Not sure if I cleaned everything out

poopadoop · December 11, 2013

Found a bitcoin miner trojan and now I'm nervous. Getting clean reports from malwarebytes now.

Here are the DDS log files:

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 9.0.8112.16476 BrowserJavaVersion: 10.45.2

Run by middle3 at 1:18:57 on 2013-12-11

Microsoft® Windows 7 Eternity™ 2009 6.1.7600.0.1252.1.1033.18.8190.5037 [GMT -5:00]

.

AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\Windows\system32\atieclxx.exe

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\ChicaLogic\ChicaPC-Shield\cpcsscheduler.exe

C:\Program Files (x86)\ChicaLogic\ChicaPC-Shield\cpcsservice.exe

C:\Program Files (x86)\ChicaLogic\ChicaPC-Shield\cpcsgui.exe

C:\Windows\system32\hasplms.exe

C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe

C:\Windows\system32\HPSIsvc.exe

C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

C:\Program Files (x86)\OctaneVPN\resources\bin\win32\octanevpnsrvc\octanevpnsrvc.exe

C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe

C:\Program Files\TrueCrypt\TrueCrypt.exe

C:\Users\middle3\AppData\Local\FluxSoftware\Flux\flux.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe

C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe

C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe

C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe

C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\System32\WUDFHost.exe

C:\Users\middle3\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Users\middle3\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\System32\svchost.exe -k swprv

C:\Windows\system32\wbem\wmiprvse.exe

C:\Users\middle3\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = about:blank

uURLSearchHooks: {7aeb3efd-e564-43f1-b658-5058a7c5743b} - <orphaned>

uURLSearchHooks: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - <orphaned>

mURLSearchHooks: TVersitybar Toolbar: {66bd2442-241b-44cd-8c7a-b51037053cdb} - C:\Program Files (x86)\TVersitybar\prxtbTVe2.dll

mWinlogon: Userinit = userinit.exe,

BHO: TVersitybar Toolbar: {66bd2442-241b-44cd-8c7a-b51037053cdb} - C:\Program Files (x86)\TVersitybar\prxtbTVe2.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

TB: TVersitybar Toolbar: {66BD2442-241B-44CD-8C7A-B51037053CDB} - C:\Program Files (x86)\TVersitybar\prxtbTVe2.dll

TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

uRun: [TrueCrypt] "C:\Program Files\TrueCrypt\TrueCrypt.exe" /q preferences /a logon

uRun: [F.lux] "C:\Users\middle3\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow

mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui

mRun: [20131121] C:\Program Files\AVAST Software\Avast\setup\emupdate\a102b0a6-59fb-4ba5-8ee8-09a617fcd9f9.exe /check

mRun: [sDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"

dRun: [Welcome Center] C:\Windows\System32\rundll32.exe C:\Windows\System32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut

StartupFolder: C:\Users\middle3\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\middle3\AppData\Roaming\Dropbox\bin\Dropbox.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:0

mPolicies-System: ConsentPromptBehaviorUser = dword:0

mPolicies-System: EnableLUA = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: PromptOnSecureDesktop = dword:0

mPolicies-Explorer: NoResolveTrack = dword:1

mPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Explorer: NoSMBalloonTip = dword:1

IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000

IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

TCP: NameServer = 192.168.1.1

TCP: Interfaces\{B3683E42-7BDE-4AFC-ADCE-74EFB90B0039} : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{BB18DC45-D884-4C04-A36C-4AA148E4C82F} : DHCPNameServer = 10.1.2.1

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

Notify: SDWinLogon - SDWinLogon.dll

SSODL: WebCheck - <orphaned>

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"

x64-Run: [shadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart

x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-SSODL: WebCheck - <orphaned>

.

================= FIREFOX ===================

.

FF - ProfilePath -

.

============= SERVICES / DRIVERS ===============

.

R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-3-15 65776]

R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-3-15 205320]

R0 vididr;Acronis Virtual Disk;C:\Windows\System32\drivers\vididr.sys [2013-5-7 210016]

R0 vidsflt53;Acronis Disk Storage Filter (53);C:\Windows\System32\drivers\vsflt53.sys [2013-5-7 141920]

R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2011-12-30 1032416]

R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2011-12-30 409832]

R2 aksdf;aksdf;C:\Windows\System32\drivers\aksdf.sys [2013-1-10 91784]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-12-19 240640]

R2 AODDriver4.01;AODDriver4.01;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-4-9 57472]

R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2011-12-30 38984]

R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2011-12-30 84328]

R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-11-24 50344]

R2 CPCSScheduler;CPCSScheduler;C:\Program Files (x86)\ChicaLogic\ChicaPC-Shield\cpcsscheduler.exe [2013-12-10 418376]

R2 CPCSService;CPCSService;C:\Program Files (x86)\ChicaLogic\ChicaPC-Shield\cpcsservice.exe [2013-12-10 701512]

R2 hasplms;Sentinel LDK License Manager;C:\Windows\System32\hasplms.exe -run --> C:\Windows\System32\hasplms.exe -run [?]

R2 HPM1210RcvFaxSrvc;HP LaserJet Professional M1210 MFP Series Receive Fax Service;C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [2010-5-11 362296]

R2 HPSIService;HP SI Service;C:\Windows\System32\HPSIsvc.exe [2012-1-1 126520]

R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-10-21 15125280]

R2 OctaneVPNSrvc;OctaneVPN Service;C:\Program Files (x86)\OctaneVPN\resources\bin\win32\octanevpnsrvc\octanevpnsrvc.exe [2013-9-20 822444]

R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-12-10 3921880]

R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-12-10 1042272]

R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-12-10 171416]

R2 StarWindServiceAE;StarWind AE Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-5-28 275968]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-10-23 414496]

R2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-5-31 3574624]

R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2011-12-14 2123584]

R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2011-12-30 46136]

R3 CPCSProtector;CPCSProtector;C:\Windows\System32\drivers\cpcs.sys [2013-12-10 25928]

R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2013-10-31 39200]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]

R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-12-12 11856]

S2 AODDriver4.2;AODDriver4.2;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-4-9 57472]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S3 AndNetDiag;LGE AndroidNet USB Serial Port;C:\Windows\System32\drivers\lgandnetdiag64.sys [2012-7-3 29184]

S3 ANDNetModem;LGE AndroidNet USB Modem;C:\Windows\System32\drivers\lgandnetmodem64.sys [2012-7-3 36352]

S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-11-6 96256]

S3 nmwcdnsucx64;Nokia USB Flashing Generic;C:\Windows\System32\drivers\nmwcdnsucx64.sys [2012-11-9 12800]

S3 nmwcdnsux64;Nokia USB Flashing Phone Parent;C:\Windows\System32\drivers\nmwcdnsux64.sys [2012-11-9 171008]

S3 PSKMAD;PSKMAD;C:\Windows\System32\drivers\PSKMAD.sys [2013-10-30 47632]

S3 STTub30;USB Driver for Tube device v3.0.1.0;C:\Windows\System32\drivers\STTub30.sys [2012-2-23 44080]

S4 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-12-19 361984]

S4 MediaMall Server;MediaMall Server;C:\Program Files (x86)\MediaMall\MediaMallServer.exe [2012-9-27 3940144]

.

=============== Created Last 30 ================

.

2013-12-11 04:35:18 21040 ----a-w- C:\Windows\System32\sdnclean64.exe

2013-12-11 04:35:12 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2

2013-12-10 19:00:53 -------- d-----w- C:\Users\middle3\AppData\Roaming\Glarysoft Giveaway

2013-12-10 18:59:35 -------- d-----w- C:\Users\middle3\AppData\Roaming\ChicaLogic

2013-12-10 18:59:30 -------- d-----w- C:\ProgramData\ChicaLogic

2013-12-10 18:59:29 25928 ----a-w- C:\Windows\System32\drivers\cpcs.sys

2013-12-10 18:59:29 -------- d-----w- C:\Program Files (x86)\ChicaLogic

2013-12-07 06:49:32 -------- d-----w- C:\ProgramData\PokerCoach

2013-12-07 06:46:59 -------- d-----w- C:\Program Files (x86)\PokerCoach

2013-12-07 06:31:02 210032 ----a-w- C:\Windows\SysWow64\DBCLIENT.DLL

2013-12-07 06:31:02 183808 ----a-w- C:\Windows\SysWow64\BDEADMIN.CPL

2013-12-07 06:31:02 -------- d-----w- C:\Program Files (x86)\Common Files\Borland Shared

2013-12-07 06:30:55 -------- d-----w- C:\Snowie Documents

2013-12-07 06:30:55 -------- d-----w- C:\Program Files (x86)\SnowieGroup

2013-11-29 16:41:23 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2013-11-29 16:41:23 -------- d-----w- C:\Program Files\iTunes

2013-11-29 16:41:23 -------- d-----w- C:\Program Files\iPod

2013-11-29 16:41:23 -------- d-----w- C:\Program Files (x86)\iTunes

2013-11-24 06:11:29 -------- d-----w- C:\Users\middle3\AppData\Roaming\AVAST Software

2013-11-20 00:17:33 -------- d-----w- C:\Users\middle3\AppData\Local\NVIDIA Corporation

2013-11-19 22:37:44 216064 ----a-w- C:\Windows\SysWow64\gcapi_dll.dll

2013-11-15 05:54:10 -------- d-----w- C:\Users\middle3\AppData\Local\webkit

2013-11-15 05:52:58 -------- d-----w- C:\Users\middle3\.kindle

2013-11-15 05:51:01 -------- d-----w- C:\Users\middle3\AppData\Local\Amazon

.

==================== Find3M ====================

.

2013-11-29 16:39:29 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-11-29 16:39:29 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-11-24 06:05:40 92544 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys

2013-11-24 06:05:40 84328 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys

2013-11-24 06:05:40 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys

2013-11-24 06:05:40 43152 ----a-w- C:\Windows\avastSS.scr

2013-11-24 06:05:40 205320 ----a-w- C:\Windows\System32\drivers\aswVmm.sys

2013-11-24 06:05:40 1032416 ----a-w- C:\Windows\System32\drivers\aswSnx.sys

2013-11-08 20:47:40 1064224 ----a-w- C:\Windows\System32\nvspcap64.dll

2013-11-08 20:47:39 955168 ----a-w- C:\Windows\SysWow64\nvspcap.dll

2013-10-23 08:20:08 6669600 ----a-w- C:\Windows\System32\nvcpl.dll

2013-10-23 08:20:07 3489568 ----a-w- C:\Windows\System32\nvsvc64.dll

2013-10-23 08:20:05 922912 ----a-w- C:\Windows\System32\nvvsvc.exe

2013-10-23 08:20:05 63776 ----a-w- C:\Windows\System32\nvshext.dll

2013-10-23 08:20:05 219424 ----a-w- C:\Windows\System32\nvmctray.dll

2013-10-23 07:02:36 589600 ----a-w- C:\Windows\SysWow64\nvStreaming.exe

2013-10-16 00:48:05 1884448 ----a-w- C:\Windows\System32\nvdispco6433158.dll

2013-10-16 00:48:05 1511712 ----a-w- C:\Windows\System32\nvdispgenco6433158.dll

2013-10-08 11:50:37 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2013-09-27 23:01:44 39200 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys

2013-09-27 23:01:38 29984 ----a-w- C:\Windows\System32\nvaudcap64v.dll

2013-09-27 23:01:38 28960 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll

.

============= FINISH: 1:19:13.16 ===============

attach.txt

kevinf80 · December 11, 2013

Hello and

P2P/Piracy Warning:

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.
Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.
If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

Next,

Download AdwCleaner by Xplode from here: http://www.bleepingcomputer.com/download/adwcleaner/ and save to your Desktop.

Double click on AdwCleaner.exe to run the tool.
Vista/Windows 7/8 users right-click and select Run As Administrator
Click on the Scan button.
AdwCleaner will begin...be patient as the scan may take some time to complete.
When it's done you'll see: Pending: Uncheck any elements you don't want removed.
Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
Look over the log especially under Files/Folders for any program you want to save.
If there's a program you want to save, just uncheck it from AdwCleaner.
If you're not sure, post the log for review.
If you're ready to clean it all up.....click the Clean button.
After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
Copy and paste the contents of that logfile in your next reply.
A copy of that logfile will also be saved in the C:\AdwCleaner folder.
Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
To restore an item that has been deleted (if necessary):
Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.

Next,

Download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

Kevin

poopadoop · December 11, 2013

Removed Utorrent as requested.

Log from AdwCleaner:

# AdwCleaner v3.015 - Report created 11/12/2013 at 11:00:15

# Updated 10/12/2013 by Xplode

# Operating System : Windows 7 Ultimate (64 bits)

# Username : middle3 - MIDDLE3-PC

# Running from : C:\Users\middle3\Downloads\AdwCleaner.exe

# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\boost_interprocess

Folder Deleted : C:\Program Files (x86)\Conduit

Folder Deleted : C:\Program Files (x86)\vShare.tv plugin

Folder Deleted : C:\Program Files (x86)\TVersitybar

Folder Deleted : C:\Users\middle3\AppData\Local\TVersitybar

Folder Deleted : C:\Users\middle3\AppData\LocalLow\Conduit

Folder Deleted : C:\Users\middle3\AppData\LocalLow\TVersitybar

Folder Deleted : C:\Users\middle3\AppData\Roaming\Mozilla\Firefox\Profiles\xvgmumcc.default\ConduitCommon

Folder Deleted : C:\Users\middle3\AppData\Roaming\Mozilla\Firefox\Profiles\xvgmumcc.default\CT2548838

Folder Deleted : C:\Users\middle3\AppData\Roaming\Mozilla\Firefox\Profiles\xvgmumcc.default\CT2818425

Folder Deleted : C:\Users\middle3\AppData\Roaming\Mozilla\Firefox\Profiles\xvgmumcc.default\Extensions\{66bd2442-241b-44cd-8c7a-b51037053cdb}

Folder Deleted : C:\Users\middle3\AppData\Roaming\Mozilla\Firefox\Profiles\xvgmumcc.default\Extensions\{7aeb3efd-e564-43f1-b658-5058a7c5743b}

File Deleted : C:\Program Files (x86)\Mozilla Firefox\Plugins\npvsharetvplg.dll

File Deleted : C:\Users\middle3\AppData\Roaming\Mozilla\Firefox\Profiles\xvgmumcc.default\user.js

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKCU\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj

Key Deleted : HKCU\Toolbar

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2548838

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1B48071-416D-474E-A13B-BE5456E7FC31}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66BD2442-241B-44CD-8C7A-B51037053CDB}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF5CCA33-B3B9-45C7-94B7-F5337B180DFA}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99C22A61-21BA-4F81-85FF-CDC9EB5DB10B}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{66BD2442-241B-44CD-8C7A-B51037053CDB}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{66BD2442-241B-44CD-8C7A-B51037053CDB}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{66BD2442-241B-44CD-8C7A-B51037053CDB}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF5CCA33-B3B9-45C7-94B7-F5337B180DFA}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8AA86949-9952-4379-B68A-436F1611B4CC}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{79A4ED95-600A-4E38-9E9C-B7120FB3D266}

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{66BD2442-241B-44CD-8C7A-B51037053CDB}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{66BD2442-241B-44CD-8C7A-B51037053CDB}]

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}

Key Deleted : HKCU\Software\Conduit

Key Deleted : HKCU\Software\FLEXnet

Key Deleted : HKCU\Software\SmartBar

Key Deleted : HKCU\Software\StartSearch

Key Deleted : HKCU\Software\vShare.tv

Key Deleted : HKCU\Software\TVersitybar

Key Deleted : HKCU\Software\AppDataLow\Toolbar

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit

Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes

Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar

Key Deleted : HKCU\Software\AppDataLow\Software\TVersitybar

Key Deleted : HKLM\Software\Conduit

Key Deleted : HKLM\Software\TVersitybar

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TVersitybar Toolbar

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16476

-\\ Mozilla Firefox v25.0.1 (en-US)

-\\ Google Chrome v

[ File : C:\Users\middle3\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage

*************************

AdwCleaner[R0].txt - [5564 octets] - [11/12/2013 10:57:17]

AdwCleaner[s0].txt - [5322 octets] - [11/12/2013 11:00:15]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [5382 octets] ##########

kevinf80 · December 11, 2013

Have you also ran FRST?

poopadoop · December 11, 2013

Sorry, comp crashed. Here it is:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-12-2013 01

Ran by middle3 at 2013-12-11 11:10:21

Running from C:\Users\middle3\Downloads

Boot Mode: Normal

==========================================================

==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

Update for Microsoft Office 2007 (KB2508958) (x32)

5Dimes (x32 Version: 16.6)

7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)

abgx360 v1.0.6 (x32)

Adobe AIR (x32 Version: 3.9.0.1030)

Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170)

Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.152)

AMD Accelerated Video Transcoding (Version: 12.5.100.21219)

AMD APP SDK Runtime (Version: 10.0.1084.4)

AMD AVIVO64 Codecs (Version: 11.6.0.10728)

AMD Drag and Drop Transcoding (Version: 2.00.0000)

AMD Fuel (Version: 2012.1219.1521.27485)

AMD Media Foundation Decoders (Version: 1.0.71219.1540)

AMD VISION Engine Control Center (x32 Version: 2012.1219.1521.27485)

AmericasCardroom (x32 Version: 16.0)

And Yet It Moves (x32)

ANNO 2070 (x32 Version: 1.0.0.0)

Apple Application Support (x32 Version: 2.3.6)

Apple Mobile Device Support (Version: 7.0.0.117)

Apple Software Update (x32 Version: 2.1.3.127)

Aquaria (x32)

ARMA 2 (x32)

Arma 2: DayZ Mod (x32)

ARMA 2: Operation Arrowhead (x32)

Arma 2: Operation Arrowhead Beta (x32)

Assassin's Creed ® III (x32 Version: 1.01)

Atom Zombie Smasher (x32)

avast! Free Antivirus (x32 Version: 9.0.2008)

Back to the Future: Ep 1 - It's About Time (x32)

Backgammon Snowie 4.7.1 (x32)

Batman Arkham City version 1.0 (x32 Version: 1.0)

BetDSI (x32 Version: 16.0)

BioShock (x32)

Bitcoin (HKCU Version: 0.8.1)

BlackChipPoker (x32 Version: 16.6)

BlackRoomPoker (HKCU Version: 03.43)

Blood Bowl: Chaos Edition (x32)

Bonjour (Version: 3.0.0.10)

Bookmaker (x32 Version: 16.6)

Bootstrapper (x32 Version: 1.1.2.0)

Borderlands 2 (x32)

Bovada Casino (x32 Version: )

BovadaPoker (x32 Version: )

Bulk Rename Utility 2.7.1.2

Cake Poker 2.0 (x32 Version: 2.0.1.6085)

CarbonPoker (HKCU Version: 5.0)

Catalyst Control Center - Branding (x32 Version: 1.00.0000)

Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1219.1521.27485)

Catalyst Control Center InstallProxy (x32 Version: 2012.1219.1521.27485)

Catalyst Control Center Localization All (x32 Version: 2012.1219.1521.27485)

CCC Help Chinese Standard (x32 Version: 2012.1219.1520.27485)

CCC Help Chinese Traditional (x32 Version: 2012.1219.1520.27485)

CCC Help Czech (x32 Version: 2012.1219.1520.27485)

CCC Help Danish (x32 Version: 2012.1219.1520.27485)

CCC Help Dutch (x32 Version: 2012.1219.1520.27485)

CCC Help English (x32 Version: 2012.1219.1520.27485)

CCC Help Finnish (x32 Version: 2012.1219.1520.27485)

CCC Help French (x32 Version: 2012.1219.1520.27485)

CCC Help German (x32 Version: 2012.1219.1520.27485)

CCC Help Greek (x32 Version: 2012.1219.1520.27485)

CCC Help Hungarian (x32 Version: 2012.1219.1520.27485)

CCC Help Italian (x32 Version: 2012.1219.1520.27485)

CCC Help Japanese (x32 Version: 2012.1219.1520.27485)

CCC Help Korean (x32 Version: 2012.1219.1520.27485)

CCC Help Norwegian (x32 Version: 2012.1219.1520.27485)

CCC Help Polish (x32 Version: 2012.1219.1520.27485)

CCC Help Portuguese (x32 Version: 2012.1219.1520.27485)

CCC Help Russian (x32 Version: 2012.1219.1520.27485)

CCC Help Spanish (x32 Version: 2012.1219.1520.27485)

CCC Help Swedish (x32 Version: 2012.1219.1520.27485)

CCC Help Thai (x32 Version: 2012.1219.1520.27485)

CCC Help Turkish (x32 Version: 2012.1219.1520.27485)

ccc-utility64 (Version: 2012.1219.1521.27485)

CCleaner (Version: 4.08)

ChicaPC-Shield version 1.75.0.1300 (x32 Version: 1.75.0.1300)

CloudReading (x32 Version: 1.0.31.1111)

Cogs (x32)

Combonator version 1.73 (x32 Version: 1.73)

ComicRack v0.9.168 (Version: v0.9.168)

Command and Conquer: Red Alert 3 - Uprising (x32)

Company of Heroes (x32)

Crayon Physics Deluxe (x32)

D3DX10 (x32 Version: 15.4.2368.0902)

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)

Defraggler (Version: 2.15)

DiRT 3 (x32)

Dishonored (x32)

Dont Starve (x32 Version: v1.78078)

Doom 3 BFG Edition (x32)

Dropbox (HKCU Version: 2.4.6)

Duke Nukem 3D: Megaton Edition (x32)

DVD Shrink 3.2 (x32)

f.lux (HKCU)

Far Cry 3 (x32 Version: 1.01)

ffdshow [rev 3154] [2009-12-09] (x32 Version: 1.0)

FINAL FANTASY VII (x32 Version: 1.0)

FlashFXP v4.1 (x32 Version: 4.1.8.1701)

Foxit Reader (x32 Version: 6.1.1.1031)

GameFly (x32 Version: 1.2.106)

Garmin USB Drivers (x32 Version: 2.3.1.0)

Gas Guzzlers Combat Carnage (x32)

GeForce Experience NvStream Client Components (Version: 1.6.28)

GIMP 2.6.11 (x32 Version: 2.6.11)

Gish (x32)

Google Chrome (HKCU Version: 31.0.1650.63)

Google Drive (x32 Version: 1.12.5329.1887)

Google Earth Plug-in (x32 Version: 7.1.1.1888)

Google Update Helper (x32 Version: 1.3.22.3)

Gunpoint (x32 Version: 2.0.0.0)

H&R Block Deluxe + Efile + State 2011 (x32 Version: 11.05.7102)

H&R Block Michigan 2010 (x32 Version: 1.10.3201)

H&R Block Michigan 2011 (x32 Version: 1.11.5401)

H&R Block Michigan 2012 (x32 Version: 1.12.6001)

H&R Block Premium + Efile + State 2010 (x32 Version: 10.06.6402)

H&R Block Premium + Efile + State 2012 (x32 Version: 12.07.7803)

Hammerfight (x32)

Hard Reset (x32)

Hector: Ep 1 (x32)

Holdem Manager

HP LaserJet Professional M1130-M1210 MFP Series

HP LaserJet Professional M1210 MFP Series Fax Installer (Version: 1.1.0)

HP LaserJet Professional M1210 MFP Series Toolbox (Version: 1.0.12)

HP LaserJet Toolbox (Version: 2.0.0)

hppLaserJetService (x32 Version: 001.003.000145)

hppM1130M1210SeriesLaserJetService (x32 Version: 001.003.00073)

hppusgM1130M1210Series (x32 Version: 1.0.0.2)

HPSSupply (x32 Version: 2.1.1.0000)

HydraVision (x32 Version: 4.2.210.0)

I Am Alive (x32 Version: 1.00.0)

ImgBurn (x32 Version: 2.5.6.0)

iTunes (Version: 11.1.3.8)

Java 7 Update 45 (x32 Version: 7.0.450)

Java Auto Updater (x32 Version: 2.1.9.8)

JavaFX 2.1.1 (x32 Version: 2.1.1)

Jet Set Radio (x32)

Joe Danger (x32)

Joe Danger 2 The Movie (x32)

Juicy Stakes 2.0 (x32 Version: 2.0.1.6793)

Junk Mail filter update (x32 Version: 16.4.3505.0912)

Kindle Previewer (HKCU Version: 2.92)

Left 4 Dead (x32)

Left 4 Dead 2 (x32)

LG PC Suite (x32 Version: 5.2.11.20121025)

LG United Mobile Drivers (x32 Version: 3.8.1)

LibreOffice 3.4 (x32 Version: 3.4.402)

Lock Poker (x32 Version: 1.0.10466)

Lugaru HD (x32)

Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)

MarketResearch (x32 Version: 130.0.374.000)

Media Player Classic - Home Cinema v1.5.2.3456 x64 (Version: 1.5.2.3456)

Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322)

Microsoft .NET Framework 1.1 (x32)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)

Microsoft .NET Framework 4 Extended (Version: 4.0.30319)

Microsoft Application Error Reporting (Version: 12.0.6015.5000)

Microsoft Calculator Plus (x32 Version: 1.0.0)

Microsoft Excel 2010 (x32 Version: 14.0.7015.1000)

Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0)

Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0)

Microsoft Office 2007 Service Pack 3 (SP3) (x32)

Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Excel 2010 (x32 Version: 14.0.7015.1000)

Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000)

Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)

Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)

Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000)

Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000)

Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000)

Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000)

Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014)

Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000)

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32)

Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000)

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)

Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000)

Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000)

Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Silverlight (Version: 5.1.20913.0)

Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)

Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)

Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)

Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (x32 Version: 9.0.30411)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)

Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1)

Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1)

Minitab 16 (x32 Version: 16.2.4)

Minitab Software Update Manager (x32 Version: 1.1.0.0)

Minitab16 (x32 Version: 16.2.4.0)

Minitab16 (x32 Version: 16.2.4.4)

mkv2vob (x32 Version: 2.4.9)

Moffsoft FreeCalc (x32 Version: 1.1)

Movie Maker (x32 Version: 16.4.3505.0912)

Mozilla Firefox 25.0.1 (x86 en-US) (x32 Version: 25.0.1)

Mozilla Maintenance Service (x32 Version: 24.1.1)

Mozilla Thunderbird 24.1.1 (x86 en-US) (x32 Version: 24.1.1)

MSVC80_x64_v2 (Version: 1.0.3.0)

MSVC80_x86_v2 (x32 Version: 1.0.3.0)

MSVC90_x64 (Version: 1.0.1.2)

MSVC90_x86 (x32 Version: 1.0.1.2)

MSVCRT (x32 Version: 15.4.2862.0708)

MSVCRT_amd64 (x32 Version: 15.4.2862.0708)

MSVCRT110 (x32 Version: 16.4.1108.0727)

MSVCRT110_amd64 (Version: 16.4.1109.0912)

MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)

MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)

MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0)

MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)

MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)

Neverwinter (x32)

Nexus Mod Manager (Version: 0.19.0)

NirSoft RegScanner (x32)

Nokia Connectivity Cable Driver (x32 Version: 7.1.101.0)

Nokia Suite (x32 Version: 3.7.22.0)

NoLimits Coasters 1.6 (remove only) (x32)

NVIDIA 3D Vision Controller Driver 331.65 (Version: 331.65)

NVIDIA 3D Vision Driver 331.65 (Version: 331.65)

NVIDIA Control Panel 331.65 (Version: 331.65)

NVIDIA GeForce Experience 1.7.1 (Version: 1.7.1)

NVIDIA Graphics Driver 331.65 (Version: 331.65)

NVIDIA Install Application (Version: 2.1002.140.952)

NVIDIA LED Visualizer 1.0 (Version: 1.0)

NVIDIA PhysX (x32 Version: 9.13.0725)

NVIDIA PhysX System Software 9.13.0725 (Version: 9.13.0725)

NVIDIA ShadowPlay 9.3.21 (Version: 9.3.21)

NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3165)

NVIDIA Update 9.3.21 (Version: 9.3.21)

NVIDIA Update Components (Version: 9.3.21)

NVIDIA Virtual Audio 1.2.9 (Version: 1.2.9)

OctaneVPN v0.1.279 (gb69fb82) (x32 Version: 0.1.279)

OpenOffice 4.0.1 (x32 Version: 4.01.9714)

OSM generic routable (x32)

Paint.NET v3.5.11 (Version: 3.61.0)

PC Connectivity Solution (x32 Version: 12.0.76.0)

Pdf995 (installed by H&R Block) (x32)

PdfEdit995 (installed by H&R Block) (x32)

PeerBlock 1.1 (r518) (Version: 1.1.0.518)

Penumbra: Overture (x32)

Photo Gallery (x32 Version: 16.4.3505.0912)

Picasa 3 (x32 Version: 3.9)

Players Only (HKCU Version: 6.0)

PlayersOnly.com (x32 Version: 1.0.0 (20100514.142051))

PlayersOnly.com (x32 Version: 1.0.0)

PlayOn (x32 Version: 3.6.2)

Poker Night at the Inventory (x32)

PokerCoach (x32)

PostgreSQL 8.4 (x32 Version: 8.4)

PunkBuster Services (x32 Version: 0.991)

Pure Poker 2.0 (x32 Version: 2.0.1.6964)

Puzzle Agent (x32)

Puzzle Agent 2 (x32)

Python 2.7.3 (64-bit) (Version: 2.7.3150)

R for Windows 3.0.2 (Version: 3.0.2)

Realtek Ethernet Controller Driver (x32 Version: 7.41.216.2011)

Red Faction: Armageddon (x32)

Resident Evil: Operation Raccoon City (x32 Version: 1.0.0.0)

Rochard (x32)

Saints Row: The Third (x32)

Sam & Max 301: The Penal Zone (x32)

Sam & Max 302: The Tomb of Sammun-Mak (x32)

Sam & Max 303: They Stole Max's Brain! (x32)

Sam & Max 304: Beyond the Alley of the Dolls (x32)

Sam & Max 305: The City that Dares not Sleep (x32)

Samorost 2 (x32)

Scan To (Version: 2.0.1)

Scribblenauts Unlimited (x32)

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32)

Shadowrun Returns (x32)

SHIELD Streaming (Version: 1.6.53)

Sid Meier's Civilization V (x32)

SoftwareManager (x32 Version: 1.1.0.0)

SopCast 2.0.4 (x32 Version: 2.0.4)

Source SDK Base 2007 (x32)

SportsBetting.ag Poker 8.2 (x32 Version: 8.2.8.201207191530)

Spotify (HKCU Version: 0.8.1.51.g11500dd6)

Spybot - Search & Destroy (x32 Version: 2.2.25)

StatKing (x32 Version: 2.510000)

Steam (x32 Version: 1.0.0.0)

Steel Storm: Burning Retribution (x32)

Stellarium 0.12.0 (Version: 0.12.0)

StreamTorrent 1.0 (x32)

System Shock 2 (x32)

Team Fortress 2 (x32)

TeamViewer 8 (x32 Version: 8.0.18051)

The Banner Saga: Factions (x32)

The Elder Scrolls V Skyrim - High Resolution Texture Pack (x32)

The Walking Dead (x32)

Titan Quest (x32)

True Poker (x32 Version: 16.6)

TrueCrypt (x32 Version: 7.1)

TSEV Skyrim LE (x32 Version: 2.0.0.0)

TuneUp Utilities 2012 (x32 Version: 12.0.2160.13)

TuneUp Utilities Language Pack (en-US) (x32 Version: 12.0.2160.13)

TVersity Codec Pack 1.7 (x32 Version: 1.7)

TVersity Media Server 2.3 (x32 Version: 2.3)

Ubisoft Game Launcher (x32 Version: 1.0.0.0)

UBitMenu UK (x32 Version: 01.04)

Ultimate Poker (x32 Version: 3.0.4273)

Unity Web Player (HKCU Version: )

Update for 2007 Microsoft Office System (KB967642) (x32)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)

Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32)

Update for Microsoft Office 2007 Help for Common Features (KB963673) (x32)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32)

Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32)

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32)

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2494150) (x32)

Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32)

Update for Microsoft Office Access 2007 Help (KB963663) (x32)

Update for Microsoft Office Excel 2007 Help (KB963678) (x32)

Update for Microsoft Office Infopath 2007 Help (KB963662) (x32)

Update for Microsoft Office OneNote 2007 Help (KB963670) (x32)

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32)

Update for Microsoft Office Outlook 2007 Help (KB963677) (x32)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2825642) 32-Bit Edition (x32)

Update for Microsoft Office Powerpoint 2007 Help (KB963669) (x32)

Update for Microsoft Office Publisher 2007 Help (KB963667) (x32)

Update for Microsoft Office Script Editor Help (KB963671) (x32)

Update for Microsoft Office Word 2007 Help (KB963665) (x32)

Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32)

Uplay (x32 Version: 2.0)

Veetle TV (x32 Version: 0.9.19)

VLC media player 2.1.1 (x32 Version: 2.1.1)

vShare.tv plugin 1.3 (x32 Version: 1.3) <==== ATTENTION

VVVVVV (x32)

Warbirds 2012 (x32 Version: 4.00 r1)

Warhammer 40,000: Dawn of War - Game of the Year Edition (x32)

WinDirStat 1.1.2 (HKCU)

Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (Version: 04/19/2012 2.3.1.0)

Windows Driver Package - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (Version: 05/31/2012 7.1.2.0)

Windows Driver Package - STMicroelectronics (STTub30) USB (11/09/2009 3.0.1.0) (Version: 11/09/2009 3.0.1.0)

Windows Live Communications Platform (x32 Version: 16.4.3505.0912)

Windows Live Essentials (x32 Version: 16.4.3505.0912)

Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)

Windows Live Installer (x32 Version: 16.4.3505.0912)

Windows Live Mail (x32 Version: 16.4.3505.0912)

Windows Live MIME IFilter (Version: 16.4.3505.0912)

Windows Live Photo Common (x32 Version: 16.4.3505.0912)

Windows Live PIMT Platform (x32 Version: 16.4.3505.0912)

Windows Live SOXE (x32 Version: 16.4.3505.0912)

Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912)

Windows Live UX Platform (x32 Version: 16.4.3505.0912)

Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912)

Windows Live Writer (x32 Version: 16.4.3505.0912)

Windows Live Writer Resources (x32 Version: 16.4.3505.0912)

Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8)

WinRAR 5.00 (64-bit) (Version: 5.00.0)

World of Goo (x32)

WSOP.com (x32)

XCOM: Enemy Unknown (x32)

Xilisoft DVD Ripper Platinum (x32 Version: 7.2.0.20120420)

Xilisoft DVD Ripper Platinum 6 (x32 Version: 6.5.2.0310)

Xiph.Org Open Codecs 0.85.17777 (x32 Version: 0.85.17777)

==================== Restore Points =========================

02-12-2013 17:38:53 Scheduled Checkpoint

10-12-2013 05:31:08 Scheduled Checkpoint

==================== Hosts content: ==========================

2009-07-13 21:34 - 2013-08-01 23:05 - 00000988 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 serial.alcohol-soft.com

127.0.0.1 www.alcohol-soft.com

127.0.0.1 images.alcohol-soft.com

127.0.0.1 trial.alcohol-soft.com

127.0.0.1 alcohol-soft.com

==================== Scheduled Tasks (whitelisted) =============

Task: {07F6FC3F-FCB3-4863-BA64-342F436C5137} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1526527927-2342081291-3310083387-1000UA => C:\Users\middle3\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-16] (Google Inc.)

Task: {1D41EA29-101B-462D-AFBB-00CBD6A929C5} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe

Task: {45FA362D-5340-44E5-86A7-5021CDFDE9C5} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-11-24] (AVAST Software)

Task: {66C66884-8C03-40C8-B9DE-4B8F9F4ED5C4} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe

Task: {74DF210E-619B-43B8-A328-E7E79A762B3E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)

Task: {74ED6477-2B02-401D-BC87-906C1B095C7A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe

Task: {8DBDBF27-8E97-4184-A1CC-D1794BF195A0} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2012 => C:\Program Files (x86)\TuneUp Utilities 2012\OneClick.exe [2011-12-14] (TuneUp Software)

Task: {97FB897E-8359-4C9E-B801-F2D581371339} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)

Task: {999E3448-01EE-4DFC-AD09-1F8313E0FEC5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1526527927-2342081291-3310083387-1000Core => C:\Users\middle3\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-16] (Google Inc.)

Task: {B02CD6F5-853C-4912-9199-A05FB7E2405B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated)

Task: {BFEEBC37-2304-4732-9731-14726E5B1D1F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-08] (Google Inc.)

Task: {D4741A62-CD39-45F3-B528-48125F2B5A96} - System32\Tasks\Minitab\Minitab Software Update Manager => C:\Program Files (x86)\Common Files\Minitab Shared\Software Manager\SoftwareManager.exe [2010-11-05] (Minitab)

Task: {E8C59240-3743-4226-AA6A-C9BECB7CC369} - System32\Tasks\Google Updater and Installer => C:\Users\middle3\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-16] (Google Inc.)

Task: {F9B127F0-545A-4678-93CA-D1B4324539C9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-08] (Google Inc.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1526527927-2342081291-3310083387-1000Core.job => C:\Users\middle3\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1526527927-2342081291-3310083387-1000UA.job => C:\Users\middle3\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-12-11 10:47 - 2013-12-11 06:31 - 02152448 _____ () C:\Program Files\AVAST Software\Avast\defs\13121100\algo.dll

2011-11-01 23:26 - 2011-11-01 23:26 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2011-11-01 23:26 - 2011-11-01 23:26 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2013-08-23 14:01 - 2013-08-23 14:01 - 25100288 _____ () C:\Users\middle3\AppData\Roaming\Dropbox\bin\libcef.dll

2013-11-24 01:05 - 2013-11-24 01:05 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

2013-12-10 23:35 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl

2013-12-10 23:35 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl

2013-09-20 11:22 - 2012-10-27 09:21 - 00027648 _____ () C:\Program Files (x86)\OctaneVPN\resources\bin\win32\octanevpnsrvc\servicemanager.pyd

2013-09-20 11:22 - 2012-10-27 09:20 - 00110080 _____ () C:\Program Files (x86)\OctaneVPN\resources\bin\win32\octanevpnsrvc\pywintypes27.dll

2013-09-20 11:22 - 2012-10-27 09:20 - 00042496 _____ () C:\Program Files (x86)\OctaneVPN\resources\bin\win32\octanevpnsrvc\win32service.pyd

2013-09-20 11:22 - 2012-10-27 09:21 - 00098816 _____ () C:\Program Files (x86)\OctaneVPN\resources\bin\win32\octanevpnsrvc\win32api.pyd

2013-09-20 11:22 - 2012-04-10 23:31 - 00285184 _____ () C:\Program Files (x86)\OctaneVPN\resources\bin\win32\octanevpnsrvc\_hashlib.pyd

2013-09-20 11:22 - 2012-10-27 09:20 - 00035840 _____ () C:\Program Files (x86)\OctaneVPN\resources\bin\win32\octanevpnsrvc\win32process.pyd

2013-09-20 11:22 - 2012-10-27 09:20 - 00108544 _____ () C:\Program Files (x86)\OctaneVPN\resources\bin\win32\octanevpnsrvc\win32security.pyd

2013-09-20 11:22 - 2012-10-27 09:20 - 00018432 _____ () C:\Program Files (x86)\OctaneVPN\resources\bin\win32\octanevpnsrvc\win32event.pyd

2013-09-20 11:22 - 2012-10-27 09:21 - 00033792 _____ () C:\Program Files (x86)\OctaneVPN\resources\bin\win32\octanevpnsrvc\win32evtlog.pyd

2013-09-20 11:22 - 2012-04-10 23:31 - 00074240 _____ () C:\Program Files (x86)\OctaneVPN\resources\bin\win32\octanevpnsrvc\_ctypes.pyd

2013-09-20 11:22 - 2012-04-10 23:31 - 00040960 _____ () C:\Program Files (x86)\OctaneVPN\resources\bin\win32\octanevpnsrvc\_socket.pyd

2013-09-20 11:22 - 2012-04-10 23:31 - 00721920 _____ () C:\Program Files (x86)\OctaneVPN\resources\bin\win32\octanevpnsrvc\_ssl.pyd

2013-09-20 11:22 - 2012-10-27 09:20 - 00119808 _____ () C:\Program Files (x86)\OctaneVPN\resources\bin\win32\octanevpnsrvc\win32file.pyd

2013-09-20 11:22 - 2012-10-27 09:20 - 00024064 _____ () C:\Program Files (x86)\OctaneVPN\resources\bin\win32\octanevpnsrvc\win32pipe.pyd

2013-12-10 23:35 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl

2013-12-10 23:35 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll

2013-12-10 23:35 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll

2013-12-05 20:06 - 2013-12-03 21:47 - 00702416 _____ () C:\Users\middle3\AppData\Local\Google\Chrome\Application\31.0.1650.63\libglesv2.dll

2013-12-05 20:06 - 2013-12-03 21:47 - 00099792 _____ () C:\Users\middle3\AppData\Local\Google\Chrome\Application\31.0.1650.63\libegl.dll

2013-12-05 20:06 - 2013-12-03 21:48 - 04055504 _____ () C:\Users\middle3\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll

2013-12-05 20:06 - 2013-12-03 21:48 - 00399312 _____ () C:\Users\middle3\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll

2013-12-05 20:06 - 2013-12-03 21:47 - 01619408 _____ () C:\Users\middle3\AppData\Local\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Program Files (x86)\Cake Poker 2.0:MID

AlternateDataStreams: C:\Program Files (x86)\Juicy Stakes 2.0:MID

AlternateDataStreams: C:\Program Files (x86)\Lock Poker:MID

==================== Safe Mode (whitelisted) ===================

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:

==================

Error: (12/11/2013 11:05:55 AM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest3.