.0.0.1 us-vegascasino.org # hosts anti-adware / pups127.0.0.1 utoent-net.info # hosts anti-adware / pups127.0.0.1 utorrent.portalux.com # hosts anti-adware / pups127.0.0.1 uwjem.info # hosts anti-adware / pups127.0.0.1 vatsonandson.uk.to # hosts anti-adware / pups127.0.0.1 vechernieb.co.cc # hosts anti-adware / pups127.0.0.1 vechernieb.co. # hosts anti-adware / pups127.0.0.1 version.etype.com # hosts anti-adware / pups127.0.0.1 viccpm03.victoryproads.com # hosts anti-adware / pups127.0.0.1 viccpm08.victoryproads.com # hosts anti-adware / pups127.0.0.1 viccpm08.victoryproads.com # hosts anti-adware / pups127.0.0.1 videodirectory9.info # hosts anti-adware / pups127.0.0.1 videodownloadconveer.com # hosts anti-adware / pups127.0.0.1 videofer.us # hosts anti-adware / pups127.0.0.1 vipm03.victoryproads.com # hosts anti-adware / pups127.0.0.1 vipm08.victoryproads.com # hosts anti-adware / pups127.0.0.1 virbanks.com # hosts anti-adware / pups127.0.0.1 visicommedia.com # hosts anti-adware / pups127.0.0.1 vistacodec-2010.com # hosts anti-adware / pups127.0.0.1 vizihq.info # hosts anti-adware / pups127.0.0.1 vlc.load4free.net # hosts anti-adware / pups127.0.0.1 voe-travail-a-domicile.com # hosts anti-adware / pups127.0.0.1 vos-revenus-sur-internet.com # hosts anti-adware / pups127.0.0.1 vsharetv.ouoolbar.com # hosts anti-adware / pups127.0.0.1 wa2go.com # hosts anti-adware / pups127.0.0.1 want.suck-my-candy.com # hosts anti-adware / pups127.0.0.1 webplayerddl.com # hosts anti-adware / pups127.0.0.1 webplayer.tv # hosts anti-adware / pups127.0.0.1 wefightbadware.org # hosts anti-adware / pups127.0.0.1 westopmalware.org # hosts anti-adware / pups127.0.0.1 widgets.wizebar.com # hosts anti-adware / pups127.0.0.1 wildmedianetwork.com # hosts anti-adware / pups127.0.0.1 win1.winsprodco.info # hosts anti-adware / pups127.0.0.1 wincr1.winsprodco.info # hosts anti-adware / pups127.0.0.1 winpoal.fr # hosts anti-adware / pups127.0.0.1 winskeat.fr # hosts anti-adware / pups127.0.0.1 winzip-fu.net # hosts anti-adware / pups127.0.0.1 wiseconve.com # hosts anti-adware / pups127.0.0.1 wiseconvert15.greattoolbars.com # hosts anti-adware / pups127.0.0.1 wiseconvert.com # hosts anti-adware / pups127.0.0.1 wlroxe.changeip.name # hosts anti-adware / pups127.0.0.1 wtseleions.com # hosts anti-adware / pups127.0.0.1 www.01-telecharger.com # hosts anti-adware / pups127.0.0.1 www.123mplayer.com # hosts anti-adware / pups127.0.0.1 www.2012-plus.org # hosts anti-adware / pups127.0.0.1 www.2607.cn # hosts anti-adware / pups127.0.0.1 www2l.incredimail.com # hosts anti-adware / pups127.0.0.1 www.2-spyware.com # hosts anti-adware / pups127.0.0.1 www3l.incredimail.com # hosts anti-adware / pups127.0.0.1 www.411-spyware.com # hosts anti-adware / pups127.0.0.1 www4l.incredimail.com # hosts anti-adware / pups127.0.0.1 www5l.incredimail.com # hosts anti-adware / pups127.0.0.1 www.80worldnewstoday.info # hosts anti-adware / pups127.0.0.1 www.ackdlstat.com # hosts anti-adware / pups127.0.0.1 www.ackinn.com # hosts anti-adware / pups127.0.0.1 www.acksguru.com # hosts anti-adware / pups127.0.0.1 www.affiliation-france.com # hosts anti-adware / pups127.0.0.1 www.affpx.com # hosts anti-adware / pups127.0.0.1 www.agence-exusive.com # hosts anti-adware / pups127.0.0.1 www.alcoporn.com # hosts anti-adware / pups127.0.0.1 www.alterporn.com # hosts anti-adware / pups127.0.0.1 www.americanpendulum.com # hosts anti-adware / pups127.0.0.1 www.amonetizeinstaller.com # hosts anti-adware / pups127.0.0.1 www.anti-spyware-101.com # hosts anti-adware / pups127.0.0.1 www.anvisoft.com # hosts anti-adware / pups127.0.0.1 www.aoporn.com # hosts anti-adware / pups127.0.0.1 www.appround.biz # hosts anti-adware / pups127.0.0.1 www.appround.net # hosts anti-adware / pups127.0.0.1 www.asoftwareplus.com # hosts anti-adware / pups127.0.0.1 www.assure-le.com # hosts anti-adware / pups127.0.0.1 www.babesandgirls.com # hosts anti-adware / pups127.0.0.1 www.babylon.com # hosts anti-adware / pups127.0.0.1 www.bigspeedpro.com # hosts anti-adware / pups127.0.0.1 www.bioartmed.com # hosts anti-adware / pups127.0.0.1 www.bit89.com # hosts anti-adware / pups127.0.0.1 www.bit-mania.com # hosts anti-adware / pups127.0.0.1 www.boxore.com # hosts anti-adware / pups127.0.0.1 www.byteseeder.com # hosts anti-adware / pups127.0.0.1 www.chehe.us # hosts anti-adware / pups127.0.0.1 www.cloud4widget.com # hosts anti-adware / pups127.0.0.1 www.cojan13fast.com # hosts anti-adware / pups127.0.0.1 www.cool-applications.com # hosts anti-adware / pups127.0.0.1 www.coupon-miner.com # hosts anti-adware / pups127.0.0.1 www.createstockdoingzero.biz # hosts anti-adware / pups127.0.0.1 www.cyberfitex.com # hosts anti-adware / pups127.0.0.1 www.danager.net # hosts anti-adware / pups127.0.0.1 www.dataatimeast.com # hosts anti-adware / pups127.0.0.1 www.deletevirus.net # hosts anti-adware / pups127.0.0.1 www.dlsafebrowse.com # hosts anti-adware / pups127.0.0.1 www.dmralumni.com # hosts anti-adware / pups127.0.0.1 www.downlesoft.com # hosts anti-adware / pups127.0.0.1 www.download-best-softwares.com # hosts anti-adware / pups127.0.0.1 www.download-free.com # hosts anti-adware / pups127.0.0.1 www.downloadsoftfr.com # hosts anti-adware / pups127.0.0.1 www.downxsoft.com # hosts anti-adware / pups127.0.0.1 www.downxsoft.com # hosts anti-adware / pups127.0.0.1 www.drawingincests.com # hosts anti-adware / pups127.0.0.1 www.eanallvirus.com # hosts anti-adware / pups127.0.0.1 www.easycuisinevideo.com # hosts anti-adware / pups127.0.0.1 www.easy-money-making-idea.info # hosts anti-adware / pups127.0.0.1 www.e-downloader.net # hosts anti-adware / pups127.0.0.1 www.enigmasoftware.com # hosts anti-adware / pups127.0.0.1 www.eorezo.com # hosts anti-adware / pups127.0.0.1 www.ericmok.ca # hosts anti-adware / pups127.0.0.1 www.eximdownloadmanager.com # hosts anti-adware / pups127.0.0.1 www.extreme-down.com # hosts anti-adware / pups127.0.0.1 www.extrimdownloadmanager.com # hosts anti-adware / pups127.0.0.1 www.fasterpleanclean.com # hosts anti-adware / pups127.0.0.1 www.fcgoatcalear.us # hosts anti-adware / pups127.0.0.1 www.fixie.com # hosts anti-adware / pups127.0.0.1 www.flash-player-france.com # hosts anti-adware / pups127.0.0.1 www.freeamateulub.org # hosts anti-adware / pups127.0.0.1 www.freeamateurclub.org # hosts anti-adware / pups127.0.0.1 www.freetadio.com # hosts anti-adware / pups127.0.0.1 www.frflashplayer.com # hosts anti-adware / pups127.0.0.1 www.getdatafromeast.com # hosts anti-adware / pups127.0.0.1 www.getyoursoft.com # hosts anti-adware / pups127.0.0.1 www.girlsfriendxxx.net # hosts anti-adware / pups127.0.0.1 www.gisfriendxxx.net # hosts anti-adware / pups127.0.0.1 www.globe7.com # hosts anti-adware / pups127.0.0.1 www.gogetmoneynow.com # hosts anti-adware / pups127.0.0.1 www.gpil.org # hosts anti-adware / pups127.0.0.1 www.grabatimstat.us # hosts anti-adware / pups127.0.0.1 www.grandwesternliquors.com # hosts anti-adware / pups127.0.0.1 www.gratuit-telecharger.com # hosts anti-adware / pups127.0.0.1 www.haycfld.us # hosts anti-adware / pups127.0.0.1 www.haycfld.us/htmlscreens # hosts anti-adware / pups127.0.0.1 www.herz-fuer-musik.de # hosts anti-adware / pups127.0.0.1 www.homepa.ge # hosts anti-adware / pups127.0.0.1 www.hubbywatcheswife.biz # hosts anti-adware / pups127.0.0.1 www.ilivid.com # hosts anti-adware / pups127.0.0.1 www.instatrk.com # hosts anti-adware / pups127.0.0.1 www.kerasos.co # hosts anti-adware / pups127.0.0.1 www.kerion.pt # hosts anti-adware / pups127.0.0.1 www.keygendb.com # hosts anti-adware / pups127.0.0.1 www.kiallvirus.com # hosts anti-adware / pups127.0.0.1 www.koyotesoft.com # hosts anti-adware / pups127.0.0.1 www.lavideobuzz.com # hosts anti-adware / pups127.0.0.1 www.livecamsxxxnow.com # hosts anti-adware / pups127.0.0.1 www.mature-vulva.org # hosts anti-adware / pups127.0.0.1 www.media-app.com # hosts anti-adware / pups127.0.0.1 www.messengerdusexe.com # hosts anti-adware / pups127.0.0.1 www.messyxxxtube.biz # hosts anti-adware / pups127.0.0.1 www.messyxxxtube.biz # hosts anti-adware / pups127.0.0.1 www.mickyfastdl.com # hosts anti-adware / pups127.0.0.1 www.milfbeach.net # hosts anti-adware / pups127.0.0.1 www.milkiwaytuber.com # hosts anti-adware / pups127.0.0.1 www.mljanthrunorth.us # hosts anti-adware / pups127.0.0.1 www.moviehuts.com # hosts anti-adware / pups127.0.0.1 www.moviewodsite.com # hosts anti-adware / pups127.0.0.1 www.mspyapps.com # hosts anti-adware / pups127.0.0.1 www.mspylogs.com # hosts anti-adware / pups127.0.0.1 www.mybestpenis.com # hosts anti-adware / pups127.0.0.1 www.mypussygirls.com # hosts anti-adware / pups127.0.0.1 www.mypussygis.com # hosts anti-adware / pups127.0.0.1 www.mysexysister.biz # hosts anti-adware / pups127.0.0.1 www.nbconsuing.nl # hosts anti-adware / pups127.0.0.1 www.nbconsulting.nl # hosts anti-adware / pups127.0.0.1 www.neoyersonpc.org # hosts anti-adware / pups127.0.0.1 www.nlstorage.info # hosts anti-adware / pups127.0.0.1 www.nouveau-avast.com # hosts anti-adware / pups127.0.0.1 www.officialvideoconverter.com # hosts anti-adware / pups127.0.0.1 www.oldmo.org # hosts anti-adware / pups127.0.0.1 www.openadserving.com # hosts anti-adware / pups127.0.0.1 www.piraterfacebook.ws # hosts anti-adware / pups127.0.0.1 www.pisk.com # hosts anti-adware / pups127.0.0.1 www.playerplus.com # hosts anti-adware / pups127.0.0.1 www.pornuv.net # hosts anti-adware / pups127.0.0.1 www.powerpackdl.com # hosts anti-adware / pups127.0.0.1 www.premiumdownload.org # hosts anti-adware / pups127.0.0.1 www.putlocker-downloader.com # hosts anti-adware / pups127.0.0.1 www.puto.com # hosts anti-adware / pups127.0.0.1 www.reallycoolapp.com # hosts anti-adware / pups127.0.0.1 www.realtinypussy.org # hosts anti-adware / pups127.0.0.1 www.rediremylink.com # hosts anti-adware / pups127.0.0.1 www.removeonline.com # hosts anti-adware / pups127.0.0.1 www.retrogamer.com # hosts anti-adware / pups127.0.0.1 www.sckarteast.us # hosts anti-adware / pups127.0.0.1 www.sendfilesapp.com # hosts anti-adware / pups127.0.0.1 www.sexoss.net # hosts anti-adware / pups127.0.0.1 www.silentpornotube.com # hosts anti-adware / pups127.0.0.1 www.smuss.net # hosts anti-adware / pups127.0.0.1 www.softesdown.com # hosts anti-adware / pups127.0.0.1 www.softologic.com # hosts anti-adware / pups127.0.0.1 www.softologicsc.com # hosts anti-adware / pups127.0.0.1 www.software-files.net # hosts anti-adware / pups127.0.0.1 www.softwaresbay.com # hosts anti-adware / pups127.0.0.1 www.speedypc.com # hosts anti-adware / pups127.0.0.1 www.sps-experten.de # hosts anti-adware / pups127.0.0.1 www.spywarehelpcenter.com # hosts anti-adware / pups127.0.0.1 www.spywarehelpcenter.com # hosts anti-adware / pups127.0.0.1 www.spywareremove.com # hosts anti-adware / pups127.0.0.1 www.streaminghds.com # hosts anti-adware / pups127.0.0.1 www.supprimer-spyware.org # hosts anti-adware / pups127.0.0.1 www.telecharger-facile.com # hosts anti-adware / pups127.0.0.1 www.telechargers.net # hosts anti-adware / pups127.0.0.1 www.thelivetech.com # hosts anti-adware / pups127.0.0.1 www.tiptopsoft.org # hosts anti-adware / pups127.0.0.1 www.toplugs.com # hosts anti-adware / pups127.0.0.1 www.tuto4pc.com # hosts anti-adware / pups127.0.0.1 www.uniblue.com # hosts anti-adware / pups127.0.0.1 www.videoconveertool.net # hosts anti-adware / pups127.0.0.1 www.videodownloadconverter.com # hosts anti-adware / pups127.0.0.1 www.videoipa.com # hosts anti-adware / pups127.0.0.1 www.videoplusmusic.com # hosts anti-adware / pups127.0.0.1 www.vioplayer.com # hosts anti-adware / pups127.0.0.1 www.viuagirl.com # hosts anti-adware / pups127.0.0.1 www.wajam.com # hosts anti-adware / pups127.0.0.1 www.wiki-security.com # hosts anti-adware / pups127.0.0.1 www.windownloader24.com # hosts anti-adware / pups127.0.0.1 www.winload.de # hosts anti-adware / pups127.0.0.1 www.winpoal.fr # hosts anti-adware / pups127.0.0.1 www.wisedownloads.com # hosts anti-adware / pups127.0.0.1 www.wslinx.com # hosts anti-adware / pups127.0.0.1 www.xlplayer.com # hosts anti-adware / pups127.0.0.1 xmlinsp.ddbbvt.eu # hosts anti-adware / pups127.0.0.1 xmlinstcp.ddbbvt.eu # hosts anti-adware / pups127.0.0.1 xxxgifan.com # hosts anti-adware / pups127.0.0.1 xxxgirlfan.com # hosts anti-adware / pups127.0.0.1 xxx-values.com # hosts anti-adware / pups127.0.0.1 youngporn.it # hosts anti-adware / pups127.0.0.1 youngporn.it # hosts anti-adware / pups127.0.0.1 yourfiledownloader.net # hosts anti-adware / pups127.0.0.1 youwatch.org # hosts anti-adware / pups127.0.0.1 yrueo.info # hosts anti-adware / pups127.0.0.1 zvswmqoh.changeip.name # hosts anti-adware / pupsADWcleaner scan# AdwCleaner v2.301 - Logfile created 05/23/2013 at 06:52:14# Updated 16/05/2013 by Xplode# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)# User : Chris - BOSS# Boot Mode : Normal# Running from : F:\Downloads\AdwCleaner.exe# Option [search]***** [services] ********** [Files / Folders] ********** [Registry] ********** [internet Browsers] *****-\\ Internet Explorer v10.0.9200.16576[OK] Registry is clean.-\\ Mozilla Firefox v21.0 (en-US)File : C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\vwt9s9m4.default\prefs.js[OK] File is clean.-\\ Google Chrome v26.0.1410.64File : C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\PreferencesFound [l.2949] : urls_to_restore_on_startup = [ "hxxp://www.google.com", "hxxp://www.mystart.com/?pr=vmn&id=toolbarcleaner&v=1_1" ]*************************AdwCleaner[R1].txt - [2844 octets] - [21/05/2013 08:00:05]AdwCleaner[R2].txt - [1138 octets] - [21/05/2013 08:37:34]AdwCleaner[R3].txt - [1220 octets] - [22/05/2013 09:18:51]AdwCleaner[R4].txt - [1083 octets] - [23/05/2013 06:52:14]AdwCleaner[s1].txt - [2793 octets] - [21/05/2013 08:00:41]########## EOF - C:\AdwCleaner[R4].txt - [1203 octets] ##########ESET scanC:\del\mmCM ver 04.05.00 FULL (20120821)\apps_pc\aldo's tools\misc tools\install_ps3tools.exe probably unknown NewHeur_PE virus deleted - quarantinedC:\My Games\Alawar\Downloads\DiscordTimes_2509.exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantinedC:\My Games\Alawar\Downloads\FashionSeason_2509.exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantinedC:\Program Files (x86)\RealArcade\Installer\bin\OCSetupHlp.dll Win32/OpenCandy application cleaned by deleting - quarantinedD:\Users\chris\Downloads\SetupImgBurn_2.5.5.0.exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantinedD:\Users\chris\Dropbox\Programs\cpu-z_1.57-setup-en.exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantinedD:\Users\chris\Dropbox\Programs\eac-0.99pb5.exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantinedD:\Users\chris\Dropbox\Programs\Top 30 Freeware programs\cdbxp_setup_4.3.5.2256.exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantinedD:\Users\chris\Dropbox\Programs\Top 30 Freeware programs\Hirens.BootCD.10.4.zip Win32/PSWTool.KonBoot.A application deleted - quarantinedD:\Users\chris\Dropbox\Programs\Top 30 Freeware programs\kmp.exe multiple threats cleaned by deleting - quarantinedE:\Goginst\The Chronicles of Riddick - Assault on Dark Athena\System\Win32_x86\dvm.dll a variant of Win32/HackTool.Crack.D application cleaned by deleting - quarantinedF:\Downloads\cnet_JoyToKey_en_zip.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantinedF:\Downloads\DriverSweeper_3.2.0.exe Win32/OpenCandy application cleaned by deleting - quarantinedF:\Downloads\duplicate-file-finder-setup.exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantinedF:\Downloads\DuplicateCleaner_setup.exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantinedF:\Downloads\Facemoods.exe a variant of Win32/SweetIM.B application cleaned by deleting - quarantinedF:\Downloads\LiGHTFORCE.rar a variant of MSIL/Kryptik.HU trojan deleted - quarantinedF:\Downloads\mmCM ver 04.05.00 FULL 20120821.rar.exe Win32/InstallMate application cleaned by deleting - quarantinedF:\Downloads\mmCM ver 04.05.00 FULL (20120821).rar probably unknown NewHeur_PE virus deleted - quarantinedF:\Downloads\Power_Data_Recovery.exe MSIL/Solimba application cleaned by deleting - quarantinedF:\Downloads\SetupImgBurn_2.5.5.0_001.exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantinedF:\Downloads\SetupImgBurn_2.5.6.0.exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantinedF:\Downloads\undeleteplus_setup_ask(1).exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantinedF:\Downloads\undeleteplus_setup_ask.exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantinedF:\Downloads\VideoCutterSetup.exe multiple threats cleaned by deleting - quarantinedF:\Downloads\winamp5622_full_emusic-7plus_en-us.exe Win32/OpenCandy application cleaned by deleting - quarantinedF:\Dropbox\Dropbox\Programs\cpu-z_1.57-setup-en.exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantinedF:\Dropbox\Dropbox\Programs\DriverSweeper_3.2.0.exe Win32/OpenCandy application cleaned by deleting - quarantinedF:\Dropbox\Dropbox\Programs\eac-0.99pb5.exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantinedF:\Dropbox\Dropbox\Programs\SetupImgBurn_2.5.5.0.exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantinedF:\Dropbox\Dropbox\Programs\Unlocker1[1].9.0-x64.exe Win32/Adware.ADON application cleaned by deleting - quarantinedF:\Dropbox\Dropbox\Programs\Audiograbber\agsetup183se.exe a variant of Win32/Toolbar.Funmoods application cleaned by deleting - quarantinedF:\Dropbox\Dropbox\Programs\Free Undelete\cbsidlm-cbsi4_1_4-Wise_Data_Recovery-75715872.exe a variant of Win32/CNETInstaller.A application cleaned by deleting - quarantinedF:\Dropbox\Dropbox\Programs\Top 30 Freeware programs\cdbxp_setup_4.3.5.2256.exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantinedF:\Dropbox\Dropbox\Programs\Top 30 Freeware programs\Hirens.BootCD.10.4.zip Win32/PSWTool.KonBoot.A application deleted - quarantinedF:\Dropbox\Dropbox\Programs\Top 30 Freeware programs\kmp.exe multiple threats cleaned by deleting - quarantinedF:\process\Avery Wizard 4.01 - US 20111209.exe a variant of Win32/Bundled.Toolbar.Ask application deleted - quarantinedF:\process\cdbxp_setup_4.5.0.3717.exe Win32/OpenCandy application cleaned by deleting - quarantinedF:\_kingston mem stick\progs\purplera1n.exe probably a variant of Win32/Agent.ENLPEUB trojan cleaned by deleting - quarantined Link to post Share on other sites More sharing options...
Maniac Posted May 25, 2013 ID:683528 Share Posted May 25, 2013 Download AVPTool from Here to your desktop Run the programme you have just downloaded to your desktop (it will be randomly named) Click the cog in the upper right Select down to and including your main drive, once done select the Automatic scan tab and press Start Scan Allow AVP to delete all infections foundOnce it has finished select report tab (last tab)Select Detected threads report from the left and press Save buttonSave it to your desktop and post it in your next reply. Link to post Share on other sites More sharing options...
frozengamer Posted May 27, 2013 Author ID:684136 Share Posted May 27, 2013 Kaspersky crashed after 36 hours, nothing detected. I will rerun it. Link to post Share on other sites More sharing options...
Maniac Posted May 27, 2013 ID:684175 Share Posted May 27, 2013 Let me know how are things after that. Link to post Share on other sites More sharing options...
frozengamer Posted June 3, 2013 Author ID:686824 Share Posted June 3, 2013 After 2 or 3 days it crashed again, i haven't seen signs of detected viruses with kaspersky before the crash. Is there a log i can find even if it crashed? What step should i do next or should i do a reduced scan (i did one with all of the boxes you suggested checked with the exception of "My Computer" - no virus's detected and that included the C drive. Link to post Share on other sites More sharing options...
frozengamer Posted June 5, 2013 Author ID:687599 Share Posted June 5, 2013 Hello again Maniac,Thanks for your help so far. Here is a summary of where i am since i haven't seen a reply since May 27th - I am thinking of reformatting.There are currently no detections on any of the programs you have had me run however 2 of them have crashed (Kaspersky crashes after 2 days, but didn't crash when i unchecked "My computer" - It detects nothing when i have all checked as you suggested including C drive, but not "My computer". Also Roguekiller crashes on MBR scan. I am able to run roguekiller successfully with all but mbr scan. The only symptom i have of being hacked is that each time i reboot, it attempts to create a new hosts file (which it cannot because i have made the hosts file read only) - I can tell this by finding a hosts file in c:\windows\temp created upon reboot after being deleted. I do not know which process is making this file. Where shall i proceed now? ThanksChristian Link to post Share on other sites More sharing options...
frozengamer Posted June 5, 2013 Author ID:687600 Share Posted June 5, 2013 Here is a current Hijackthis scanLogfile of Trend Micro HijackThis v2.0.5Scan saved at 7:58:39 AM, on 6/5/2013Platform: Windows 7 SP1 (WinNT 6.00.3505)MSIE: Internet Explorer v10.0 (10.00.9200.16576)FIREFOX: 21.0 (en-US)Boot mode: NormalRunning processes:C:\Program Files (x86)\Everything\Everything.exeC:\Program Files (x86)\ASRock Utility\AXTU\Bin\AsrXTU.exeC:\Program Files (x86)\AnVir Task Manager\anvir.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Windows\System32\PrintDisp.exeC:\Program Files (x86)\Rainlendar2\Rainlendar2.exeC:\Program Files (x86)\SuperCopier2\SuperCopier2.exeC:\Users\Chris\Local Settings\Apps\F.lux\flux.exeC:\hotkeyp\HotkeyP.exeC:\Program Files (x86)\Origin\Origin.exeI:\Steam\Steam.exeC:\Program Files (x86)\PFU\ScanSnap\CardMinder\CardLauncher.exeC:\Program Files\CrashPlan\CrashPlanTray.exeC:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsMon.exeC:\Program Files (x86)\Secunia\PSI\psi_tray.exeC:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exeC:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exeC:\Windows\SSDriver\fi5110\SsWiaChecker.exeC:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exeC:\Program Files (x86)\PDF24\pdf24.exeC:\Program Files (x86)\iTunes\iTunesHelper.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\PROGRA~2\Raptr\raptr.exeC:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exeC:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exeC:\PROGRA~2\Raptr\raptr_im.exeC:\Program Files (x86)\Desura\desura.exeC:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exeC:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exeC:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exeC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Users\Chris\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exeC:\Program Files (x86)\iTunes\iTunes.exeC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exeC:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exeC:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exeF:\Downloads\HijackThis(2).exeR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htmR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.localR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =F2 - REG:system.ini: UserInit=userinit.exeO2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dllO2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLLO2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllO2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dllO2 - BHO: LastPass Vault - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dllO2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLLO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllO3 - Toolbar: LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dllO4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /sO4 - HKLM\..\Run: [scanSnap WIA Service Checker] C:\Windows\SSDriver\fi5110\SsWiaChecker.exeO4 - HKLM\..\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exeO4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRunO4 - HKLM\..\Run: [HOSTS Anti-Adware_PUPs] C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exeO4 - HKCU\..\Run: [Rainlendar2] C:\Program Files (x86)\Rainlendar2\Rainlendar2.exeO4 - HKCU\..\Run: [Google Update] "C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe" /cO4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files (x86)\SuperCopier2\SuperCopier2.exeO4 - HKCU\..\Run: [F.lux] "C:\Users\Chris\Local Settings\Apps\F.lux\flux.exe" /noshowO4 - HKCU\..\Run: [HotkeyP] C:\hotkeyp\HotkeyP.exe 0O4 - HKCU\..\Run: [Desura] C:\Program Files (x86)\Desura\desura.exe -autostartO4 - HKCU\..\Run: [GOG.com Downloader] C:\Program Files (x86)\GOG.com\GOG.com Downloader.exe -autostartO4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStartO4 - HKCU\..\Run: [steam] "I:\Steam\steam.exe" -silentO4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeO4 - HKCU\..\Run: [Raptr] C:\PROGRA~2\Raptr\raptrstub.exe --startupO4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')O4 - Startup: Dropbox.lnk = Chris\AppData\Roaming\Dropbox\bin\Dropbox.exeO4 - Startup: EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exeO4 - Global Startup: CardMinder Viewer.lnk = ?O4 - Global Startup: Conversion to PDF with ScanSnap Organizer.lnk = ?O4 - Global Startup: CrashPlan Tray.lnk = C:\Program Files\CrashPlan\CrashPlanTray.exeO4 - Global Startup: ScanSnap Manager.lnk = ?O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exeO8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200O8 - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3O8 - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1O8 - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office14\EXCEL.EXE/3000O8 - Extra context menu item: LastPass - file://C:\Users\Chris\AppData\LocalLow\LastPass\context.html?cmd=lastpassO8 - Extra context menu item: LastPass Fill Forms - file://C:\Users\Chris\AppData\LocalLow\LastPass\context.html?cmd=fillformsO8 - Extra context menu item: New Note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.htmlO8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dllO9 - Extra 'Tools' menuitem: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dllO9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.htmlO9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.htmlO9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dllO9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dllO10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphicsO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cabO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLLO18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLO23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXEO23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeO23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeO23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeO23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exeO23 - Service: CrashPlan Backup Service (CrashPlanService) - CrashPlan - C:\Program Files\CrashPlan\CrashPlanService.exeO23 - Service: Desura Install Service - Desura Pty Ltd - C:\Program Files (x86)\Common Files\Desura\desura_service.exeO23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: HOSTS Anti-PUPs - Unknown owner - C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exeO23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exeO23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeO23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeO23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exeO23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exeO23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exeO23 - Service: Printer Control - Unknown owner - C:\Windows\system32\PrintCtrl.exe (file missing)O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - C:\Program Files\Sandboxie\SbieSvc.exeO23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exeO23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exeO23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exeO23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exeO23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exeO23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - Unknown owner - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (file missing)O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exeO23 - Service: TomTomHOMEService - TomTom - d:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exeO23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)--End of file - 16951 bytes Link to post Share on other sites More sharing options...
frozengamer Posted June 5, 2013 Author ID:687612 Share Posted June 5, 2013 Here is the roguekiller crash - as you can see there are 4 detections in registry when it crashes on the MBR scan. Link to post Share on other sites More sharing options...
frozengamer Posted June 5, 2013 Author ID:687616 Share Posted June 5, 2013 Here is roguekiller report without the MBR ScanRogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzymail : tigzyRK<at>gmail<dot>comFeedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/Website : http://tigzy.geekstogo.com/roguekiller.phpBlog : http://tigzyrk.blogspot.com/Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits versionStarted in : Normal modeUser : Chris [Admin rights]Mode : Scan -- Date : 06/05/2013 08:52:29| ARK || FAK |¤¤¤ Bad processes : 0 ¤¤¤¤¤¤ Registry Entries : 4 ¤¤¤[services][ROGUE ST] HKLM\[...]\ControlSet001\Services\66687245 (C:\Windows\system32\DRIVERS\66687245.sys) -> FOUND[services][ROGUE ST] HKLM\[...]\ControlSet002\Services\66687245 (C:\Windows\system32\DRIVERS\66687245.sys) -> FOUND[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND¤¤¤ Particular Files / Folders: ¤¤¤¤¤¤ Driver : [NOT LOADED] ¤¤¤¤¤¤ Extern Hives: ¤¤¤-> D:\windows\system32\config\SOFTWARE-> D:\windows\system32\config\SYSTEM-> D:\Users\chris\NTUSER.DAT-> D:\Users\Default\NTUSER.DAT-> D:\Users\Default User\NTUSER.DAT-> D:\Documents and Settings\Default\NTUSER.DAT-> D:\Documents and Settings\Default User\NTUSER.DAT¤¤¤ HOSTS File: ¤¤¤--> C:\Windows\system32\drivers\etc\hosts¤¤¤ MBR Check: ¤¤¤Finished : << RKreport[3]_S_06052013_02d0852.txt >>RKreport[1]_S_05222013_02d1343.txt ; RKreport[2]_S_05222013_02d1356.txt ; RKreport[3]_S_06052013_02d0852.txt Link to post Share on other sites More sharing options...
Maniac Posted June 5, 2013 ID:687698 Share Posted June 5, 2013 Download aswMBR.exe to your desktop. Double click the aswMBR.exe to run it Click the "Scan" button to start scan On completion of the scan click save log, save it to your desktop and post in your next reply Link to post Share on other sites More sharing options...
frozengamer Posted June 6, 2013 Author ID:687747 Share Posted June 6, 2013 Log from aswMBR - i don't think i can attach MBR.DATaswMBR version 0.9.9.1771 Copyright© 2011 AVAST SoftwareRun date: 2013-06-05 17:17:11-----------------------------17:17:11.181 OS Version: Windows x64 6.1.7601 Service Pack 117:17:11.181 Number of processors: 4 586 0x2A0717:17:11.182 ComputerName: BOSS UserName:17:17:11.422 Initialize success17:17:20.186 AVAST engine defs: 1306050217:17:29.640 Disk 0 \Device\Harddisk0\DR0 -> \Device\Scsi\mv91xx1Port0Path0Target1Lun017:17:29.642 Disk 0 Vendor: ST3000DM CC24 Size: 2861588MB BusType: 1117:17:29.644 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\0000007717:17:29.645 Disk 1 Vendor: ATA_____ 0309 Size: 244198MB BusType: 1117:17:29.647 Disk 2 \Device\Harddisk2\DR2 -> \Device\0000007817:17:29.649 Disk 2 Vendor: ATA_____ CC1J Size: 1430799MB BusType: 1117:17:29.651 Disk 3 \Device\Harddisk3\DR3 -> \Device\0000007917:17:29.652 Disk 3 Vendor: ATA_____ CC1H Size: 1430799MB BusType: 1117:17:29.655 Disk 4 \Device\Harddisk4\DR4 -> \Device\0000007a17:17:29.657 Disk 4 Vendor: ATA_____ CC1H Size: 1430799MB BusType: 1117:17:29.664 Disk 1 MBR read successfully17:17:29.667 Disk 1 MBR scan17:17:29.671 Disk 1 Windows 7 default MBR code17:17:29.674 Disk 1 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 204817:17:29.690 Disk 1 Partition 2 00 07 HPFS/NTFS NTFS 244097 MB offset 20684817:17:29.725 Disk 1 scanning C:\Windows\system32\drivers17:17:35.227 Service scanning17:17:54.485 Modules scanning17:17:54.489 Disk 1 trace - called modules:17:17:54.493 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStorF.sys vsflt61.sys ACPI.sys storport.sys hal.dll iaStorA.sys17:17:54.496 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa800fc1f060]17:17:54.499 3 CLASSPNP.SYS[fffff88001c0143f] -> nt!IofCallDriver -> [0xfffffa800fb2ac50]17:17:54.502 5 iaStorF.sys[fffff88001fe4168] -> nt!IofCallDriver -> [0xfffffa800fb27920]17:17:54.505 7 vsflt61.sys[fffff88000fa80fd] -> nt!IofCallDriver -> [0xfffffa800fa1b040]17:17:54.508 9 ACPI.sys[fffff88000ef77a1] -> nt!IofCallDriver -> \Device\00000077[0xfffffa800ea194d0]17:17:54.708 AVAST engine scan C:\Windows17:17:55.689 AVAST engine scan C:\Windows\system3217:19:48.997 AVAST engine scan C:\Windows\system32\drivers17:19:55.373 AVAST engine scan C:\Users\Chris17:24:38.904 AVAST engine scan C:\ProgramData17:25:24.441 Scan finished successfully17:36:57.456 Disk 1 MBR has been saved successfully to "F:\Dropbox\Dropbox\spyware logs\MBR.dat"17:36:57.490 The log file has been saved successfully to "F:\Dropbox\Dropbox\spyware logs\aswMBR.txt" Link to post Share on other sites More sharing options...
frozengamer Posted June 6, 2013 Author ID:687749 Share Posted June 6, 2013 I found through the process of elimination using msconfig that the following service was causing the system to attempt to rewrite the host file, when i uncheck on msconfig services the hosts file changes are not attempted when the machine reboots .O23 - Service: HOSTS Anti-PUPs - Unknown owner - C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe.In addition i sent the 2 files in that folder to virustotal.com and tthese are the virus positives that it returned me -for hosts_anti-adware.exe Antivirus Result Update AVG Worm/Autoit.AZCH 20130604 Commtouch W32/Backdoor.BKTX-6301 20130604 Comodo UnclassifiedMalware 20130604 Ikarus Worm.Win32.AutoIt 20130604 McAfee Artemis!59538D76EA7D 20130604 McAfee-GW-Edition Artemis!59538D76EA7D 20130603 Norman Suspicious_Gen2.VJEQF 20130604 TrendMicro-HouseCall TROJ_GEN.RCBH1B1 20130604 VBA32 Trojan-Downloader.Autoit.gen 20130604 VIPRE Trojan.Win32.Generic!BT 20130604 For HOSTS_Anti-Adware_main.exe which i do not see loaded as a service but is in the same directory - AVG Worm/Autoit.AZCI 20130603 Commtouch W32/GenBl.C1DB9BDF!Olympus 20130603 Comodo UnclassifiedMalware 20130603 Ikarus Win32.SuspectCrc 20130603 McAfee Artemis!C1DB9BDF885C 20130603 McAfee-GW-Edition Artemis!C1DB9BDF885C 20130603 MicroWorld-eScan Win32.SuspectCrc (ES) 20130603 Norman BlacoleRef.Z 20130603 SUPERAntiSpyware 20130602 Symantec WS.Reputation.1 20130603 TheHacker 20130601 TotalDefense 20130603 TrendMicro 20130603 TrendMicro-HouseCall TROJ_GEN.R6AH1B9 20130603 VBA32 Trojan-Downloader.Autoit.gen 20130603 VIPRE 20130603 ViRobot 20130603 Link to post Share on other sites More sharing options...
Maniac Posted June 8, 2013 ID:688722 Share Posted June 8, 2013 Download OTL to your DesktopDouble click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.Please tick the Scan All users. Next, click the Quick Scan button. The scan wont take long.When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic. Link to post Share on other sites More sharing options...
frozengamer Posted June 9, 2013 Author ID:689018 Share Posted June 9, 2013 OTL.txt - 1 of 2 (too long)dTimer - Version 3.2.69.0 Folder = F:\Downloads64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstationInternet Explorer (Version = 9.10.9200.16576)Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy15.98 Gb Total Physical Memory | 9.36 Gb Available Physical Memory | 58.56% Memory free31.95 Gb Paging File | 27.03 Gb Available in Paging File | 84.60% Paging File freePaging file location(s): ?:\pagefile.sys [binary data]%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)Drive C: | 238.38 Gb Total Space | 24.40 Gb Free Space | 10.24% Space Free | Partition Type: NTFSDrive D: | 1397.17 Gb Total Space | 1172.36 Gb Free Space | 83.91% Space Free | Partition Type: NTFSDrive E: | 1397.26 Gb Total Space | 896.92 Gb Free Space | 64.19% Space Free | Partition Type: NTFSDrive F: | 1397.26 Gb Total Space | 357.21 Gb Free Space | 25.57% Space Free | Partition Type: NTFSDrive H: | 100.00 Mb Total Space | 61.82 Mb Free Space | 61.82% Space Free | Partition Type: NTFSDrive I: | 2794.39 Gb Total Space | 29.08 Gb Free Space | 1.04% Space Free | Partition Type: NTFSDrive J: | 2794.51 Gb Total Space | 1605.90 Gb Free Space | 57.47% Space Free | Partition Type: NTFSDrive K: | 100.00 Mb Total Space | 61.86 Mb Free Space | 61.86% Space Free | Partition Type: NTFSDrive L: | 2794.51 Gb Total Space | 422.32 Gb Free Space | 15.11% Space Free | Partition Type: NTFSDrive M: | 2794.51 Gb Total Space | 2630.59 Gb Free Space | 94.13% Space Free | Partition Type: NTFSComputer Name: BOSS | User Name: Chris | Logged in as Administrator.Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit ScansCompany Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days========== Processes (SafeList) ==========PRC - File not found --PRC - [2013/06/08 16:15:58 | 000,540,784 | ---- | M] (Electronic Arts) -- C:\Program Files (x86)\Origin\OriginClientService.exePRC - [2013/06/08 16:15:57 | 003,456,080 | ---- | M] (Electronic Arts) -- C:\Program Files (x86)\Origin\Origin.exePRC - [2013/06/08 13:36:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- F:\Downloads\OTL.exePRC - [2013/06/06 14:06:24 | 001,641,896 | ---- | M] (Valve Corporation) -- I:\Steam\Steam.exePRC - [2013/06/06 14:06:24 | 000,543,656 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exePRC - [2013/05/27 12:36:06 | 000,189,248 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exePRC - [2013/05/27 12:36:01 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exePRC - [2013/05/24 16:47:30 | 027,776,968 | ---- | M] (Dropbox, Inc.) -- C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exePRC - [2013/05/20 09:19:32 | 000,046,144 | ---- | M] (Raptr, Inc) -- C:\Program Files (x86)\Raptr\raptr_im.exePRC - [2013/05/20 09:19:30 | 000,064,576 | ---- | M] (Raptr, Inc) -- C:\Program Files (x86)\Raptr\raptr.exePRC - [2013/05/09 23:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exePRC - [2013/04/22 23:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exePRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exePRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exePRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exePRC - [2013/03/02 10:33:04 | 001,086,816 | ---- | M] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) -- C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exePRC - [2012/12/12 11:28:14 | 000,163,000 | ---- | M] (Geek Software GmbH) -- C:\Program Files (x86)\PDF24\pdf24.exePRC - [2012/11/28 16:10:08 | 000,661,304 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exePRC - [2012/09/01 19:07:22 | 000,285,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exePRC - [2012/09/01 19:07:22 | 000,014,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exePRC - [2012/07/25 00:46:44 | 001,326,176 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psia.exePRC - [2012/07/25 00:46:42 | 000,681,056 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\sua.exePRC - [2012/07/25 00:46:42 | 000,572,000 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psi_tray.exePRC - [2012/03/23 19:16:00 | 000,131,912 | ---- | M] (Desura Pty Ltd) -- C:\Program Files (x86)\Common Files\Desura\desura_service.exePRC - [2012/03/23 19:15:59 | 002,529,096 | ---- | M] (Desura Pty Ltd) -- C:\Program Files (x86)\Desura\desura.exePRC - [2012/03/14 03:04:52 | 006,041,192 | ---- | M] (AnVir Software) -- C:\Program Files (x86)\AnVir Task Manager\AnVir.exePRC - [2011/10/04 11:11:40 | 001,081,344 | ---- | M] (PFU LIMITED) -- C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsMon.exePRC - [2011/03/16 07:17:57 | 000,217,088 | ---- | M] (Code 42 Software, Inc.) -- C:\Program Files\CrashPlan\CrashPlanTray.exePRC - [2011/02/04 05:24:32 | 002,346,496 | ---- | M] () -- C:\Program Files (x86)\Rainlendar2\Rainlendar2.exePRC - [2009/09/30 10:07:34 | 000,086,016 | ---- | M] (PFU LIMITED) -- C:\Windows\SSDriver\fi5110\SsWiaChecker.exePRC - [2009/08/28 22:00:12 | 000,966,656 | ---- | M] () -- C:\Users\Chris\Local Settings\Apps\F.lux\flux.exePRC - [2009/08/16 11:36:06 | 000,955,392 | ---- | M] (SFX TEAM) -- C:\Program Files (x86)\SuperCopier2\SuperCopier2.exePRC - [2009/03/12 17:18:48 | 000,602,624 | ---- | M] () -- C:\Program Files (x86)\Everything\Everything.exePRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe========== Modules (No Company Name) ==========MOD - [2013/06/08 16:15:59 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\Origin\tufao.dllMOD - [2013/06/06 14:06:24 | 001,114,536 | ---- | M] () -- I:\Steam\bin\chromehtml.dllMOD - [2013/05/15 03:11:54 | 001,140,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\0e5d2997438866de453e8b1401d84398\System.ServiceModel.Discovery.ni.dllMOD - [2013/05/15 03:11:54 | 000,369,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\98e8641e2ca570f03352a91836b0b97a\System.ServiceModel.Routing.ni.dllMOD - [2013/05/15 03:11:53 | 000,082,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\3a75004c8363a598f4997686c16ae55e\System.ServiceModel.Channels.ni.dllMOD - [2013/05/15 03:11:48 | 001,085,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\66cd1f52f3d80e02efa25c0fd795a278\System.ServiceModel.Web.ni.dllMOD - [2013/05/15 03:10:44 | 001,393,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\4dbbfceeddfc9180d5f621f0fc586e2c\System.ServiceModel.Activities.ni.dllMOD - [2013/05/15 03:10:42 | 018,080,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\be692307d47b83000bba8bb6b484aff0\System.ServiceModel.ni.dllMOD - [2013/05/15 03:10:42 | 001,078,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\6ff6bd832b03b5d6ea275ba9bee2d3ef\System.IdentityModel.ni.dllMOD - [2013/05/15 03:10:21 | 002,647,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\2609614ca03927f7a99418c74844059b\System.Runtime.Serialization.ni.dllMOD - [2013/05/15 03:10:21 | 001,021,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\019ed4a55ecc7d1f5b933c27970dce9b\System.Runtime.DurableInstancing.ni.dllMOD - [2013/05/15 03:03:15 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\153143f74d840484b510d8cf5187796b\System.Windows.Forms.ni.dllMOD - [2013/05/15 03:03:13 | 007,069,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\2f9e0112e10f9e70d3430d0be9863976\System.Core.ni.dllMOD - [2013/05/15 03:03:08 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\233661f3a2b632e9553915c8639637d0\System.Configuration.ni.dllMOD - [2013/05/09 15:52:58 | 001,183,699 | ---- | M] () -- C:\Program Files (x86)\Raptr\liboscar.dllMOD - [2013/05/09 15:52:58 | 000,483,306 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libicq.dllMOD - [2013/05/09 15:52:56 | 000,495,680 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libaim.dllMOD - [2013/05/06 17:05:20 | 000,654,848 | ---- | M] () -- I:\Steam\SDL2.dllMOD - [2013/05/03 10:57:16 | 001,640,221 | ---- | M] () -- C:\Program Files (x86)\Raptr\libjabber.dllMOD - [2013/05/03 10:57:14 | 001,053,730 | ---- | M] () -- C:\Program Files (x86)\Raptr\libymsg.dllMOD - [2013/05/03 10:57:06 | 000,655,356 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libirc.dllMOD - [2013/05/03 10:57:04 | 000,603,326 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\ssl-nss.dllMOD - [2013/05/03 10:57:02 | 000,474,199 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\ssl.dllMOD - [2013/05/03 10:57:00 | 000,497,782 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libyahoojp.dllMOD - [2013/05/03 10:56:50 | 001,306,387 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libmsn.dllMOD - [2013/05/03 10:56:46 | 000,565,461 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libxmpp.dllMOD - [2013/05/03 10:56:44 | 000,506,276 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libyahoo.dllMOD - [2013/03/26 16:16:40 | 020,341,672 | ---- | M] () -- I:\Steam\bin\libcef.dllMOD - [2013/03/13 12:48:52 | 024,978,944 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Dropbox\bin\libcef.dllMOD - [2013/02/13 04:07:40 | 001,226,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.WorkflowServ#\46c1da3f2c4c666140a414394e1cb20b\System.WorkflowServices.ni.dllMOD - [2013/02/13 04:07:10 | 000,361,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorUtil\32c3c1ab0c865403bd47b0e4b8c6adf1\IAStorUtil.ni.dllMOD - [2013/01/09 04:38:55 | 000,027,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorDataMgrSvcInt#\c86f9a0e5c9ac27363065da766d5670e\IAStorDataMgrSvcInterfaces.ni.dllMOD - [2013/01/09 04:38:54 | 000,026,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorCommon\f073337386f694d16928fe7ccf0c5e50\IAStorCommon.ni.dllMOD - [2013/01/09 04:38:46 | 001,801,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\866894ebe5258bf9f45d6b063229e990\System.Xaml.ni.dllMOD - [2013/01/09 04:38:39 | 000,143,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\ef7642a4f2724135d445e2ea36582e78\SMDiagnostics.ni.dllMOD - [2013/01/09 04:06:32 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\43cd41484df96d15df949eb17dd88152\System.Xml.ni.dllMOD - [2013/01/09 04:06:30 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b573c6a62bb88df0ee2af59b6a8ca910\System.Drawing.ni.dllMOD - [2013/01/09 04:06:29 | 009,094,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dllMOD - [2013/01/09 04:06:25 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dllMOD - [2012/12/11 09:51:10 | 001,100,800 | ---- | M] () -- I:\Steam\bin\avcodec-53.dllMOD - [2012/12/11 09:51:10 | 000,192,000 | ---- | M] () -- I:\Steam\bin\avformat-53.dllMOD - [2012/12/11 09:51:10 | 000,124,416 | ---- | M] () -- I:\Steam\bin\avutil-51.dllMOD - [2012/11/13 15:32:50 | 003,558,400 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dllMOD - [2012/10/26 23:53:18 | 002,717,595 | ---- | M] () -- C:\Program Files (x86)\Raptr\heliotrope._purple.pydMOD - [2012/09/08 12:16:30 | 000,433,664 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libxml2.dllMOD - [2012/09/08 12:16:20 | 000,315,392 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libtidy.dllMOD - [2012/06/22 13:59:52 | 000,313,856 | ---- | M] () -- C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pydMOD - [2012/06/22 13:55:58 | 000,494,592 | ---- | M] () -- C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pydMOD - [2012/06/22 13:53:22 | 005,812,736 | ---- | M] () -- C:\Program Files (x86)\Raptr\PyQt4.QtGui.pydMOD - [2012/06/22 13:39:06 | 001,662,464 | ---- | M] () -- C:\Program Files (x86)\Raptr\PyQt4.QtCore.pydMOD - [2012/06/22 13:24:28 | 000,067,584 | ---- | M] () -- C:\Program Files (x86)\Raptr\sip.pydMOD - [2012/03/23 19:16:06 | 014,289,408 | ---- | M] () -- C:\Program Files (x86)\Desura\bin\wxmsw290u_vc_desura.dllMOD - [2012/03/23 19:16:01 | 018,300,416 | ---- | M] () -- C:\Program Files (x86)\Desura\bin\cef_desura.dllMOD - [2012/03/23 19:16:00 | 001,577,761 | ---- | M] () -- C:\Program Files (x86)\Desura\bin\avcodec-53.dllMOD - [2012/03/23 19:16:00 | 000,213,022 | ---- | M] () -- C:\Program Files (x86)\Desura\bin\avformat-53.dllMOD - [2012/03/23 19:16:00 | 000,134,035 | ---- | M] () -- C:\Program Files (x86)\Desura\bin\avutil-51.dllMOD - [2012/02/20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dllMOD - [2012/02/20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dllMOD - [2012/02/06 12:28:48 | 000,011,264 | ---- | M] () -- C:\Program Files (x86)\Raptr\Crypto.Util._counter.pydMOD - [2012/02/06 12:28:42 | 000,031,744 | ---- | M] () -- C:\Program Files (x86)\Raptr\Crypto.Cipher.AES.pydMOD - [2012/02/06 12:28:34 | 000,010,752 | ---- | M] () -- C:\Program Files (x86)\Raptr\Crypto.Random.OSRNG.winrandom.pydMOD - [2011/08/31 08:41:12 | 000,376,832 | ---- | M] () -- C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsConfig.dllMOD - [2011/05/28 22:04:56 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt32.dllMOD - [2011/05/10 11:01:42 | 000,030,208 | ---- | M] () -- C:\Program Files (x86)\Raptr\simplejson._speedups.pydMOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODFMOD - [2011/03/16 15:30:58 | 000,233,472 | ---- | M] () -- C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsExtention.dllMOD - [2011/02/15 10:17:28 | 001,213,633 | ---- | M] () -- C:\Program Files (x86)\Raptr\libxml2-2.dllMOD - [2011/02/15 10:17:28 | 000,417,501 | ---- | M] () -- C:\Program Files (x86)\Raptr\sqlite3.dllMOD - [2011/02/04 05:25:18 | 000,242,176 | ---- | M] () -- C:\Program Files (x86)\Rainlendar2\plugins\RTMPlugin.dllMOD - [2011/02/04 05:25:06 | 000,244,224 | ---- | M] () -- C:\Program Files (x86)\Rainlendar2\plugins\GooglePlugin.dllMOD - [2011/02/04 05:24:38 | 000,195,584 | ---- | M] () -- C:\Program Files (x86)\Rainlendar2\plugins\iCalendarPlugin.dllMOD - [2011/02/04 05:24:32 | 002,346,496 | ---- | M] () -- C:\Program Files (x86)\Rainlendar2\Rainlendar2.exeMOD - [2010/12/12 02:58:14 | 000,502,784 | ---- | M] () -- C:\Program Files (x86)\Rainlendar2\wxmsw28u_xrc_vc_rny.dllMOD - [2010/12/12 02:58:00 | 000,131,584 | ---- | M] () -- C:\Program Files (x86)\Rainlendar2\wxbase28u_xml_vc_rny.dllMOD - [2010/12/12 02:57:56 | 000,485,376 | ---- | M] () -- C:\Program Files (x86)\Rainlendar2\wxmsw28u_html_vc_rny.dllMOD - [2010/12/12 02:57:44 | 000,707,584 | ---- | M] () -- C:\Program Files (x86)\Rainlendar2\wxmsw28u_adv_vc_rny.dllMOD - [2010/12/12 02:57:36 | 002,633,216 | ---- | M] () -- C:\Program Files (x86)\Rainlendar2\wxmsw28u_core_vc_rny.dllMOD - [2010/12/12 02:56:46 | 001,205,760 | ---- | M] () -- C:\Program Files (x86)\Rainlendar2\wxbase28u_vc_rny.dllMOD - [2010/11/22 15:06:22 | 000,055,808 | ---- | M] () -- C:\Program Files (x86)\Raptr\zlib1.dllMOD - [2010/11/22 14:57:34 | 000,167,936 | ---- | M] () -- C:\Program Files (x86)\Raptr\win32gui.pydMOD - [2010/11/22 14:57:34 | 000,111,104 | ---- | M] () -- C:\Program Files (x86)\Raptr\win32file.pydMOD - [2010/11/22 14:57:34 | 000,096,256 | ---- | M] () -- C:\Program Files (x86)\Raptr\win32api.pydMOD - [2010/11/22 14:57:34 | 000,036,352 | ---- | M] () -- C:\Program Files (x86)\Raptr\win32process.pydMOD - [2010/11/22 14:57:18 | 000,141,312 | ---- | M] () -- C:\Program Files (x86)\Raptr\gobject._gobject.pydMOD - [2010/11/22 14:56:56 | 000,110,592 | ---- | M] () -- C:\Program Files (x86)\Raptr\pywintypes26.dllMOD - [2010/11/22 14:56:26 | 000,324,608 | ---- | M] () -- C:\Program Files (x86)\Raptr\PIL._imaging.pydMOD - [2010/11/22 14:56:02 | 000,805,376 | ---- | M] () -- C:\Program Files (x86)\Raptr\_ssl.pydMOD - [2010/11/22 14:56:02 | 000,583,680 | ---- | M] () -- C:\Program Files (x86)\Raptr\unicodedata.pydMOD - [2010/11/22 14:56:02 | 000,356,864 | ---- | M] () -- C:\Program Files (x86)\Raptr\_hashlib.pydMOD - [2010/11/22 14:56:02 | 000,127,488 | ---- | M] () -- C:\Program Files (x86)\Raptr\pyexpat.pydMOD - [2010/11/22 14:56:02 | 000,124,928 | ---- | M] () -- C:\Program Files (x86)\Raptr\_elementtree.pydMOD - [2010/11/22 14:56:02 | 000,087,040 | ---- | M] () -- C:\Program Files (x86)\Raptr\_ctypes.pydMOD - [2010/11/22 14:56:02 | 000,044,544 | ---- | M] () -- C:\Program Files (x86)\Raptr\_sqlite3.pydMOD - [2010/11/22 14:56:02 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\Raptr\_socket.pydMOD - [2010/11/22 14:56:02 | 000,009,216 | ---- | M] () -- C:\Program Files (x86)\Raptr\winsound.pydMOD - [2010/10/20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dllMOD - [2010/08/24 16:56:50 | 000,167,936 | ---- | M] () -- C:\Program Files (x86)\PFU\ScanSnap\Driver\SSsltsa.dllMOD - [2010/05/23 10:20:08 | 000,012,288 | ---- | M] () -- C:\Program Files (x86)\Rainlendar2\lfs.dllMOD - [2010/05/23 10:20:04 | 000,126,976 | ---- | M] () -- C:\Program Files (x86)\Rainlendar2\lua51.dllMOD - [2009/12/08 18:50:04 | 003,565,056 | ---- | M] () -- C:\Program Files (x86)\ffdshow\ffdshow.axMOD - [2009/08/28 22:00:12 | 000,966,656 | ---- | M] () -- C:\Users\Chris\Local Settings\Apps\F.lux\flux.exeMOD - [2009/03/12 17:18:48 | 000,602,624 | ---- | M] () -- C:\Program Files (x86)\Everything\Everything.exeMOD - [2003/04/21 14:19:42 | 000,851,968 | ---- | M] () -- C:\Windows\SSDriver\fi5110\fjiplA6.dllMOD - [2003/04/21 14:19:40 | 000,020,480 | ---- | M] () -- C:\Windows\SSDriver\fi5110\fjipl.dllMOD - [2003/03/26 18:46:36 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsImgIO.dll========== Services (SafeList) ==========SRV:64bit: - [2013/04/16 06:01:58 | 000,241,152 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)SRV:64bit: - [2013/01/27 12:34:32 | 000,379,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)SRV:64bit: - [2013/01/27 12:34:32 | 000,022,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)SRV:64bit: - [2012/07/11 10:54:58 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)SRV:64bit: - [2011/06/17 05:30:54 | 000,094,480 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)SRV:64bit: - [2011/03/16 07:19:38 | 000,222,720 | ---- | M] (CrashPlan) [Auto | Running] -- C:\Program Files\CrashPlan\CrashPlanService.exe -- (CrashPlanService)SRV:64bit: - [2010/05/07 05:16:22 | 000,078,848 | ---- | M] (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) [Auto | Running] -- C:\Windows\SysNative\PrintCtrl.exe -- (Printer Control)SRV:64bit: - [2009/07/13 17:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)SRV:64bit: - [2009/07/13 17:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)SRV - [2013/06/06 14:06:24 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)SRV - [2013/05/27 12:36:06 | 000,189,248 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)SRV - [2013/05/27 12:36:01 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)SRV - [2013/05/21 21:08:40 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)SRV - [2013/05/21 08:09:08 | 000,285,795 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe -- (HOSTS Anti-PUPs)SRV - [2013/05/15 11:36:15 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)SRV - [2013/05/09 23:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)SRV - [2013/04/22 23:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)SRV - [2012/09/01 19:07:22 | 000,014,904 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)SRV - [2012/07/25 00:46:44 | 001,326,176 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\psia.exe -- (Secunia PSI Agent)SRV - [2012/07/25 00:46:42 | 000,681,056 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent)SRV - [2012/07/13 14:14:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)SRV - [2012/03/23 19:16:00 | 000,131,912 | ---- | M] (Desura Pty Ltd) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Desura\desura_service.exe -- (Desura Install Service)SRV - [2012/01/22 20:43:08 | 000,092,592 | ---- | M] (TomTom) [Disabled | Stopped] -- d:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)SRV - [2009/06/10 13:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)========== Driver Services (SafeList) ==========DRV:64bit: - [2013/04/19 20:12:35 | 000,263,912 | ---- | M] (SHADOWDEFENDER.COM) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\diskpt.sys -- (diskpt)DRV:64bit: - [2013/04/16 06:51:54 | 011,653,632 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)DRV:64bit: - [2013/04/16 05:35:20 | 000,581,120 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)DRV:64bit: - [2013/04/12 11:41:28 | 000,131,856 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)DRV:64bit: - [2013/02/14 03:41:10 | 000,096,768 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)DRV:64bit: - [2013/01/20 16:59:04 | 000,130,008 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)DRV:64bit: - [2012/12/21 14:53:58 | 000,017,480 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\epmntdrv.sys -- (epmntdrv)DRV:64bit: - [2012/12/21 14:53:58 | 000,009,800 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\EuGdiDrv.sys -- (EuGdiDrv)DRV:64bit: - [2012/11/01 18:12:55 | 000,276,256 | ---- | M] (Digiarty Software, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\DigiartyVirtualCDBus.sys -- (DigiartyVirtualCDBus)DRV:64bit: - [2012/10/02 14:26:46 | 000,066,360 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys -- (LGSHidFilt)DRV:64bit: - [2012/09/28 11:32:56 | 000,053,760 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)DRV:64bit: - [2012/09/01 19:01:56 | 000,647,736 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)DRV:64bit: - [2012/09/01 19:01:56 | 000,028,216 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorF.sys -- (iaStorF)DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)DRV:64bit: - [2012/02/29 22:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)DRV:64bit: - [2012/01/19 17:58:35 | 000,142,944 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vsflt61.sys -- (vidsflt61)DRV:64bit: - [2012/01/19 17:58:31 | 000,133,728 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fltsrv.sys -- (fltsrv)DRV:64bit: - [2011/12/26 16:27:24 | 000,015,288 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\ampa.sys -- (ampa)DRV:64bit: - [2011/11/24 00:02:20 | 000,648,808 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)DRV:64bit: - [2011/11/14 09:11:10 | 000,572,336 | ---- | M] (Paragon) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\Uim_IMx64.sys -- (Uim_IM)DRV:64bit: - [2011/11/14 09:11:10 | 000,352,816 | ---- | M] (Paragon) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\uim_vimx64.sys -- (Uim_VIM)DRV:64bit: - [2011/11/14 09:11:10 | 000,059,184 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\uimx64.sys -- (UimBus)DRV:64bit: - [2011/11/14 09:11:10 | 000,039,728 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hotcore3.sys -- (hotcore3)DRV:64bit: - [2011/10/24 13:49:37 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)DRV:64bit: - [2011/10/24 13:49:37 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)DRV:64bit: - [2011/10/24 13:49:36 | 000,410,184 | ---- | M] (Logitech) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ladfGSCamd64.sys -- (LADF_CaptureOnly)DRV:64bit: - [2011/10/24 13:49:36 | 000,341,832 | ---- | M] (Logitech) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ladfGSRamd64.sys -- (LADF_RenderOnly)DRV:64bit: - [2011/10/17 15:55:32 | 000,559,384 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)DRV:64bit: - [2011/08/02 16:38:44 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)DRV:64bit: - [2011/08/01 15:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)DRV:64bit: - [2011/07/22 08:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)DRV:64bit: - [2011/07/12 13:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)DRV:64bit: - [2011/06/17 05:30:50 | 000,154,752 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)DRV:64bit: - [2011/06/15 22:10:58 | 000,015,288 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\ddmdrv.sys -- (ddmdrv)DRV:64bit: - [2011/03/18 17:20:22 | 000,410,184 | ---- | M] (Logitech) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ladfBakerCamd64.sys -- (LADF_BakerCOnly)DRV:64bit: - [2011/03/18 14:33:48 | 000,335,688 | ---- | M] (Logitech) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ladfBakerRamd64.sys -- (LADF_BakerROnly)DRV:64bit: - [2011/03/10 22:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)DRV:64bit: - [2011/03/10 22:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)DRV:64bit: - [2011/02/08 13:30:52 | 000,064,512 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)DRV:64bit: - [2011/02/08 13:30:52 | 000,039,936 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3)DRV:64bit: - [2011/01/15 08:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)DRV:64bit: - [2010/12/27 16:36:32 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)DRV:64bit: - [2010/12/16 14:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)DRV:64bit: - [2010/11/21 23:09:06 | 000,303,408 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mv91xx.sys -- (mv91xx)DRV:64bit: - [2010/11/20 19:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)DRV:64bit: - [2010/11/20 19:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)DRV:64bit: - [2010/11/20 19:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)DRV:64bit: - [2010/11/20 19:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)DRV:64bit: - [2010/11/20 19:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)DRV:64bit: - [2010/11/20 19:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)DRV:64bit: - [2010/11/20 19:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)DRV:64bit: - [2010/11/20 19:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)DRV:64bit: - [2010/10/19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)DRV:64bit: - [2010/09/01 00:30:58 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\psi_mf.sys -- (PSI)DRV:64bit: - [2010/07/29 00:25:10 | 000,029,720 | ---- | M] (Initio Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ivusb.sys -- (ivusb)DRV:64bit: - [2009/08/21 01:52:10 | 000,079,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)DRV:64bit: - [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)DRV - [2012/12/21 14:54:00 | 000,014,920 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\epmntdrv.sys -- (epmntdrv)DRV - [2012/12/21 14:53:58 | 000,009,160 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\EuGdiDrv.sys -- (EuGdiDrv)DRV - [2011/12/26 16:27:22 | 000,012,728 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\ampa.sys -- (ampa)DRV - [2011/06/15 22:09:42 | 000,012,728 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\ddmdrv.sys -- (ddmdrv)DRV - [2010/11/01 06:08:46 | 000,014,544 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys -- (WinRing0_1_2_0)DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)========== Standard Registry (SafeList) ==================== Internet Explorer ==========IE:64bit: - HKLM\..\SearchScopes,DefaultScope =IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRCIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htmIE - HKLM\..\SearchScopes,DefaultScope =IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRCIE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =IE - HKU\S-1-5-21-4185106890-2118697883-1949713553-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie'>http://www.google.com/ieIE - HKU\S-1-5-21-4185106890-2118697883-1949713553-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie'>http://www.google.com/ieIE - HKU\S-1-5-21-4185106890-2118697883-1949713553-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.comIE - HKU\S-1-5-21-4185106890-2118697883-1949713553-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/IE - HKU\S-1-5-21-4185106890-2118697883-1949713553-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehpIE - HKU\S-1-5-21-4185106890-2118697883-1949713553-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-USIE - HKU\S-1-5-21-4185106890-2118697883-1949713553-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 42 58 34 99 47 FF CC 01 [binary data]IE - HKU\S-1-5-21-4185106890-2118697883-1949713553-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie'>http://www.google.com/ieIE - HKU\S-1-5-21-4185106890-2118697883-1949713553-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie'>http://www.google.com/ieIE - HKU\S-1-5-21-4185106890-2118697883-1949713553-1000\..\SearchScopes,DefaultScope = {9BC81998-9BF0-4A0C-9DE0-4A9D5AF0D188}IE - HKU\S-1-5-21-4185106890-2118697883-1949713553-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SRIE - HKU\S-1-5-21-4185106890-2118697883-1949713553-1000\..\SearchScopes\{9BC81998-9BF0-4A0C-9DE0-4A9D5AF0D188}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}IE - HKU\S-1-5-21-4185106890-2118697883-1949713553-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKU\S-1-5-21-4185106890-2118697883-1949713553-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local========== FireFox ==========FF - prefs.js..browser.search.selectedEngine: "Google"FF - prefs.js..browser.startup.homepage: "about:home"FF - prefs.js..extensions.enabledAddons: MafiaaFire%40mafiaafire.com:0.9dFF - prefs.js..extensions.enabledAddons: morningCoffee%40shaneliesegang:1.35FF - prefs.js..extensions.enabledAddons: support%40lastpass.com:2.0.20FF - prefs.js..extensions.enabledAddons: %7B249df6a2-e336-47d1-b6c3-ec711ad140ca%7D:1.3.2.0041FF - prefs.js..extensions.enabledAddons: %7BDDC359D1-844A-42a7-9AA1-88A850A938A8%7D:2.0.16FF - prefs.js..extensions.enabledAddons: foxmarks%40kei.com:4.2.1FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.15FF - prefs.js..extensions.enabledAddons: %7BE0B8C461-F8FB-49b4-8373-FE32E9252800%7D:5.7FF - prefs.js..extensions.enabledAddons: sabnzbdstatus%40dq5studios.com:1.0.15.1FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="FF - user.js - File not foundFF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not foundFF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not foundFF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll File not foundFF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll (ESN Social Software AB)FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.4: C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll (ESN Social Software AB)FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll File not foundFF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF - HKCU\Software\MozillaPlugins\@nsroblox.roblox.com/launcher: C:\Users\Chris\AppData\Local\Roblox\Versions\version-d2e4e6e567c64738\\NPRobloxProxy.dll ()FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Chris\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Chris\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Chris\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Chris\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Chris\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Chris\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\Chris\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10171.dll (Amazon.com, Inc.)FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\componentsFF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/05/21 21:08:22 | 000,000,000 | ---D | M]FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\SoundFrost@helper.com: C:\Program Files (x86)\SoundFrost\SoundFrost.xpi[2011/09/30 15:02:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\Mozilla\Extensions[2011/09/30 15:02:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com[2013/06/03 15:49:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\vwt9s9m4.default\extensions[2013/05/29 14:50:26 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\vwt9s9m4.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}[2011/09/04 15:39:53 | 000,000,000 | ---D | M] (LiveClick) -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\vwt9s9m4.default\extensions\{d166ee2a-36bb-4f33-aff7-e85f912df509}[2013/06/02 15:49:21 | 000,000,000 | ---D | M] (Evernote Web Clipper) -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\vwt9s9m4.default\extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}[2012/03/24 18:05:14 | 000,000,000 | ---D | M] (Microsoft Default Manager) -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\vwt9s9m4.default\extensions\DefaultManager@Microsoft[2013/05/22 11:59:24 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\vwt9s9m4.default\extensions\foxmarks@kei.com[2013/02/17 08:25:10 | 000,000,000 | ---D | M] (LastPass) -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\vwt9s9m4.default\extensions\support@lastpass.com[2013/05/25 17:14:52 | 000,208,116 | ---- | M] () (No name found) -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\vwt9s9m4.default\extensions\jid0-SmvlvxGpvCyG252KbVMqIKR79Uc@jetpack.xpi[2012/02/24 13:04:13 | 000,123,007 | ---- | M] () (No name found) -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\vwt9s9m4.default\extensions\MafiaaFire@mafiaafire.com.xpi[2011/04/15 12:14:14 | 000,107,019 | ---- | M] () (No name found) -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\vwt9s9m4.default\extensions\morningCoffee@shaneliesegang.xpi[2013/06/03 15:49:42 | 000,066,365 | ---- | M] () (No name found) -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\vwt9s9m4.default\extensions\sabnzbdstatus@dq5studios.com.xpi[2013/03/07 17:14:52 | 000,139,198 | ---- | M] () (No name found) -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\vwt9s9m4.default\extensions\{249df6a2-e336-47d1-b6c3-ec711ad140ca}.xpi[2013/05/08 16:02:55 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\vwt9s9m4.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi[2013/04/09 07:05:29 | 000,714,654 | ---- | M] () (No name found) -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\vwt9s9m4.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi[2013/05/25 17:50:56 | 000,269,448 | ---- | M] () (No name found) -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\vwt9s9m4.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi[2013/05/22 07:29:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions[2013/05/21 21:08:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions[2013/05/21 21:08:41 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}[2012/06/20 08:14:20 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll========== Chrome ==========CHR - default_search_provider: Google (Enabled)CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} Link to post Share on other sites More sharing options...
frozengamer Posted June 9, 2013 Author ID:689019 Share Posted June 9, 2013 OTL.txt 2 of 2 - extras.txt in next postCHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},CHR - homepage: http://www.google.comCHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\PepperFlash\pepflashplayer.dllCHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewerCHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dllCHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\pdf.dllCHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dllCHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dllCHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Chris\AppData\Roaming\Mozilla\plugins\npgoogletalk.dllCHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Chris\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dllCHR - plugin: Google Talk Plugin Video Renderer (Enabled) = C:\Users\Chris\AppData\Roaming\Mozilla\plugins\npo1d.dllCHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLLCHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLLCHR - plugin: AmazonMP3DownloaderPlugin (Enabled) = C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10171.dllCHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dllCHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dllCHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dllCHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dllCHR - plugin: Java Platform SE 7 U21 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dllCHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dllCHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dllCHR - plugin: Uplay PC (Enabled) = C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dllCHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dllCHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dllCHR - plugin: Unity Player (Enabled) = C:\Users\Chris\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dllCHR - plugin: Roblox Launcher Plugin (Enabled) = C:\Users\Chris\AppData\Local\Roblox\Versions\version-d2e4e6e567c64738\\NPRobloxProxy.dllCHR - plugin: BrowserPlus (from Yahoo!) v2.9.8 (Enabled) = C:\Users\Chris\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dllCHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dllCHR - plugin: Java Deployment Toolkit 7.0.210.11 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dllCHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dllCHR - Extension: YouTube = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\CHR - Extension: Google Search = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\CHR - Extension: NZBMatrixIMDb = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\glmnoifppodlklanapmeinffccljodbp\0.3.1_0\CHR - Extension: Steam Price Comparison - Unpowered edition = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\iagmmldphbnigokaemalgbniaehkfbee\2.4.4_0\CHR - Extension: Save this page with CleanSave = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\iplagehfoafmmjppeijnpkohihcllici\4.7.0_0\CHR - Extension: Downloads Search Engine = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nacnjfdphmlbjmgodlnglocikoimjmfb\1.0.3_0\CHR - Extension: Enhanced Steam = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\okadibdjfemgnhjiembecghcbfknbfhg\3.3_0\CHR - Extension: Enhanced Steam = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\okadibdjfemgnhjiembecghcbfknbfhg\3.5_0\CHR - Extension: SABconnect++ = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\okphadhbbjadcifjplhifajfacbkkbod\0.6.5_0\CHR - Extension: Gmail = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\O1 HOSTS File: ([2013/05/22 12:56:42 | 000,000,837 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hostsO2:64bit: - BHO: (LastPass Vault) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll ()O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)O2 - BHO: (Evernote extension) - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)O2 - BHO: (LastPass Vault) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll ()O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)O3:64bit: - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll ()O3 - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll ()O4:64bit: - HKLM..\Run: [intelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)O4:64bit: - HKLM..\Run: [PrintDisp] C:\Windows\SysNative\PrintDisp.exe (ActMask Co.,Ltd - http://www.all2pdf.com)O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)O4:64bit: - HKLM..\Run: [shadow Defender Daemon] C:\Program Files\Shadow Defender\DefenderDaemon.exe (SHADOWDEFENDER.COM)O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)O4 - HKLM..\Run: [Everything] C:\Program Files (x86)\Everything\Everything.exe ()O4 - HKLM..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)O4 - HKLM..\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH)O4 - HKLM..\Run: [scanSnap WIA Service Checker] C:\Windows\SSDriver\fi5110\SsWiaChecker.exe (PFU LIMITED)O4 - HKLM..\Run: [startCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)O4 - HKU\S-1-5-21-4185106890-2118697883-1949713553-1000..\Run: [Desura] C:\Program Files (x86)\Desura\desura.exe (Desura Pty Ltd)O4 - HKU\S-1-5-21-4185106890-2118697883-1949713553-1000..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)O4 - HKU\S-1-5-21-4185106890-2118697883-1949713553-1000..\Run: [F.lux] C:\Users\Chris\Local Settings\Apps\F.lux\flux.exe ()O4 - HKU\S-1-5-21-4185106890-2118697883-1949713553-1000..\Run: [GOG.com Downloader] C:\Program Files (x86)\GOG.com\GOG.com Downloader.exe -autostart File not foundO4 - HKU\S-1-5-21-4185106890-2118697883-1949713553-1000..\Run: [Rainlendar2] C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe ()O4 - HKU\S-1-5-21-4185106890-2118697883-1949713553-1000..\Run: [Raptr] C:\Program Files (x86)\Raptr\raptrstub.exe (Raptr, Inc)O4 - HKU\S-1-5-21-4185106890-2118697883-1949713553-1000..\Run: [sandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)O4 - HKU\S-1-5-21-4185106890-2118697883-1949713553-1000..\Run: [steam] I:\Steam\steam.exe (Valve Corporation)O4 - HKU\S-1-5-21-4185106890-2118697883-1949713553-1000..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)O4 - HKU\S-1-5-21-4185106890-2118697883-1949713553-1000..\Run: [superCopier2.exe] C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe (SFX TEAM)O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not foundO4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not foundO4 - Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)O4 - Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1O7 - HKU\S-1-5-21-4185106890-2118697883-1949713553-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O7 - HKU\S-1-5-21-4185106890-2118697883-1949713553-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not foundO8:64bit: - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3 File not foundO8:64bit: - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1 File not foundO8:64bit: - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 File not foundO8:64bit: - Extra context menu item: LastPass - file://C:\Users\Chris\AppData\LocalLow\LastPass\context.html?cmd=lastpass File not foundO8:64bit: - Extra context menu item: LastPass Fill Forms - file://C:\Users\Chris\AppData\LocalLow\LastPass\context.html?cmd=fillforms File not foundO8:64bit: - Extra context menu item: New Note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html ()O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)O8 - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3 File not foundO8 - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1 File not foundO8 - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 File not foundO8 - Extra context menu item: LastPass - file://C:\Users\Chris\AppData\LocalLow\LastPass\context.html?cmd=lastpass File not foundO8 - Extra context menu item: LastPass Fill Forms - file://C:\Users\Chris\AppData\LocalLow\LastPass\context.html?cmd=fillforms File not foundO8 - Extra context menu item: New Note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html ()O9:64bit: - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll ()O9:64bit: - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll ()O9 - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll ()O9 - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll ()O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html ()O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html ()O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)O1364bit: - gopher Prefix: missingO13 - gopher Prefix: missingO15 - HKU\S-1-5-21-4185106890-2118697883-1949713553-1000\..Trusted Domains: rhapsody.com ([rhap-app-4-0] https in Trusted sites)O15 - HKU\S-1-5-21-4185106890-2118697883-1949713553-1000\..Trusted Domains: rhapsody.com ([rhapreg] https in Trusted sites)O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab (Reg Error: Key error.)O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab (Reg Error: Key error.)O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab (Java Plug-in 10.21.2)O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)O16 - DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 1.7.0_09)O16 - DPF: {CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab (Java Plug-in 1.7.0_11)O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 10.21.2)O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2F2D49D1-222D-43C8-8DC9-7F36834F344F}: DhcpNameServer = 192.168.1.1O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5CAB13DA-1C15-455F-BB2E-56B1A5C9E82F}: DhcpNameServer = 172.26.38.1 172.26.38.2O18:64bit: - Protocol\Handler\skype4com - No CLSID value foundO18 - Protocol\Handler\ms-help - No CLSID value foundO18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.O32 - HKLM CDRom: AutoRun - 1O32 - AutoRun File - [2013/03/23 10:19:52 | 000,000,000 | ---D | M] - D:\autopacked -- [ NTFS ]O32 - AutoRun File - [2010/01/10 16:54:52 | 000,000,170 | ---- | M] () - L:\Autorun.inf -- [ NTFS ]O32 - AutoRun File - [2012/07/15 23:33:32 | 000,000,040 | -H-- | M] () - M:\Autorun.inf -- [ NTFS ]O33 - MountPoints2\{02526ad0-a01f-11e0-9466-0025229f74dd}\Shell - "" = AutoRunO33 - MountPoints2\{51e87578-3e64-11e1-a90c-0025229f74dd}\Shell - "" = AutoRunO33 - MountPoints2\{65411d5e-83f9-11e0-8906-0025229f74dd}\Shell - "" = AutoRunO33 - MountPoints2\{65411d5e-83f9-11e0-8906-0025229f74dd}\Shell\AutoRun\command - "" = "G:\WD SmartWare.exe" autoplay=trueO33 - MountPoints2\{6c96fcf6-730c-11e2-b308-0025229f74dd}\Shell - "" = AutoRunO33 - MountPoints2\{6c96fcf6-730c-11e2-b308-0025229f74dd}\Shell\AutoRun\command - "" = "M:\WD SmartWare.exe" autoplay=trueO33 - MountPoints2\{b1aebb2b-6963-11e0-93fe-0025229f74dd}\Shell - "" = AutoRunO33 - MountPoints2\{b1aebb2b-6963-11e0-93fe-0025229f74dd}\Shell\AutoRun\command - "" = L:\Installer.exeO33 - MountPoints2\{ce807aa8-69ce-11e0-94bd-0025229f74dd}\Shell - "" = AutoRunO33 - MountPoints2\{d4f45a84-2469-11e2-b622-0025229f74dd}\Shell - "" = AutoRunO33 - MountPoints2\{d4f45a84-2469-11e2-b622-0025229f74dd}\Shell\AutoRun\command - "" = Z:\SETUP.EXEO33 - MountPoints2\{d4f45a84-2469-11e2-b622-0025229f74dd}\Shell\configure\command - "" = Z:\SETUP.EXEO33 - MountPoints2\{d4f45a84-2469-11e2-b622-0025229f74dd}\Shell\install\command - "" = Z:\SETUP.EXEO33 - MountPoints2\{d4f45a8c-2469-11e2-b622-0025229f74dd}\Shell - "" = AutoRunO33 - MountPoints2\{d4f45a8c-2469-11e2-b622-0025229f74dd}\Shell\AutoRun\command - "" = Y:\SETUP.EXEO33 - MountPoints2\{d4f45a8c-2469-11e2-b622-0025229f74dd}\Shell\configure\command - "" = Y:\SETUP.EXEO33 - MountPoints2\{d4f45a8c-2469-11e2-b622-0025229f74dd}\Shell\install\command - "" = Y:\SETUP.EXEO34 - HKLM BootExecute: (autocheck autochk *)O35:64bit: - HKLM\..comfile [open] -- "%1" %*O35:64bit: - HKLM\..exefile [open] -- "%1" %*O35 - HKLM\..comfile [open] -- "%1" %*O35 - HKLM\..exefile [open] -- "%1" %*O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*O37 - HKLM\...com [@ = comfile] -- "%1" %*O37 - HKLM\...exe [@ = exefile] -- "%1" %*O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)========== Files/Folders - Created Within 30 Days ==========[2013/06/05 18:02:27 | 000,000,000 | ---D | C] -- C:\Users\Chris\Documents\Codemasters[2013/06/04 22:50:25 | 000,000,000 | ---D | C] -- C:\rayman_origins[2013/06/04 22:01:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)[2013/06/04 17:26:23 | 000,000,000 | ---D | C] -- C:\Users\Chris\Documents\Proteus[2013/06/04 17:14:35 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\dp3d[2013/06/03 20:55:37 | 000,000,000 | ---D | C] -- C:\Users\Chris\Documents\NYOP[2013/05/26 08:55:31 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\ESN[2013/05/25 13:56:44 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\KC Softwares[2013/05/25 07:47:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab[2013/05/25 07:46:48 | 000,460,888 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\66687245.sys[2013/05/23 18:49:55 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Raptr[2013/05/23 18:49:43 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Raptr[2013/05/23 18:49:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Raptr[2013/05/23 06:54:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET[2013/05/22 21:39:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Remedy[2013/05/22 16:49:06 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\PunkBuster[2013/05/22 14:32:58 | 000,000,000 | ---D | C] -- C:\ProcessMonitor[2013/05/22 13:37:45 | 000,000,000 | ---D | C] -- C:\Windows\snack[2013/05/22 09:22:44 | 000,000,000 | ---D | C] -- C:\Users\Chris\Desktop\RK_Quarantine[2013/05/22 07:13:26 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT[2013/05/22 07:13:19 | 000,000,000 | ---D | C] -- C:\JRT[2013/05/21 21:23:48 | 000,000,000 | ---D | C] -- C:\Users\Chris\Documents\GunCraft[2013/05/21 21:08:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox[2013/05/21 12:16:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy[2013/05/21 12:16:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy[2013/05/21 12:16:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy[2013/05/21 08:08:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs[2013/05/21 07:46:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware[2013/05/21 07:45:55 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys[2013/05/21 07:45:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware[2013/05/20 18:48:10 | 000,000,000 | ---D | C] -- C:\Fraps[2013/05/20 17:03:18 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\FairyBloomRe[2013/05/20 14:58:34 | 000,000,000 | ---D | C] -- C:\Users\Chris\Documents\Remedy[2013/05/20 11:56:32 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\Activision[2013/05/18 18:09:35 | 000,000,000 | ---D | C] -- C:\Users\Chris\Documents\RIFT[2013/05/18 17:42:12 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\RIFT[2013/05/18 17:02:20 | 000,000,000 | ---D | C] -- C:\Users\Chris\Documents\SEGA Genesis Classics[2013/05/16 08:21:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Lasso[2013/05/13 20:33:06 | 000,000,000 | ---D | C] -- C:\Users\Chris\Documents\ManiaPlanet[2013/05/13 20:33:06 | 000,000,000 | ---D | C] -- C:\ProgramData\ManiaPlanet[2013/05/13 11:48:39 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI[2013/05/13 11:48:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT[2013/05/13 11:48:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center[2013/05/13 07:32:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft[2013/01/09 09:41:52 | 000,471,848 | ---- | C] (Bitsum Technologies) -- C:\Users\Chris\AppData\Roaming\ProcessLassopl_rsrc_temp.dll[2011/11/20 12:25:16 | 013,844,000 | ---- | C] (LastPass) -- C:\Program Files (x86)\Common Files\lpuninstall.exe[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ][3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]========== Files - Modified Within 30 Days ==========[2013/06/08 16:11:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4185106890-2118697883-1949713553-1000UA.job[2013/06/08 16:11:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4185106890-2118697883-1949713553-1000Core.job[2013/06/08 15:44:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job[2013/06/08 15:44:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job[2013/06/08 15:36:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job[2013/06/08 13:35:58 | 000,001,740 | ---- | M] () -- C:\Windows\Sandboxie.ini[2013/06/06 18:02:43 | 000,796,044 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI[2013/06/06 18:02:43 | 000,671,156 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat[2013/06/06 18:02:43 | 000,126,338 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat[2013/06/05 17:14:19 | 000,021,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0[2013/06/05 17:14:19 | 000,021,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0[2013/06/05 17:08:10 | 000,000,324 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job[2013/06/05 17:07:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat[2013/06/05 17:07:04 | 4276,113,406 | -HS- | M] () -- C:\hiberfil.sys[2013/06/04 17:45:34 | 000,001,045 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk[2013/06/04 17:42:43 | 000,001,013 | ---- | M] () -- C:\Users\Chris\Desktop\Dropbox.lnk[2013/06/01 07:57:50 | 000,000,798 | ---- | M] () -- C:\Users\Public\Desktop\Play More Playrix Games!.lnk[2013/06/01 07:57:50 | 000,000,746 | ---- | M] () -- C:\Users\Public\Desktop\Call of Atlantis.lnk[2013/05/27 12:36:06 | 000,189,248 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe[2013/05/27 12:36:02 | 000,189,248 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0[2013/05/27 12:36:01 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe[2013/05/27 01:09:27 | 003,130,440 | ---- | M] () -- C:\Windows\SysWow64\pbsvc_blr.exe[2013/05/26 11:24:53 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr[2013/05/25 17:45:27 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\66687245.sys[2013/05/24 08:48:13 | 000,001,166 | ---- | M] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk[2013/05/24 08:48:13 | 000,001,142 | ---- | M] () -- C:\Users\Public\Desktop\Picasa 3.lnk[2013/05/22 13:43:46 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\vididr.sys.dump[2013/05/22 13:43:46 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\videoprt.sys.dump[2013/05/22 13:43:42 | 000,000,512 | ---- | M] () -- C:\Windows\SysNative\drivers\usbaapl64.sys.dump[2013/05/22 13:43:41 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\usb8023.sys.dump[2013/05/22 13:43:32 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\scsiport.sys.dump[2013/05/22 13:43:22 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\netio.sys.dump[2013/05/22 13:43:22 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\netaapl64.sys.dump[2013/05/22 13:43:15 | 000,000,064 | ---- | M] () -- C:\Windows\SysNative\drivers\lsi_sas2.sys.dump[2013/05/22 13:43:15 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\mcd.sys.dump[2013/05/22 13:43:15 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\mbam.sys.dump[2013/05/22 13:43:13 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\LGVirHid.sys.dump[2013/05/22 13:43:13 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys.dump[2013/05/22 13:43:13 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\LGBusEnum.sys.dump[2013/05/22 13:43:13 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\ladfGSRamd64.sys.dump[2013/05/22 13:43:13 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\ladfBakerRamd64.sys.dump[2013/05/22 13:43:09 | 000,000,568 | ---- | M] () -- C:\Windows\SysNative\drivers\iaStorA.sys.dump[2013/05/22 13:43:09 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\iaStorF.sys.dump[2013/05/22 13:43:09 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\iaStor.sys.dump[2013/05/22 13:43:06 | 000,000,472 | ---- | M] () -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys.dump[2013/05/22 13:43:06 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\hcw85cir.sys.dump[2013/05/22 13:43:05 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS.dump[2013/05/22 13:43:05 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\fs_rec.sys.dump[2013/05/22 13:43:00 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\dmvsc.sys.dump[2013/05/22 13:43:00 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\diskpt.sys.dump[2013/05/22 13:43:00 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\Diskdump.sys.dump[2013/05/22 13:42:54 | 000,000,512 | ---- | M] () -- C:\Windows\SysNative\drivers\b57nd60a.sys.dump[2013/05/22 13:42:54 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\battc.sys.dump[2013/05/22 13:42:47 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\1394bus.sys.dump[2013/05/22 13:01:20 | 001,105,378 | ---- | M] () -- C:\ProcessMonitor(1).zip[2013/05/22 12:56:42 | 000,000,837 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts[2013/05/22 09:15:24 | 000,632,031 | ---- | M] () -- C:\Users\Chris\Desktop\adwcleaner(1).exe[2013/05/21 12:16:48 | 000,001,318 | ---- | M] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk[2013/05/21 12:16:48 | 000,001,294 | ---- | M] () -- C:\Users\Chris\Desktop\Spybot - Search & Destroy.lnk[2013/05/21 08:09:20 | 000,001,217 | ---- | M] () -- C:\Users\Chris\Desktop\Desinstaller_HOSTS_Anti-PUPs.lnk[2013/05/21 08:02:45 | 000,424,856 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT[2013/05/21 07:46:00 | 000,001,145 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk[2013/05/20 17:15:24 | 000,000,726 | ---- | M] () -- C:\Users\Chris\Desktop\Neverwinter.lnk[2013/05/20 09:19:37 | 000,000,442 | RHS- | M] () -- C:\Users\Chris\ntuser.pol[2013/05/18 17:36:20 | 000,001,122 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk[2013/05/18 16:11:30 | 000,001,351 | ---- | M] () -- C:\Users\Chris\Documents\AutoHotkey.ahk[2013/05/10 12:28:03 | 000,002,380 | ---- | M] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Aiseesoft Blu-ray Ripper.lnk[2013/05/10 12:28:03 | 000,002,356 | ---- | M] () -- C:\Users\Public\Desktop\Aiseesoft Blu-ray Ripper.lnk[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ][3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]========== Files Created - No Company Name ==========[2013/06/05 11:36:32 | 000,001,820 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ScanSnap Manager.lnk[2013/06/05 11:36:32 | 000,001,142 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk[2013/06/05 11:36:32 | 000,001,131 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk[2013/06/05 11:36:32 | 000,001,045 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk[2013/06/05 11:36:32 | 000,000,964 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Conversion to PDF with ScanSnap Organizer.lnk[2013/06/05 11:20:42 | 000,001,841 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CrashPlan Tray.lnk[2013/06/01 07:57:50 | 000,000,746 | ---- | C] () -- C:\Users\Public\Desktop\Call of Atlantis.lnk[2013/05/27 12:35:59 | 003,130,440 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_blr.exe[2013/05/24 08:48:13 | 000,001,166 | ---- | C] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk[2013/05/24 08:48:13 | 000,001,142 | ---- | C] () -- C:\Users\Public\Desktop\Picasa 3.lnk[2013/05/22 13:38:43 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\vmbus.sys.dump[2013/05/22 13:38:43 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\vididr.sys.dump[2013/05/22 13:38:42 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\videoprt.sys.dump[2013/05/22 13:38:38 | 000,000,512 | ---- | C] () -- C:\Windows\SysNative\drivers\usbaapl64.sys.dump[2013/05/22 13:38:38 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\usb8023.sys.dump[2013/05/22 13:38:38 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\umpass.sys.dump[2013/05/22 13:38:30 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\sffp_sd.sys.dump[2013/05/22 13:38:29 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\sffp_mmc.sys.dump[2013/05/22 13:38:29 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\sffdisk.sys.dump[2013/05/22 13:38:29 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\sermouse.sys.dump[2013/05/22 13:38:29 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\serial.sys.dump[2013/05/22 13:38:29 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\serenum.sys.dump[2013/05/22 13:38:28 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\secdrv.sys.dump[2013/05/22 13:38:28 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\scsiport.sys.dump[2013/05/22 13:38:28 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\scfilter.sys.dump[2013/05/22 13:38:28 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\sbp2port.sys.dump[2013/05/22 13:38:22 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\PEAuth.sys.dump[2013/05/22 13:38:22 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\pcw.sys.dump[2013/05/22 13:38:22 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\pcmcia.sys.dump[2013/05/22 13:38:19 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\nfrd960.sys.dump[2013/05/22 13:38:19 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\netio.sys.dump[2013/05/22 13:38:19 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\netbt.sys.dump[2013/05/22 13:38:18 | 000,000,512 | ---- | C] () -- C:\Windows\SysNative\drivers\ndproxy.sys.dump[2013/05/22 13:38:18 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\netbios.sys.dump[2013/05/22 13:38:18 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\netaapl64.sys.dump[2013/05/22 13:38:16 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\mstee.sys.dump[2013/05/22 13:38:16 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\mssmbios.sys.dump[2013/05/22 13:38:16 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\msrpc.sys.dump[2013/05/22 13:38:16 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\mspqm.sys.dump[2013/05/22 13:38:16 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\mspclock.sys.dump[2013/05/22 13:38:15 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\mskssrv.sys.dump[2013/05/22 13:38:15 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\msiscsi.sys.dump[2013/05/22 13:38:15 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\msisadrv.sys.dump[2013/05/22 13:38:15 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\mshidkmdf.sys.dump[2013/05/22 13:38:15 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\msfs.sys.dump[2013/05/22 13:38:14 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\msdsm.sys.dump[2013/05/22 13:38:12 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\modem.sys.dump[2013/05/22 13:38:12 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\MegaSR.sys.dump[2013/05/22 13:38:12 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\megasas.sys.dump[2013/05/22 13:38:12 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\mcd.sys.dump[2013/05/22 13:38:11 | 000,000,064 | ---- | C] () -- C:\Windows\SysNative\drivers\lsi_sas2.sys.dump[2013/05/22 13:38:11 | 000,000,064 | ---- | C] () -- C:\Windows\SysNative\drivers\lsi_sas.sys.dump[2013/05/22 13:38:11 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\mbam.sys.dump[2013/05/22 13:38:11 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\luafv.sys.dump[2013/05/22 13:38:11 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\lsi_scsi.sys.dump[2013/05/22 13:38:10 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\lltdio.sys.dump[2013/05/22 13:38:10 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\LGVirHid.sys.dump[2013/05/22 13:38:10 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys.dump[2013/05/22 13:38:10 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\LGBusEnum.sys.dump[2013/05/22 13:38:10 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\ladfGSRamd64.sys.dump[2013/05/22 13:38:09 | 000,000,512 | ---- | C] () -- C:\Windows\SysNative\drivers\ksthunk.sys.dump[2013/05/22 13:38:09 | 000,000,368 | ---- | C] () -- C:\Windows\SysNative\drivers\ksecpkg.sys.dump[2013/05/22 13:38:09 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\ladfBakerRamd64.sys.dump[2013/05/22 13:38:07 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\ipfltdrv.sys.dump[2013/05/22 13:38:06 | 000,000,576 | ---- | C] () -- C:\Windows\SysNative\drivers\intelide.sys.dump[2013/05/22 13:38:06 | 000,000,568 | ---- | C] () -- C:\Windows\SysNative\drivers\iaStorA.sys.dump[2013/05/22 13:38:06 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\intelppm.sys.dump[2013/05/22 13:38:06 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\iirsp.sys.dump[2013/05/22 13:38:06 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\iaStorV.sys.dump[2013/05/22 13:38:06 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\iaStorF.sys.dump[2013/05/22 13:38:05 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\iaStor.sys.dump[2013/05/22 13:38:05 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\i8042prt.sys.dump[2013/05/22 13:38:03 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\hcw85cir.sys.dump[2013/05/22 13:38:02 | 000,000,472 | ---- | C] () -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys.dump[2013/05/22 13:38:02 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\GAGP30KX.SYS.dump[2013/05/22 13:38:02 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS.dump[2013/05/22 13:38:02 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\fvevol.sys.dump[2013/05/22 13:38:02 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\fs_rec.sys.dump[2013/05/22 13:38:01 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\fsdepends.sys.dump[2013/05/22 13:37:57 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\dmvsc.sys.dump[2013/05/22 13:37:57 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\diskpt.sys.dump[2013/05/22 13:37:56 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\Diskdump.sys.dump[2013/05/22 13:37:56 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\disk.sys.dump[2013/05/22 13:37:51 | 000,000,512 | ---- | C] () -- C:\Windows\SysNative\drivers\b57nd60a.sys.dump[2013/05/22 13:37:51 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\battc.sys.dump[2013/05/22 13:37:46 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\adp94xx.sys.dump[2013/05/22 13:37:45 | 000,000,512 | ---- | C] () -- C:\Windows\SysNative\drivers\acpipmi.sys.dump[2013/05/22 13:37:45 | 000,000,512 | ---- | C] () -- C:\Windows\SysNative\drivers\1394ohci.sys.dump[2013/05/22 13:37:45 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\acpi.sys.dump[2013/05/22 13:37:45 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\1394bus.sys.dump[2013/05/22 13:01:19 | 001,105,378 | ---- | C] () -- C:\ProcessMonitor(1).zip[2013/05/22 09:15:18 | 000,632,031 | ---- | C] () -- C:\Users\Chris\Desktop\adwcleaner(1).exe[2013/05/21 12:16:48 | 000,001,318 | ---- | C] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk[2013/05/21 12:16:48 | 000,001,294 | ---- | C] () -- C:\Users\Chris\Desktop\Spybot - Search & Destroy.lnk[2013/05/21 08:09:20 | 000,001,217 | ---- | C] () -- C:\Users\Chris\Desktop\Desinstaller_HOSTS_Anti-PUPs.lnk[2013/05/21 07:46:00 | 000,001,145 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk[2013/05/20 17:15:24 | 000,000,726 | ---- | C] () -- C:\Users\Chris\Desktop\Neverwinter.lnk[2013/05/20 09:19:37 | 000,000,442 | RHS- | C] () -- C:\Users\Chris\ntuser.pol[2013/05/18 17:36:20 | 000,001,134 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk[2013/05/18 17:36:20 | 000,001,122 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk[2013/05/18 16:11:30 | 000,001,351 | ---- | C] () -- C:\Users\Chris\Documents\AutoHotkey.ahk[2013/05/10 12:28:03 | 000,002,380 | ---- | C] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Aiseesoft Blu-ray Ripper.lnk[2013/05/10 12:28:03 | 000,002,356 | ---- | C] () -- C:\Users\Public\Desktop\Aiseesoft Blu-ray Ripper.lnk[2013/05/01 21:10:21 | 000,000,000 | ---- | C] () -- C:\Windows\diskpt.dat[2013/04/20 21:04:13 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll[2013/04/17 09:34:06 | 000,007,605 | ---- | C] () -- C:\Users\Chris\AppData\Local\Resmon.ResmonCfg[2013/04/16 06:37:12 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe[2013/04/16 06:37:12 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe[2013/02/11 13:58:52 | 002,468,520 | ---- | C] () -- C:\Windows\SysWow64\BootMan.exe[2013/02/11 13:58:52 | 000,087,112 | ---- | C] () -- C:\Windows\SysWow64\setupempdrv03.exe[2013/02/11 13:58:52 | 000,019,840 | ---- | C] () -- C:\Windows\SysWow64\EuEpmGdi.dll[2013/02/11 13:58:52 | 000,014,920 | ---- | C] () -- C:\Windows\SysWow64\epmntdrv.sys[2013/02/11 13:58:52 | 000,009,160 | ---- | C] () -- C:\Windows\SysWow64\EuGdiDrv.sys[2013/02/03 10:47:58 | 001,293,240 | ---- | C] () -- C:\Windows\ddmmain.exe[2013/02/03 10:47:58 | 000,012,728 | ---- | C] () -- C:\Windows\SysWow64\ddmdrv.sys[2013/02/03 10:47:54 | 001,645,496 | ---- | C] () -- C:\Windows\ampa.exe[2013/02/03 10:47:54 | 000,012,728 | ---- | C] () -- C:\Windows\SysWow64\ampa.sys[2013/02/01 09:16:45 | 000,068,972 | ---- | C] () -- C:\Windows\SysWow64\nglide_uninst.exe[2012/12/11 14:46:18 | 000,042,440 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll[2012/11/27 01:18:46 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll[2012/09/09 05:20:20 | 001,306,624 | ---- | C] () -- C:\Windows\SysWow64\glide3x.dll[2012/09/07 03:13:56 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\nglide_config.exe[2012/09/05 15:38:31 | 001,391,616 | ---- | C] () -- C:\Windows\SysWow64\ActPDF.dll[2012/08/27 22:21:11 | 000,029,245 | ---- | C] () -- C:\Users\Chris\AppData\Local\TempMERGE(0)_TEMP_FILE_(4).pdf[2012/08/27 21:10:45 | 000,000,161 | ---- | C] () -- C:\Windows\DISPARAM.INI[2012/02/14 18:36:36 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat[2012/02/14 18:36:36 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat[2012/01/19 11:32:11 | 006,908,648 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall.exe[2012/01/19 11:32:11 | 000,017,655 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Music Converter.dat[2012/01/12 21:06:04 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin[2012/01/03 22:14:49 | 000,110,602 | ---- | C] () -- C:\Windows\SysWow64\xcdsfx32.bin[2011/12/17 13:43:40 | 000,406,336 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe[2011/10/23 15:53:38 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe[2011/09/28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat[2011/09/12 15:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat[2011/08/31 08:33:01 | 000,000,042 | ---- | C] () -- C:\Users\Chris\truShuffle.conf[2011/08/03 21:36:48 | 000,001,740 | ---- | C] () -- C:\Windows\Sandboxie.ini[2011/06/27 04:31:04 | 002,552,320 | ---- | C] () -- C:\Windows\SysWow64\QtCore4.dll[2011/06/27 04:30:50 | 017,333,760 | ---- | C] () -- C:\Windows\SysWow64\QtWebKit4.dll[2011/06/27 04:30:38 | 002,177,024 | ---- | C] () -- C:\Windows\SysWow64\QtScript4.dll[2011/06/27 04:30:34 | 001,209,344 | ---- | C] () -- C:\Windows\SysWow64\QtNetwork4.dll[2011/06/27 04:30:18 | 009,849,856 | ---- | C] () -- C:\Windows\SysWow64\QtGui4.dll[2011/06/27 04:29:54 | 000,344,576 | ---- | C] () -- C:\Windows\SysWow64\phonon4.dll[2011/06/27 04:29:54 | 000,043,008 | ---- | C] () -- C:\Windows\SysWow64\libgcc_s_dw2-1.dll[2011/06/27 04:29:54 | 000,011,362 | ---- | C] () -- C:\Windows\SysWow64\mingwm10.dll[2011/06/18 14:19:56 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat[2011/04/16 10:10:00 | 000,000,093 | ---- | C] () -- C:\Users\Chris\AppData\Local\fusioncache.dat========== ZeroAccess Check ==========[2009/07/13 20:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32][HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32][HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64"" = C:\Windows\SysNative\shell32.dll -- [2013/02/26 21:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Apartment[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]"" = %SystemRoot%\system32\shell32.dll -- [2013/02/26 20:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Apartment[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 17:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Free[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 19:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Free[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 17:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Both[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]========== LOP Check ==========[2013/04/20 22:12:19 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\.minecraft[2012/03/12 21:28:46 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\.UberCS[2013/04/09 08:49:29 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\8-Bit Commando[2012/02/01 21:17:30 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Able Apples[2012/01/19 21:47:31 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Acronis[2012/12/02 11:31:54 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Actual Tools[2012/04/03 18:28:31 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\AdultAdvantage[2012/08/01 08:06:47 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Amazon[2011/05/21 08:29:09 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\APOX[2013/01/26 10:14:17 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Artogon[2012/07/09 19:46:30 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Atari[2011/08/05 12:08:29 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\AtomZombieData[2013/01/30 13:00:45 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Avery[2013/02/10 13:31:45 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Awem[2012/03/18 11:05:12 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Barricade 3.5.1[2011/07/10 14:06:17 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Beat Hazard[2013/05/15 20:38:37 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Bioshock[2011/12/23 09:46:44 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\bizarre creations[2013/02/09 15:10:27 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Boilsoft[2012/12/03 17:33:56 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\calibre[2012/11/25 09:46:32 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Carbon[2012/09/28 09:39:05 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Chime[2012/06/25 08:57:52 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\com.cipherprime.auditorium[2011/09/30 18:12:41 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\com.webkinesis.PicasaUploaderDesktop[2011/04/21 19:38:52 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\CrashPlan[2013/01/12 17:43:25 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\DarknessII[2012/01/12 17:10:56 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\DarksporeData[2012/01/06 19:04:02 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Digiarty[2012/11/02 08:46:05 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\digipen[2012/03/10 21:29:48 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\DigitalVolcano[2013/05/17 16:29:31 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Doublefine[2013/06/04 17:18:30 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\dp3d[2013/06/06 18:02:15 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Dropbox[2011/07/10 18:21:50 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Dwarfs[2012/03/24 19:56:49 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Faerie Solitaire[2013/05/20 17:11:05 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\FairyBloomRe[2013/01/31 21:29:49 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\FatShark[2011/12/27 18:43:06 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\fotw[2012/01/02 21:25:32 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\FreeArc[2012/08/27 21:28:52 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Fujitsu[2012/10/05 11:56:08 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\GameFly[2011/10/23 16:44:55 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Gatling Gears[2013/04/20 18:25:20 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\GlarySoft[2012/04/13 13:40:30 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\HD Tune Pro[2011/05/13 20:24:04 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Hi-Rez Studios[2011/06/10 16:50:33 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\ImgBurn[2012/03/10 21:29:42 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\IsolatedStorage[2011/10/08 18:49:40 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Jason Robitaille[2012/03/13 13:34:00 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\JasonRobitaille[2011/11/03 14:20:49 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Kalypso Media[2013/05/25 13:56:44 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\KC Softwares[2011/04/27 12:58:47 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Leadertech[2011/12/31 10:22:08 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\M8 Software[2012/03/15 10:30:50 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Magi[2012/04/08 13:16:19 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\MahJong Suite[2011/12/28 22:04:24 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\MinMaxGames[2012/04/27 18:49:15 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Mp3tag[2012/01/25 11:05:43 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\MusicIP[2012/04/15 09:16:10 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Mystery of Mortlake Mansion[2011/08/02 10:38:15 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Naval Warfare[2013/04/13 09:45:14 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Nifflas[2013/06/08 16:17:12 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Origin[2012/08/27 21:34:19 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\PFU[2012/07/08 08:15:12 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Playrix Entertainment[2013/03/23 07:10:12 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\PoBros[2011/12/22 17:46:44 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Polynomial[2013/06/02 16:27:23 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\ProcessLasso[2013/05/22 16:49:06 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\PunkBuster[2013/06/08 13:08:12 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Raptr[2012/11/26 14:58:55 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\RenPy[2012/01/16 15:36:55 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\RetouchPilot[2012/09/29 10:14:09 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\RidNacs[2013/05/18 18:21:51 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\RIFT[2012/04/18 06:26:55 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Seas0nPass[2013/02/17 15:27:33 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Spotify[2013/01/10 22:23:07 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Stardock[2012/04/11 04:13:34 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\SuperUtils.com[2011/12/31 20:54:36 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\System[2012/11/27 20:10:54 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\SystemRequirementsLab[2012/03/14 07:31:18 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\TagScanner[2011/04/16 19:07:46 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\TeamViewer[2011/12/31 12:13:02 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\The Creative Assembly[2012/11/26 21:34:35 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\To the Moon - Freebird Games[2011/09/30 15:02:42 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\TomTom[2011/12/21 20:50:19 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Tropico 4[2011/10/31 19:50:51 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\TS3Client[2011/10/31 09:43:29 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Voxatron[2012/11/23 13:50:58 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Waveform[2012/03/22 05:47:30 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\WinISO Computing[2011/12/31 20:57:16 | 000,000,000 | -HSD | M] -- C:\Users\Chris\AppData\Roaming\wyUpdate AU[2013/02/04 07:26:41 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\XYplorer[2012/11/25 21:40:47 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\zombies========== Purity Check ==================== Alternate Data Streams ==========@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:0C22A340< End of report > Link to post Share on other sites More sharing options...
frozengamer Posted June 9, 2013 Author ID:689022 Share Posted June 9, 2013 extras.txt - post 1 of manyOTL Extras logfile created on: 6/8/2013 4:27:50 PM - Run 1OTL by OldTimer - Version 3.2.69.0 Folder = F:\Downloads64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstationInternet Explorer (Version = 9.10.9200.16576)Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy15.98 Gb Total Physical Memory | 9.36 Gb Available Physical Memory | 58.56% Memory free31.95 Gb Paging File | 27.03 Gb Available in Paging File | 84.60% Paging File freePaging file location(s): ?:\pagefile.sys [binary data]%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)Drive C: | 238.38 Gb Total Space | 24.40 Gb Free Space | 10.24% Space Free | Partition Type: NTFSDrive D: | 1397.17 Gb Total Space | 1172.36 Gb Free Space | 83.91% Space Free | Partition Type: NTFSDrive E: | 1397.26 Gb Total Space | 896.92 Gb Free Space | 64.19% Space Free | Partition Type: NTFSDrive F: | 1397.26 Gb Total Space | 357.21 Gb Free Space | 25.57% Space Free | Partition Type: NTFSDrive H: | 100.00 Mb Total Space | 61.82 Mb Free Space | 61.82% Space Free | Partition Type: NTFSDrive I: | 2794.39 Gb Total Space | 29.08 Gb Free Space | 1.04% Space Free | Partition Type: NTFSDrive J: | 2794.51 Gb Total Space | 1605.90 Gb Free Space | 57.47% Space Free | Partition Type: NTFSDrive K: | 100.00 Mb Total Space | 61.86 Mb Free Space | 61.86% Space Free | Partition Type: NTFSDrive L: | 2794.51 Gb Total Space | 422.32 Gb Free Space | 15.11% Space Free | Partition Type: NTFSDrive M: | 2794.51 Gb Total Space | 2630.59 Gb Free Space | 94.13% Space Free | Partition Type: NTFSComputer Name: BOSS | User Name: Chris | Logged in as Administrator.Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit ScansCompany Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days========== Extra Registry (SafeList) ==================== File Associations ==========64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>].html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation).url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>].cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation).html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)[HKEY_USERS\S-1-5-21-4185106890-2118697883-1949713553-1000\SOFTWARE\Classes\<extension>].html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)========== Shell Spawning ==========64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]batfile [open] -- "%1" %*cmdfile [open] -- "%1" %*comfile [open] -- "%1" %*exefile [open] -- "%1" %*helpfile [open] -- Reg Error: Key error.htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)piffile [open] -- "%1" %*regfile [merge] -- Reg Error: Key error.scrfile [config] -- "%1"scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %lscrfile [open] -- "%1" /Stxtfile [edit] -- Reg Error: Key error.Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Directory [Paste As File] -- C:\Program Files (x86)\PasteAsFile\PasteAsFile.exe "%1" ()Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)Directory [Rename with Métamorphose] -- C:\Program Files (x86)\metamorphose\metamorphose.exe %L (Ianaré Sévi)Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Folder [explore] -- Reg Error: Value error.Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]batfile [open] -- "%1" %*cmdfile [open] -- "%1" %*comfile [open] -- "%1" %*cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)exefile [open] -- "%1" %*helpfile [open] -- Reg Error: Key error.htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)piffile [open] -- "%1" %*regfile [merge] -- Reg Error: Key error.scrfile [config] -- "%1"scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %lscrfile [open] -- "%1" /Stxtfile [edit] -- Reg Error: Key error.Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Directory [Paste As File] -- C:\Program Files (x86)\PasteAsFile\PasteAsFile.exe "%1" ()Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)Directory [Rename with Métamorphose] -- C:\Program Files (x86)\metamorphose\metamorphose.exe %L (Ianaré Sévi)Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Folder [explore] -- Reg Error: Value error.Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.========== Security Center Settings ==========64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]"cval" = 164bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]"AntiVirusOverride" = 0"AntiSpywareOverride" = 0"FirewallOverride" = 064bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]========== Firewall Settings ==========[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]"EnableFirewall" = 1"DisableNotifications" = 0[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]"EnableFirewall" = 1"DisableNotifications" = 0[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]"EnableFirewall" = 1"DisableNotifications" = 0========== Authorized Applications List ==================== Vista Active Open Ports Exception List ==========[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]"{097E42EE-AB5E-4F5D-9145-F1720F9E2C5D}" = lport=57650 | protocol=17 | dir=in | name=pando media booster |"{18AEBA7A-A584-44B7-9E56-3C0ADC94D6D7}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |"{3596B365-6E28-4139-85C6-E2CA24D4849B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |"{43EA73AD-26E9-4264-92A6-B699E4027887}" = rport=137 | protocol=17 | dir=out | app=system |"{457D9AFD-53D7-4313-A07B-4F0C3A0EA439}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |"{4928FDA3-763B-4CA1-8BEE-7192854E1133}" = lport=57650 | protocol=17 | dir=in | name=pando media booster |"{51A5988D-9A49-4183-91E8-B86186F77E13}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |"{5207B1AE-B4B4-4157-B3ED-3864997930AF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |"{533B7FD1-7C92-4906-8034-9B80815A49F9}" = rport=10243 | protocol=6 | dir=out | app=system |"{547F7928-AEA5-4C04-B67C-BCA8E76E71A7}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |"{5960DBBE-573C-4DE2-9E6A-281407BAF8A2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |"{6A682014-8B9A-4770-AC9E-8E36E3320449}" = lport=57650 | protocol=6 | dir=in | name=pando media booster |"{76DC121E-5644-437C-A048-27BE392414B3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |"{88D04866-300C-4A3D-9A2F-9DFF6893C3DF}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |"{9359DB6E-6496-462F-9E9B-1C35FD6EED7D}" = lport=10243 | protocol=6 | dir=in | app=system |"{9D42D91C-794A-4D4F-8759-3F503F3C46E0}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |"{A1FE4338-560C-4457-B134-DCEFF318CE89}" = lport=137 | protocol=17 | dir=in | app=system |"{A70ADE74-2049-470C-8212-A2847AE65C20}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |"{A790F35D-E361-462C-847A-14F66980F5CF}" = rport=139 | protocol=6 | dir=out | app=system |"{AC6F6EE8-B7C6-46D3-BDAE-3F08435EEB1C}" = lport=445 | protocol=6 | dir=in | app=system |"{B69A2946-D4F7-4B13-918E-8522FC72E599}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |"{BF8AF79F-E773-4649-BF01-BF124C46FDD5}" = rport=138 | protocol=17 | dir=out | app=system |"{C353F8C2-0C82-4D59-8943-2ACF27B361AD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |"{CAE052E1-6E65-4B67-B758-BA72D12A364A}" = lport=138 | protocol=17 | dir=in | app=system |"{CD2CA356-3EFD-417F-B7AC-D0D6554AC636}" = lport=2869 | protocol=6 | dir=in | app=system |"{DB5246D3-3F52-4D23-80C7-F283A83F19FF}" = lport=57650 | protocol=6 | dir=in | name=pando media booster |"{E3E29736-7397-477B-AF38-39067F53C6D0}" = rport=445 | protocol=6 | dir=out | app=system |"{E50DA36F-5F16-423E-91E7-D2F40C525B19}" = lport=139 | protocol=6 | dir=in | app=system |"{FEE86AEE-81D5-434B-A4BB-117C26C9CB95}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |========== Vista Active Application Exception List ==========[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]"{000787AA-693A-498D-8D36-BFDA849210CF}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\rocket mania deluxe\rocketmania.exe |"{002ADC93-0F5D-41AA-8A15-16EE421C2C8E}" = protocol=6 | dir=in | app=i:\steam\steamapps\common\flatout2\flatout2.exe |"{002B2442-3AEE-4FBF-841F-5EF3EEAEF694}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\arx fatalis\arx.exe |"{0044A638-3E1A-4992-A06B-2950486D4D67}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\space rangers 2 reboot\rangers.exe |"{0052DD6E-46D3-4049-941F-A1E2EAC67E1B}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2launcher.exe |"{0080C5C4-D842-4CF4-8024-3FEEA76B6026}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\the binding of isaac\isaac.exe |"{0084575D-4CAF-4615-B71A-A76062A65967}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\trackmania united\tmforeverlauncher.exe |"{0092D805-0506-492F-94D3-CE5577A05DFF}" = protocol=17 | dir=in | app=e:\steam2\chronicles of riddick - assault on dark athena\system\win32_x86\darkathena.exe |"{00A2EF33-83C0-478C-86B6-DF712871BF57}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\off-road drive\binaries\win32\ord.exe |"{00AE7B35-2092-4EF3-9CE2-0FA4F804EE79}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\space pirates and zombies\spazgame.exe |"{00D5F982-530A-4AED-AB3A-9B90954F2D6E}" = protocol=6 | dir=in | app=i:\steam\steamapps\common\broken sword shadow of the templars\bs1dc.exe |"{00E74B37-68C0-4AA1-9A2B-33421E0B297C}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\delta force\df.exe |"{00FD6BB9-932B-437F-9C7A-08287F2127DD}" = protocol=6 | dir=in | app=i:\steam\steamapps\common\dungeon defenders\binaries\win32\dungeondefenders.exe |"{010D9412-4789-4267-99BC-1587B2F45288}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\devil may cry 4\devilmaycry4_dx9.exe |"{0125028B-10DE-4B89-9F5B-C5422C91822E}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\akfalcon\bloody good time\bgt.exe |"{0128F305-D4D1-4EF7-B8DF-929E620D5FE5}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\alien zombie megadeath\alienzombiemegadeath.exe |"{013B3C14-AF8A-4768-AC93-ED1DC1445322}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\fable 3\fablelauncher.exe |"{0147B141-2EAA-42A5-BB26-EBEC7D336A1F}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\bookworm adventures deluxe\bookwormadventures.exe |"{01505DEF-0C24-4D29-A718-412BCF2C979A}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\manhole\manhole.exe |"{017E0C3A-FD17-4DC2-A8B8-364A28C16F89}" = protocol=17 | dir=in | app=d:\program files (x86)\electronic arts\darkspore\darksporebin\darkspore.exe |"{0186E135-5ED2-4936-9630-4108BB5C3313}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\the wizards pen\wizardspen.exe |"{018B829E-6210-4AEF-8FC2-420EF1CF731D}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\men of war assault squad\mow_assault_squad.exe |"{018F3C45-509F-42D8-BB74-80AE15BAA055}" = protocol=6 | dir=in | app=i:\steam\steamapps\common\star wars empire at war\runme2.exe |"{019A258C-768A-47B8-A4EF-7ABDCF6E284C}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\ultimate doom\ultimate + mouse.bat |"{01B9CAE5-154B-465D-A48E-B637ED89276E}" = protocol=6 | dir=in | app=i:\steam\steamapps\common\tinytroopers\tinytroopers.exe |"{01BC54D7-5BAB-4421-BB3B-B6AB1C4F0025}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\vigil blood bitterness\vigil blood bitterness.exe |"{01C015E8-3B43-4C53-99A1-A3600CC0E95C}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\legendary\binaries\legendary.exe |"{01C5710D-AF3E-4431-B1E6-5C75856AB2D7}" = protocol=6 | dir=in | app=i:\steam\steamapps\common\star wolves 3 civil war\sw3cw.exe |"{01CD15BC-AE9F-4F56-85CE-53AA4D1B829B}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\nexuiz\bin32\nexuiz.exe |"{01CF2122-0228-46CF-83C4-D15B1A77C505}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\mass effect 2\binaries\masseffect2.exe |"{01E44C91-66CA-47F5-8EEC-4AAB2DFF6476}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\global agenda live\binaries\launcherbin\hirezlauncherui.exe |"{01FC3E5E-EAEC-42AD-BF2A-09060AB79E08}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\a farewell to dragons\thegame.exe |"{0202956F-32AA-4A6C-A3C3-4E43969EA3E8}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\hammer heads deluxe\hammerheads.exe |"{0228F299-61C9-4B60-A823-7A24E4A3EB31}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\theatre of war\towsetup.exe |"{0236468F-BF75-4124-9480-18CBD8DAFD5D}" = protocol=6 | dir=in | app=i:\steam\steamapps\common\king arthur - the role-playing wargame\kingarthurmulti.exe |"{0237B926-C8B1-4D1E-AD40-6D65B624BD8D}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\lego lord of the rings\legolotr.exe |"{0238F018-6FEE-4FEE-BBE8-0B7B80DC1C07}" = protocol=6 | dir=in | app=i:\steam\steamapps\common\two worlds ii\twoworlds2_dx10.exe |"{023D0D9E-BCD3-4E7A-9ABF-85432E00F133}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\analogue a hate story\analogue.exe |"{02411360-DEF1-4695-B89C-BB650988BF4A}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\lego batman 2\legobatman2.exe |"{0244E41A-BB95-4F97-B092-08AF58DEBA2A}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\axel and pixel\ap.exe |"{02499D9F-BC36-42FC-8626-3B07C18D14E8}" = protocol=6 | dir=in | app=i:\steam\steamapps\common\space channel 5 part 2\config.exe |"{0250A50B-2DC9-43CC-8D28-BFD28C9E7829}" = protocol=6 | dir=in | app=i:\steam\steamapps\common\grotesque tactics\grotesquetactics.exe |"{02588A4F-4BE1-410E-8827-E9BAB5FF8B10}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\tomb raider anniversary\tra.exe |"{025BD1E2-32A1-4CB7-A4A2-93FDE543DCD1}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\spacechem\spacechem.exe |"{025D22ED-89C0-45AD-888F-D19FB30F482E}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dawn of magic ii\timeofshadows.exe |"{025F195D-6D25-49F8-8EBB-FD9D54660E5D}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\hitman 2 silent assassin\config.exe |"{0272926A-2B05-4C48-AFC5-48E5A8FDCD96}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\armed and dangerous\gamedata\game.exe |"{02824CE7-25B2-4920-B312-22F60E044EAE}" = protocol=6 | dir=in | app=i:\steam\steamapps\common\nexuiz\bin32\nexuiz.exe |"{0298DD8A-D8D0-426F-A309-CF1278C54703}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\everyday shooter\everydayshooter.exe |"{02E3E0F4-E8D8-4C16-BC01-F6D90310B15D}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat |"{02F26D75-4098-49EA-984F-F4DE5DE5EA98}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\bit.trip beat\beat.exe |"{02FEBEB1-332F-4C46-85AC-C77B04C26C6F}" = protocol=6 | dir=in | app=c:\program files\crashplan\crashplanservice.exe |"{03106B1B-F318-4D9B-9FCC-567BC0E57D65}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\lego batman\legobatman.exe |"{0311798B-892D-4C7C-9DEC-D5E5D49A3DAA}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\commandos behind enemy lines\comandos.exe |"{03160D26-FA5A-4EB3-BBEE-7E667E0507AE}" = protocol=17 | dir=in | app=e:\steam2\bioshock 2\sp\builds\binaries\bioshock2launcher.exe |"{0325B6C6-DC00-4CEB-A518-D2E8659ED098}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\revenge of the titans\revengeofthetitans.exe |"{032A8ED8-358E-40B4-8F84-D7116D9ACFFE}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\stronghold crusader extreme\stronghold crusader.exe |"{032EFE39-BCA5-4674-8830-1C0BE958302C}" = protocol=6 | dir=in | app=i:\steam\steamapps\common\roboblitz\binaries\robolaunch.exe |"{03533061-CBAC-4926-9D7C-3B5D81AAE3A6}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dirt\dirt.exe |"{035351BC-5AF7-41DD-BCBA-BA80FC447326}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\qube\binaries\win32\qube.exe |"{03577FA2-3536-4AF5-AE8F-C715BFD28925}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\real warfare\engine.exe |"{036A6B0D-C001-4B1B-8EA5-9D9A89B33F64}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\xpand rally xtreme\readme.txt |"{036DB32E-3FE8-4566-90DB-182B864F6F78}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\insecticide part 1\game.exe |"{03720B23-33C9-4D4E-AF84-597C38CFCF48}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\titan quest immortal throne\tqit.exe |"{0373A49E-2205-4E57-870A-993E1A3A228B}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\chrome specforce\specforce.exe |"{037A2310-FA73-49D2-808B-BD3B702EFA70}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\commandos beyond the call of duty\coman_mp.exe |"{0387E78C-E956-421D-9F2C-509B04549435}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\tobe's vertical adventure\tobe's vertical adventure.exe |"{0388EF7A-37F8-42F5-B2A7-EFF459016935}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\world of goo\worldofgoo.exe |"{03928EDD-ACC2-4F2D-AFA8-262DB487FAEF}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\spellforce 2 - faith in destiny\spellforce2faithindestinyeditor.exe |"{0394C636-87F7-45FB-9AB0-68C4B8615A8D}" = protocol=17 | dir=in | app=e:\steam2\toki tori\tokitori.exe |"{03A0451E-8CB4-421B-BF3B-6D9C9E26A404}" = protocol=6 | dir=in | app=i:\steam\steamapps\common\quake 3 arena\quake3.exe |"{03A69427-4AB4-4C53-A212-5C16C7E1E579}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\oddworld abes exoddus\exoddus.exe |"{03AC42E9-2B22-4BD6-B2E0-5579BD0027A3}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\elven legacy\elvenlegacy.exe |"{03AD48CA-37B4-49EB-AB49-9AA1E2CDDF77}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\far cry 2\bin\fc2editor.exe |"{03B2E27B-CC10-4F6C-ABE4-B1D9FF18F470}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\amazing adventures the lost tomb\amazingadventures.exe |"{03BDCC83-83F5-4C6A-B6CD-B449FE4CC0E3}" = protocol=17 | dir=in | app=e:\steam2\just cause\jcsetup.exe |"{03BEA459-B2A7-4BAE-B3E2-20E052C729E1}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\king arthur - the role-playing wargame\kingarthur.exe |"{03CF8CD1-0246-485C-A5F5-90299CC62BF9}" = protocol=6 | dir=in | app=f:\games\neverwinter\neverwinter_nw.1.20130416a.6.exe |"{03E48BAC-3103-4681-B7D3-5F81DA886897}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\thief_gold\thief.exe |"{03F35A82-81E2-4F3E-A292-1221B9BE7AAE}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\zen bound 2\zenbound2.exe |"{03F4A954-83D8-4499-AD3E-AF9BD370297F}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\airbuccaneers\abu.exe |"{03F64A4B-2C6C-4590-9DE5-2898175599B7}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\noitu love 2 devolution\config.exe |"{03FDD7B3-00BA-4DAC-B2AE-7DDDD50A6C97}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\darkstar one\darkstarone.exe |"{0402E3D5-8786-4DF9-857B-061FA6C50135}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\thief deadly shadows\system\runme.exe |"{0408D8A3-9A91-47CA-8E84-603CE04E9CEE}" = protocol=6 | dir=in | app=i:\steam\steamapps\common\hydrophobia\hydropc.exe |"{043D88FF-3927-4E50-A673-4F7A3CD738C1}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\unreal tournament 2004\system\ut2004.exe |"{044DF6D2-C21A-4A03-AAE4-991D19E81EF6}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\beat hazard\runme.exe |"{044FDBD7-9907-4F1D-A67B-731B466105C6}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\feeding frenzy 2 deluxe\feedingfrenzytwo.exe |"{04555269-BD36-4E74-B1FF-72F133AEA36D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |"{045B4BFF-EE3F-4FE3-8903-9CED8B2D1935}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\audiosurf\engine\questviewer.exe |"{04703B75-76B7-4F01-BF9C-38BA6A1A0C6E}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\hacker evolution untold\hacker evolution untold.exe |"{047FA04E-F91F-4F93-8F56-8F58FB79ABFB}" = protocol=6 | dir=in | app=i:\steam\steamapps\common\ibomber defense pacific\ibomberdefensepacific.exe |"{048B93C5-0A9A-442D-8440-D969079819B2}" = protocol=17 | dir=in | app=e:\steam2\mlb 2k10\mlb2k10.exe |"{048B94A5-5A50-41FA-8D33-F357B72C9C5E}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\silverfall\mc_game_link.htm |"{048EABEB-878F-419C-A858-449DE34384DE}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\shadowgrounds survivor\survivor.exe |"{049327BC-9DF5-470E-BD1B-C4221ED87C72}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\terraria\terraria.exe |"{0496047D-D58B-40AA-AA42-18197DD070D1}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\bejeweled deluxe\winbej.exe |"{04A9CDA1-703C-4243-80B4-C6A2BFB5E46E}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\chrome\chrome.exe |"{04AC5EC9-A1D1-440F-A500-A0EDAC0B1CFB}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\spellforce platinum edition\spellforce.exe |"{04BB03AD-93EF-4D88-A25F-A3378B8D47EA}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\postal2complete\system\postal2.exe |"{04BF0FC6-3471-472F-8B32-85E8B8CBEAB4}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\metro 2033\metro2033.exe |"{04CC71E5-3CBA-4A0B-B71F-8C657BC1642F}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\jade empire\jadeempirelauncher.exe |"{04DD8E3B-1A08-408A-9A3E-D2801604D92F}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\hector ep 2\hector102.exe |"{04E95436-86E4-43DC-AF62-8378F0AD2A80}" = protocol=17 | dir=in | app=e:\steam2\alien swarm\srcds.exe |"{04E9A57F-CFDC-4982-BECE-AD85E5760833}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dynomite deluxe\dynomite.exe |"{04E9F33A-8A0A-4461-8B7F-1B661EAC5EB2}" = protocol=6 | dir=in | app=i:\steam\steamapps\common\sam and max episode 6\sammax106.exe |"{04EEF876-C2EA-486C-9757-1202AA940738}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\serious sam 3\bin\sam3_dedicatedserver.exe |"{04FD444D-DEA8-4DDB-A144-B2105D9A26D4}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\the path\pathviewer.exe |"{0503839E-D340-4D03-95A6-732BA73ED515}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\command and conquer red alert 3 uprising\ra3ep1.exe |"{051489A4-CDD4-48DA-8C68-4A1532F2EA8C}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\delta force 2\df2med.exe |"{052AE970-0067-4491-96B3-036DE9B9C9CF}" = protocol=6 | dir=in | app=e:\steam2\anomaly warzone earth\anomalywarzoneearth.exe |"{0535BBEC-20DB-44BA-A5E0-1A1CC724923D}" = protocol=6 | dir=in | app=e:\steam2\command and conquer red alert 3\support\ea help\electronic_arts_technical_support.htm |"{057356D7-EA9B-4D3D-A306-42F6A8F98623}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\ironclads anglo russian war 1866\config.exe |"{05986093-32C8-419D-8088-855B420E6010}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\steelstorm\steelstorm.exe |"{05A76F92-416F-4452-AA27-5A9A325519D5}" = protocol=6 | dir=in | app=i:\steam\steamapps\common\themonsterslayer\distro\garshasp.exe |"{05C91B2B-CC9D-4F8F-B7C9-3342011C6FD5}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\napoleon total war\napoleon.exe |"{05ECEB78-CD15-4131-9C08-37C9ACF1E4E6}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\lego harry potter\legoharrypotter.exe |"{0629D833-6A38-4E5E-B410-E805C1AFC5CB}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\deus ex\system\deusex.exe |"{064CC5B2-78DF-45B7-BE46-A546D9D3012A}" = protocol=6 | dir=in | app=i:\steam\steamapps\common\rush\rush.exe |"{0662DD53-80E5-48CA-A442-2E83E2D5BE44}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\stalker clear sky\bin\xrengine.exe |"{0664A415-E53A-4DB4-8252-CF8302CFBBB2}" = protocol=6 | dir=in | app=i:\steam\steamapps\common\amazing adventures the lost tomb\amazingadventures.exe |"{067551D4-4C5D-42DB-BF42-32C74340F20A}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\worms\runworms.bat |"{067DFF07-128D-491E-AFD3-688318266F44}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\rocket mania deluxe\rocketmania.exe |"{06905526-D9DC-4D65-B095-BAC39B308FA5}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\x2 - the threat\x2.exe |"{0694DEB3-DDEE-4C15-8A5A-97A842D92127}" = protocol=6 | dir=in | app=i:\steam\steamapps\common\condemned criminal origins\condemned.exe |"{0699F921-8C5A-472A-BB92-582D9F2F963F}" = protocol=6 | dir=in | app=i:\steam\steamapps\common\closure\closure.exe |"{06AA259A-4FDF-420A-BB20-C343DC2C5CF4}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\avernum 4\avernum 4.exe |"{06C7B6E9-149C-421A-9F4D-F233161CF732}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\grand theft auto 2\gta2.exe |"{06D0794F-9C03-49BA-94D2-9B1648F37C1F}" = protocol=6 | dir=in | app=i:\steam\steamapps\common\dreamfall the longest journey\dreamfall.exe |"{06F21304-2EF2-4397-A263-39214BC26CFA}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\spellforce platinum edition\spellforce.exe |"{070BA519-4C3A-4ECD-8B3B-FA5401A49F8E}" = protocol=6 | dir=in | app=e:\steam2\command and conquer red alert 3\runme.exe |"{0712F834-537D-4083-8692-B55E938ED872}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\shadowgrounds survivor\shadowgrounds survivor launcher.exe |"{071E0FDD-D2C8-483E-A4DB-133C9203B838}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\your doodles are bugged!\yourdoodlesarebugged.exe |"{0720D1F2-4158-42E6-8E83-0DC191D51726}" = protocol=6 | dir=in | app=i:\steam\steamapps\common\the guild ii\guildii.exe |"{0721004E-7D49-4AC3-ADAB-02CE22D2B80C}" = protocol=17 | dir=in | app=e:\steam2\x3 - reunion\x3_reunion_manual_steam_english.pdf |"{0725D051-610C-4A46-9B84-D829857C2CE6}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\eschalon book 2\book_2.exe |"{0727574D-7577-4E61-B4F9-FC83AF64C389}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\trine 2\trine2_launcher.exe |"{072CE145-AB07-4747-80A9-0470A9DEC5DE}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\prince of persia the warrior within\princeofpersia.exe |"{07386377-6DDC-4EDA-9916-456175BD50EB}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\alien hallway\preloader.exe |"{07649481-423F-47E9-8744-1D76406B06B4}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\vertex dispenser\vertex dispenser.exe |"{07822D56-5870-4C22-8FC2-330A9F6B574B}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\sonic and sega all stars racing\config.exe |"{07890CB0-A3ED-4782-B862-5868817713A3}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\doom 3\doom3.exe |"{078C99D4-8B42-41A9-A73D-55A08D2F6DF1}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\sonic and sega all stars racing\config.exe |"{07997F21-7FFF-40F1-A24B-59D83BCE2F93}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\space pirates and zombies\spazgame.exe |"{079C945C-801D-4CFE-84B0-F22D9C99D239}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\overlord\config.exe |"{079D8268-4762-40AC-ADFC-04F418E39A96}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\joint operations typhoon rising\jointops.exe |"{07BFBE9C-BD2D-413E-BACF-138E451EAD91}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\quake 2\quake2.exe |"{07DAFBB2-448D-47F0-A04F-6FDCB3E233A6}" = protocol=6 | dir=in | app=i:\steam\steamapps\common\commandos behind enemy lines\comandos.exe |"{07EA315C-138C-4C3A-BE57-59352FC81CE2}" = protocol=6 | dir=in | app=i:\steam\steamapps\common\hearts of iron 3\hoi3game.exe |"{07EB4E7D-403D-4C4B-BCD2-05DF28AB56AB}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\stronghold crusader extreme\stronghold crusader.exe |"{07F5F149-995A-412C-B1FE-090DE63CD7E3}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |"{0807616B-0C69-4858-A245-ADCF4F8B8BF8}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\saira\settings.exe |"{0812333B-2F87-47CE-BFA1-769298A638D9}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\quake 2\reckoning.bat |"{0813F71C-E2D2-4359-8B8D-369A1CA8D097}" = protocol=6 | dir=in | app=i:\steam\steamapps\common\crash time ii\burningwheels.exe |"{082D0CE2-A175-408F-8FAD-54242944FD4C}" = protocol=6 | dir=in | app=i:\steam\steamapps\common\red faction ii\red faction ii.exe |"{0830F7F4-C954-492B-AA45-28A7F0AB717B}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\diamond dan\dd.exe |"{0854AE1C-68CA-44B7-A410-2438D78A66D9}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\hackslashloot\hackslashloot.exe |"{08660895-2AC5-4283-B2A9-D12C9E2E12C0}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\civcity rome\civcity rome.exe |"{08870BD6-002E-4485-A869-FF2812E1C049}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\rainbow six lockdown\lockdown.exe |"{08874F6D-3D3C-43F4-BD3B-74051D5F555D}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\akfalcon\sin episodes emergence\sinepisodes.exe |"{088E8484-1927-4015-A9E4-2C8FF6F8A19C}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\talismania deluxe\talismania.exe |"{08D84014-215C-46A8-B078-5A522B5FD9DD}" = protocol=6 | dir=in | app=i:\steam\steamapps\common\startrekdac\bin\startrekdac.exe |"{08E55B0A-B705-4570-AB08-D998A87C1909}" = protocol=6 | dir=in | app=i:\steam\steamapps\common\dwarfs\dwarfs.exe |"{08ECE521-54AA-405C-8BA9-8E4958260388}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\x2 - the threat\x2.exe |"{08F632E7-4DB5-4549-88EA-67521FA8DF59}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\ben there, dan that!\winsetup.exe |"{090DFF26-9CEC-44AC-994B-5989271477DA}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\joint operations typhoon rising\jointops.exe |"{09133C25-D8E3-481A-BBA8-27B0212A3D0C}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\x3 terran conflict\x3ap.exe |"{091F43B5-E503-4901-A094-08B5E72FC83A}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\stranger's wrath\launcher.exe |"{09265CE7-1DB5-4216-B774-51FF3E1F2939}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\aim racing\aimrace.exe |"{0927CEB0-3E6D-45D4-AB98-8A0ABA9C41FC}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\supreme commander\bin\supremecommander.exe |"{0939AABA-4CB4-4F0D-871F-E92C77F1045E}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\the first templar\tft.exe |"{093E9BD7-7DCA-4657-B66C-9B2A1F2FBFE3}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\escape rosecliff island\escaperosecliffisland.exe |"{09522A9C-2DC5-4DDC-A37E-BCDB34C815A9}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\riven\riven.exe |"{0955ADCB-8115-4BEF-A3FF-F5D69FAC5B8B}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\lugaru hd\lugaru.exe |"{095ADA34-3CF4-4B6B-991D-1709DD52CF2B}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\star wars starfighter\starfighter.exe |"{0962B812-BC62-41F2-9D0C-C13053AE5FC3}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\big money deluxe\winbm.exe |"{09714503-7531-4C10-8C45-3CA0FCDEDA51}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\theatre of war\builder.exe |"{097806F1-5731-4838-ABCE-3B0F7CF8C29C}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\hoard\win32\reuben.exe |"{097D8066-12DB-4A6D-90DD-A3BF72067C0A}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\port royale 2\pr2config.exe |"{0992D44D-1DA5-4B1C-9750-1486BC66120F}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\spore\support\ea help\electronic_arts_technical_support.htm |"{099E9AC1-CC8C-4D38-8D6A-5156A6F4E9D0}" = protocol=6 | dir=in | app=i:\steam\steamapps\common\battlestations midway\options.exe |"{09B26244-AB30-4926-888C-489ED11C1BB3}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\serious sam the random encounter\sstre.exe |"{09B2A625-83F8-4D93-AC84-757AEE0FCFDC}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\nyxquest kindred spirits\nyxquest.exe |"{09B37DA9-69B6-4FC5-BD7C-E87B4DE986D8}" = protocol=6 | dir=in | app=i:\steam\steamapps\common\juiced 2 hot import nights\j2launcher.exe |"{09C0ACE2-0358-4B39-BD65-0CC7DBF51689}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\operation flashpoint dragon rising\mission editor\missioneditor.exe |"{09C8D82E-0C88-4F01-8ACD-83D60F4533DA}" = protocol=6 | dir=in | app=i:\steam\steamapps\common\f-22 lightning 3\l3.exe |"{09CAFEC0-0041-4636-9BA6-85AFA8E9226D}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\cloudberry test\run_game.bat |"{09D49C0F-7D24-488C-B937-5D022CF05E7D}" = protocol=6 | dir=in | app=i:\steam\steamapps\common\arcadia\act.exe |"{09D9289C-B00B-43BB-8EC4-F946EC958DA5}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\brothers in arms hells highway\binaries\biahh.exe |"{09F08F56-13F1-438D-9408-A7EC384E0FE3}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dreamkiller\localized_readme.exe |"{09FD4FF2-41CC-49A7-9C9D-2960CE3E9C81}" = protocol=6 | dir=in | app=i:\steam\steamapps\common\shank 2\bin\shank2.exe |"{09FD7DE2-7DB2-40C0-B2D3-7BF3723E90F4}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\stellar impact\stellarimpact.exe |"{0A03390C-E5F7-40A0-865E-2A8BBD238DB9}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\bioshock 2\mp\builds\binaries\bioshock2launcher.exe |"{0A04CF60-CABA-4DBD-ADC0-C7AEBE87B61B}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\ultimate doom\ultimate.bat |"{0A1CF613-005D-49D4-BB23-2BEF2B047DC9}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\doom 3 bfg edition\doom3bfg.exe |"{0A2627E7-F44E-4E82-8EDA-64FE7896033E}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\towns\towns.exe |"{0A409698-60A8-4FFD-BC0C-B7508F8BDA4A}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\crazy taxi\config.exe |"{0A432891-CD7D-4D78-B4BA-30C91BD4771E}" = protocol=6 | dir=in | app=i:\steam\steamapps\common\universe sandbox\universe sandbox.exe |"{0A50FB7B-02A4-451E-B9DF-DF3C5787DA82}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\divinity ii - dragon knight saga\bin\divinity2.exe |"{0A5B0904-B205-42E7-9F6A-8B61B71BC029}" = protocol=17 | dir=in | app=i:\steam\steamapps\common\port royale 2\pr2.exe | Link to post Share on other sites
Recommended Posts