Jump to content

Not sure if I cleaned everything out


Recommended Posts

Found a bitcoin miner trojan and now I'm nervous.  Getting clean reports from malwarebytes now.

 

Here are the DDS log files:

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 9.0.8112.16476  BrowserJavaVersion: 10.45.2
Run by middle3 at 1:18:57 on 2013-12-11
Microsoft® Windows 7 Eternity™ 2009   6.1.7600.0.1252.1.1033.18.8190.5037 [GMT -5:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\atieclxx.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\ChicaLogic\ChicaPC-Shield\cpcsscheduler.exe
C:\Program Files (x86)\ChicaLogic\ChicaPC-Shield\cpcsservice.exe
C:\Program Files (x86)\ChicaLogic\ChicaPC-Shield\cpcsgui.exe
C:\Windows\system32\hasplms.exe
C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe
C:\Windows\system32\HPSIsvc.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\OctaneVPN\resources\bin\win32\octanevpnsrvc\octanevpnsrvc.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files\TrueCrypt\TrueCrypt.exe
C:\Users\middle3\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\WUDFHost.exe
C:\Users\middle3\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Users\middle3\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\middle3\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\middle3\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\middle3\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\middle3\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\middle3\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\middle3\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\middle3\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\middle3\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\middle3\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\middle3\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\middle3\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\middle3\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\middle3\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\middle3\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\middle3\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\middle3\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\middle3\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\middle3\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\middle3\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uURLSearchHooks: {7aeb3efd-e564-43f1-b658-5058a7c5743b} - <orphaned>
uURLSearchHooks: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - <orphaned>
mURLSearchHooks: TVersitybar Toolbar: {66bd2442-241b-44cd-8c7a-b51037053cdb} - C:\Program Files (x86)\TVersitybar\prxtbTVe2.dll
mWinlogon: Userinit = userinit.exe,
BHO: TVersitybar Toolbar: {66bd2442-241b-44cd-8c7a-b51037053cdb} - C:\Program Files (x86)\TVersitybar\prxtbTVe2.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: TVersitybar Toolbar: {66BD2442-241B-44CD-8C7A-B51037053CDB} - C:\Program Files (x86)\TVersitybar\prxtbTVe2.dll
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [TrueCrypt] "C:\Program Files\TrueCrypt\TrueCrypt.exe" /q preferences /a logon
uRun: [F.lux] "C:\Users\middle3\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [20131121] C:\Program Files\AVAST Software\Avast\setup\emupdate\a102b0a6-59fb-4ba5-8ee8-09a617fcd9f9.exe /check
mRun: [sDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
dRun: [Welcome Center] C:\Windows\System32\rundll32.exe C:\Windows\System32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut
StartupFolder: C:\Users\middle3\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\middle3\AppData\Roaming\Dropbox\bin\Dropbox.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:0
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-Explorer: NoResolveTrack = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoSMBalloonTip = dword:1
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{B3683E42-7BDE-4AFC-ADCE-74EFB90B0039} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{BB18DC45-D884-4C04-A36C-4AA148E4C82F} : DHCPNameServer = 10.1.2.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
x64-Run: [shadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - 
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-3-15 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-3-15 205320]
R0 vididr;Acronis Virtual Disk;C:\Windows\System32\drivers\vididr.sys [2013-5-7 210016]
R0 vidsflt53;Acronis Disk Storage Filter (53);C:\Windows\System32\drivers\vsflt53.sys [2013-5-7 141920]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2011-12-30 1032416]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2011-12-30 409832]
R2 aksdf;aksdf;C:\Windows\System32\drivers\aksdf.sys [2013-1-10 91784]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-12-19 240640]
R2 AODDriver4.01;AODDriver4.01;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-4-9 57472]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2011-12-30 38984]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2011-12-30 84328]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-11-24 50344]
R2 CPCSScheduler;CPCSScheduler;C:\Program Files (x86)\ChicaLogic\ChicaPC-Shield\cpcsscheduler.exe [2013-12-10 418376]
R2 CPCSService;CPCSService;C:\Program Files (x86)\ChicaLogic\ChicaPC-Shield\cpcsservice.exe [2013-12-10 701512]
R2 hasplms;Sentinel LDK License Manager;C:\Windows\System32\hasplms.exe  -run --> C:\Windows\System32\hasplms.exe  -run [?]
R2 HPM1210RcvFaxSrvc;HP LaserJet Professional M1210 MFP Series Receive Fax Service;C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [2010-5-11 362296]
R2 HPSIService;HP SI Service;C:\Windows\System32\HPSIsvc.exe [2012-1-1 126520]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-10-21 15125280]
R2 OctaneVPNSrvc;OctaneVPN Service;C:\Program Files (x86)\OctaneVPN\resources\bin\win32\octanevpnsrvc\octanevpnsrvc.exe [2013-9-20 822444]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-12-10 3921880]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-12-10 1042272]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-12-10 171416]
R2 StarWindServiceAE;StarWind AE Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-5-28 275968]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-10-23 414496]
R2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-5-31 3574624]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2011-12-14 2123584]
R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2011-12-30 46136]
R3 CPCSProtector;CPCSProtector;C:\Windows\System32\drivers\cpcs.sys [2013-12-10 25928]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2013-10-31 39200]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-12-12 11856]
S2 AODDriver4.2;AODDriver4.2;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-4-9 57472]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 AndNetDiag;LGE AndroidNet USB Serial Port;C:\Windows\System32\drivers\lgandnetdiag64.sys [2012-7-3 29184]
S3 ANDNetModem;LGE AndroidNet USB Modem;C:\Windows\System32\drivers\lgandnetmodem64.sys [2012-7-3 36352]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-11-6 96256]
S3 nmwcdnsucx64;Nokia USB Flashing Generic;C:\Windows\System32\drivers\nmwcdnsucx64.sys [2012-11-9 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent;C:\Windows\System32\drivers\nmwcdnsux64.sys [2012-11-9 171008]
S3 PSKMAD;PSKMAD;C:\Windows\System32\drivers\PSKMAD.sys [2013-10-30 47632]
S3 STTub30;USB Driver for Tube device v3.0.1.0;C:\Windows\System32\drivers\STTub30.sys [2012-2-23 44080]
S4 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-12-19 361984]
S4 MediaMall Server;MediaMall Server;C:\Program Files (x86)\MediaMall\MediaMallServer.exe [2012-9-27 3940144]
.
=============== Created Last 30 ================
.
2013-12-11 04:35:18 21040 ----a-w- C:\Windows\System32\sdnclean64.exe
2013-12-11 04:35:12 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-12-10 19:00:53 -------- d-----w- C:\Users\middle3\AppData\Roaming\Glarysoft Giveaway
2013-12-10 18:59:35 -------- d-----w- C:\Users\middle3\AppData\Roaming\ChicaLogic
2013-12-10 18:59:30 -------- d-----w- C:\ProgramData\ChicaLogic
2013-12-10 18:59:29 25928 ----a-w- C:\Windows\System32\drivers\cpcs.sys
2013-12-10 18:59:29 -------- d-----w- C:\Program Files (x86)\ChicaLogic
2013-12-07 06:49:32 -------- d-----w- C:\ProgramData\PokerCoach
2013-12-07 06:46:59 -------- d-----w- C:\Program Files (x86)\PokerCoach
2013-12-07 06:31:02 210032 ----a-w- C:\Windows\SysWow64\DBCLIENT.DLL
2013-12-07 06:31:02 183808 ----a-w- C:\Windows\SysWow64\BDEADMIN.CPL
2013-12-07 06:31:02 -------- d-----w- C:\Program Files (x86)\Common Files\Borland Shared
2013-12-07 06:30:55 -------- d-----w- C:\Snowie Documents
2013-12-07 06:30:55 -------- d-----w- C:\Program Files (x86)\SnowieGroup
2013-11-29 16:41:23 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-29 16:41:23 -------- d-----w- C:\Program Files\iTunes
2013-11-29 16:41:23 -------- d-----w- C:\Program Files\iPod
2013-11-29 16:41:23 -------- d-----w- C:\Program Files (x86)\iTunes
2013-11-24 06:11:29 -------- d-----w- C:\Users\middle3\AppData\Roaming\AVAST Software
2013-11-20 00:17:33 -------- d-----w- C:\Users\middle3\AppData\Local\NVIDIA Corporation
2013-11-19 22:37:44 216064 ----a-w- C:\Windows\SysWow64\gcapi_dll.dll
2013-11-15 05:54:10 -------- d-----w- C:\Users\middle3\AppData\Local\webkit
2013-11-15 05:52:58 -------- d-----w- C:\Users\middle3\.kindle
2013-11-15 05:51:01 -------- d-----w- C:\Users\middle3\AppData\Local\Amazon
.
==================== Find3M  ====================
.
2013-11-29 16:39:29 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-29 16:39:29 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-11-24 06:05:40 92544 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2013-11-24 06:05:40 84328 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2013-11-24 06:05:40 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2013-11-24 06:05:40 43152 ----a-w- C:\Windows\avastSS.scr
2013-11-24 06:05:40 205320 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2013-11-24 06:05:40 1032416 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2013-11-08 20:47:40 1064224 ----a-w- C:\Windows\System32\nvspcap64.dll
2013-11-08 20:47:39 955168 ----a-w- C:\Windows\SysWow64\nvspcap.dll
2013-10-23 08:20:08 6669600 ----a-w- C:\Windows\System32\nvcpl.dll
2013-10-23 08:20:07 3489568 ----a-w- C:\Windows\System32\nvsvc64.dll
2013-10-23 08:20:05 922912 ----a-w- C:\Windows\System32\nvvsvc.exe
2013-10-23 08:20:05 63776 ----a-w- C:\Windows\System32\nvshext.dll
2013-10-23 08:20:05 219424 ----a-w- C:\Windows\System32\nvmctray.dll
2013-10-23 07:02:36 589600 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2013-10-16 00:48:05 1884448 ----a-w- C:\Windows\System32\nvdispco6433158.dll
2013-10-16 00:48:05 1511712 ----a-w- C:\Windows\System32\nvdispgenco6433158.dll
2013-10-08 11:50:37 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-09-27 23:01:44 39200 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys
2013-09-27 23:01:38 29984 ----a-w- C:\Windows\System32\nvaudcap64v.dll
2013-09-27 23:01:38 28960 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll
.
============= FINISH:  1:19:13.16 ===============
 
 
 

attach.txt

Link to post
Share on other sites

Hello and post-32477-1261866970.gif

 

P2P/Piracy Warning:

 

   

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

Next,

 

Download AdwCleaner by Xplode from here: http://www.bleepingcomputer.com/download/adwcleaner/ and save to your Desktop.

 

  • Double click on AdwCleaner.exe to run the tool.
  • Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Uncheck any elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review.
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted (if necessary):
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.

 

Next,

 

Download Farbar Recovery Scan Tool and save it to your desktop.

 

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

Kevin

Link to post
Share on other sites

Removed Utorrent as requested.

 

Log from AdwCleaner:

 

# AdwCleaner v3.015 - Report created 11/12/2013 at 11:00:15
# Updated 10/12/2013 by Xplode
# Operating System : Windows 7 Ultimate  (64 bits)
# Username : middle3 - MIDDLE3-PC
# Running from : C:\Users\middle3\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\vShare.tv plugin
Folder Deleted : C:\Program Files (x86)\TVersitybar
Folder Deleted : C:\Users\middle3\AppData\Local\TVersitybar
Folder Deleted : C:\Users\middle3\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\middle3\AppData\LocalLow\TVersitybar
Folder Deleted : C:\Users\middle3\AppData\Roaming\Mozilla\Firefox\Profiles\xvgmumcc.default\ConduitCommon
Folder Deleted : C:\Users\middle3\AppData\Roaming\Mozilla\Firefox\Profiles\xvgmumcc.default\CT2548838
Folder Deleted : C:\Users\middle3\AppData\Roaming\Mozilla\Firefox\Profiles\xvgmumcc.default\CT2818425
Folder Deleted : C:\Users\middle3\AppData\Roaming\Mozilla\Firefox\Profiles\xvgmumcc.default\Extensions\{66bd2442-241b-44cd-8c7a-b51037053cdb}
Folder Deleted : C:\Users\middle3\AppData\Roaming\Mozilla\Firefox\Profiles\xvgmumcc.default\Extensions\{7aeb3efd-e564-43f1-b658-5058a7c5743b}
File Deleted : C:\Program Files (x86)\Mozilla Firefox\Plugins\npvsharetvplg.dll
File Deleted : C:\Users\middle3\AppData\Roaming\Mozilla\Firefox\Profiles\xvgmumcc.default\user.js
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKCU\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj
Key Deleted : HKCU\Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2548838
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66BD2442-241B-44CD-8C7A-B51037053CDB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF5CCA33-B3B9-45C7-94B7-F5337B180DFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99C22A61-21BA-4F81-85FF-CDC9EB5DB10B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{66BD2442-241B-44CD-8C7A-B51037053CDB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{66BD2442-241B-44CD-8C7A-B51037053CDB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{66BD2442-241B-44CD-8C7A-B51037053CDB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF5CCA33-B3B9-45C7-94B7-F5337B180DFA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8AA86949-9952-4379-B68A-436F1611B4CC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{79A4ED95-600A-4E38-9E9C-B7120FB3D266}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{66BD2442-241B-44CD-8C7A-B51037053CDB}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{66BD2442-241B-44CD-8C7A-B51037053CDB}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\FLEXnet
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKCU\Software\vShare.tv
Key Deleted : HKCU\Software\TVersitybar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\TVersitybar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\TVersitybar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TVersitybar Toolbar
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v9.0.8112.16476
 
 
-\\ Mozilla Firefox v25.0.1 (en-US)
 
-\\ Google Chrome v
 
[ File : C:\Users\middle3\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted : homepage
 
*************************
 
AdwCleaner[R0].txt - [5564 octets] - [11/12/2013 10:57:17]
AdwCleaner[s0].txt - [5322 octets] - [11/12/2013 11:00:15]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [5382 octets] ##########
Link to post
Share on other sites
Sorry, comp crashed.  Here it is:


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-12-2013 01

Ran by middle3 at 2013-12-11 11:10:21

Running from C:\Users\middle3\Downloads

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

 

==================== Installed Programs ======================

 

 Update for Microsoft Office 2007 (KB2508958) (x32)

5Dimes (x32 Version: 16.6)

7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)

abgx360 v1.0.6 (x32)

Adobe AIR (x32 Version: 3.9.0.1030)

Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170)

Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.152)

AMD Accelerated Video Transcoding (Version: 12.5.100.21219)

AMD APP SDK Runtime (Version: 10.0.1084.4)

AMD AVIVO64 Codecs (Version: 11.6.0.10728)

AMD Drag and Drop Transcoding (Version: 2.00.0000)

AMD Fuel (Version: 2012.1219.1521.27485)

AMD Media Foundation Decoders (Version: 1.0.71219.1540)

AMD VISION Engine Control Center (x32 Version: 2012.1219.1521.27485)

AmericasCardroom (x32 Version: 16.0)

And Yet It Moves (x32)

ANNO 2070 (x32 Version: 1.0.0.0)

Apple Application Support (x32 Version: 2.3.6)

Apple Mobile Device Support (Version: 7.0.0.117)

Apple Software Update (x32 Version: 2.1.3.127)

Aquaria (x32)

ARMA 2 (x32)

Arma 2: DayZ Mod (x32)

ARMA 2: Operation Arrowhead (x32)

Arma 2: Operation Arrowhead Beta (x32)

Assassin's Creed ® III (x32 Version: 1.01)

Atom Zombie Smasher  (x32)

avast! Free Antivirus (x32 Version: 9.0.2008)

Back to the Future: Ep 1 - It's About Time (x32)

Backgammon Snowie 4.7.1 (x32)

Batman Arkham City version 1.0 (x32 Version: 1.0)

BetDSI (x32 Version: 16.0)

BioShock (x32)

Bitcoin (HKCU Version: 0.8.1)

BlackChipPoker (x32 Version: 16.6)

BlackRoomPoker (HKCU Version: 03.43)

Blood Bowl: Chaos Edition (x32)

Bonjour (Version: 3.0.0.10)

Bookmaker (x32 Version: 16.6)

Bootstrapper (x32 Version: 1.1.2.0)

Borderlands 2 (x32)

Bovada Casino (x32 Version: )

BovadaPoker (x32 Version:  )

Bulk Rename Utility 2.7.1.2

Cake Poker 2.0 (x32 Version: 2.0.1.6085)

CarbonPoker (HKCU Version: 5.0)

Catalyst Control Center - Branding (x32 Version: 1.00.0000)

Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1219.1521.27485)

Catalyst Control Center InstallProxy (x32 Version: 2012.1219.1521.27485)

Catalyst Control Center Localization All (x32 Version: 2012.1219.1521.27485)

CCC Help Chinese Standard (x32 Version: 2012.1219.1520.27485)

CCC Help Chinese Traditional (x32 Version: 2012.1219.1520.27485)

CCC Help Czech (x32 Version: 2012.1219.1520.27485)

CCC Help Danish (x32 Version: 2012.1219.1520.27485)

CCC Help Dutch (x32 Version: 2012.1219.1520.27485)

CCC Help English (x32 Version: 2012.1219.1520.27485)

CCC Help Finnish (x32 Version: 2012.1219.1520.27485)

CCC Help French (x32 Version: 2012.1219.1520.27485)

CCC Help German (x32 Version: 2012.1219.1520.27485)

CCC Help Greek (x32 Version: 2012.1219.1520.27485)

CCC Help Hungarian (x32 Version: 2012.1219.1520.27485)

CCC Help Italian (x32 Version: 2012.1219.1520.27485)

CCC Help Japanese (x32 Version: 2012.1219.1520.27485)

CCC Help Korean (x32 Version: 2012.1219.1520.27485)

CCC Help Norwegian (x32 Version: 2012.1219.1520.27485)

CCC Help Polish (x32 Version: 2012.1219.1520.27485)

CCC Help Portuguese (x32 Version: 2012.1219.1520.27485)

CCC Help Russian (x32 Version: 2012.1219.1520.27485)

CCC Help Spanish (x32 Version: 2012.1219.1520.27485)

CCC Help Swedish (x32 Version: 2012.1219.1520.27485)

CCC Help Thai (x32 Version: 2012.1219.1520.27485)

CCC Help Turkish (x32 Version: 2012.1219.1520.27485)

ccc-utility64 (Version: 2012.1219.1521.27485)

CCleaner (Version: 4.08)

ChicaPC-Shield version 1.75.0.1300 (x32 Version: 1.75.0.1300)

CloudReading (x32 Version: 1.0.31.1111)

Cogs (x32)

Combonator version 1.73 (x32 Version: 1.73)

ComicRack v0.9.168 (Version: v0.9.168)

Command and Conquer: Red Alert 3 - Uprising (x32)

Company of Heroes (x32)

Crayon Physics Deluxe (x32)

D3DX10 (x32 Version: 15.4.2368.0902)

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)

Defraggler (Version: 2.15)

DiRT 3 (x32)

Dishonored (x32)

Dont Starve (x32 Version: v1.78078)

Doom 3 BFG Edition (x32)

Dropbox (HKCU Version: 2.4.6)

Duke Nukem 3D: Megaton Edition (x32)

DVD Shrink 3.2 (x32)

f.lux (HKCU)

Far Cry 3 (x32 Version: 1.01)

ffdshow [rev 3154] [2009-12-09] (x32 Version: 1.0)

FINAL FANTASY VII (x32 Version: 1.0)

FlashFXP v4.1 (x32 Version: 4.1.8.1701)

Foxit Reader (x32 Version: 6.1.1.1031)

GameFly (x32 Version: 1.2.106)

Garmin USB Drivers (x32 Version: 2.3.1.0)

Gas Guzzlers Combat Carnage (x32)

GeForce Experience NvStream Client Components (Version: 1.6.28)

GIMP 2.6.11 (x32 Version: 2.6.11)

Gish (x32)

Google Chrome (HKCU Version: 31.0.1650.63)

Google Drive (x32 Version: 1.12.5329.1887)

Google Earth Plug-in (x32 Version: 7.1.1.1888)

Google Update Helper (x32 Version: 1.3.22.3)

Gunpoint (x32 Version: 2.0.0.0)

H&R Block Deluxe + Efile + State 2011 (x32 Version: 11.05.7102)

H&R Block Michigan 2010 (x32 Version: 1.10.3201)

H&R Block Michigan 2011 (x32 Version: 1.11.5401)

H&R Block Michigan 2012 (x32 Version: 1.12.6001)

H&R Block Premium + Efile + State 2010 (x32 Version: 10.06.6402)

H&R Block Premium + Efile + State 2012 (x32 Version: 12.07.7803)

Hammerfight (x32)

Hard Reset (x32)

Hector: Ep 1 (x32)

Holdem Manager

HP LaserJet Professional M1130-M1210 MFP Series

HP LaserJet Professional M1210 MFP Series Fax Installer (Version: 1.1.0)

HP LaserJet Professional M1210 MFP Series Toolbox (Version: 1.0.12)

HP LaserJet Toolbox (Version: 2.0.0)

hppLaserJetService (x32 Version: 001.003.000145)

hppM1130M1210SeriesLaserJetService (x32 Version: 001.003.00073)

hppusgM1130M1210Series (x32 Version: 1.0.0.2)

HPSSupply (x32 Version: 2.1.1.0000)

HydraVision (x32 Version: 4.2.210.0)

I Am Alive (x32 Version: 1.00.0)

ImgBurn (x32 Version: 2.5.6.0)

iTunes (Version: 11.1.3.8)

Java 7 Update 45 (x32 Version: 7.0.450)

Java Auto Updater (x32 Version: 2.1.9.8)

JavaFX 2.1.1 (x32 Version: 2.1.1)

Jet Set Radio (x32)

Joe Danger (x32)

Joe Danger 2 The Movie (x32)

Juicy Stakes 2.0 (x32 Version: 2.0.1.6793)

Junk Mail filter update (x32 Version: 16.4.3505.0912)

Kindle Previewer (HKCU Version: 2.92)

Left 4 Dead (x32)

Left 4 Dead 2 (x32)

LG PC Suite (x32 Version: 5.2.11.20121025)

LG United Mobile Drivers (x32 Version: 3.8.1)

LibreOffice 3.4 (x32 Version: 3.4.402)

Lock Poker (x32 Version: 1.0.10466)

Lugaru HD  (x32)

Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)

MarketResearch (x32 Version: 130.0.374.000)

Media Player Classic - Home Cinema v1.5.2.3456 x64 (Version: 1.5.2.3456)

Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322)

Microsoft .NET Framework 1.1 (x32)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)

Microsoft .NET Framework 4 Extended (Version: 4.0.30319)

Microsoft Application Error Reporting (Version: 12.0.6015.5000)

Microsoft Calculator Plus (x32 Version: 1.0.0)

Microsoft Excel 2010 (x32 Version: 14.0.7015.1000)

Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0)

Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0)

Microsoft Office 2007 Service Pack 3 (SP3) (x32)

Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Excel 2010 (x32 Version: 14.0.7015.1000)

Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000)

Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)

Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)

Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000)

Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000)

Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000)

Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000)

Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014)

Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000)

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32)

Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000)

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)

Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000)

Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000)

Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Silverlight (Version: 5.1.20913.0)

Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)

Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)

Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)

Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (x32 Version: 9.0.30411)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)

Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1)

Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1)

Minitab 16 (x32 Version: 16.2.4)

Minitab Software Update Manager (x32 Version: 1.1.0.0)

Minitab16 (x32 Version: 16.2.4.0)

Minitab16 (x32 Version: 16.2.4.4)

mkv2vob (x32 Version: 2.4.9)

Moffsoft FreeCalc (x32 Version: 1.1)

Movie Maker (x32 Version: 16.4.3505.0912)

Mozilla Firefox 25.0.1 (x86 en-US) (x32 Version: 25.0.1)

Mozilla Maintenance Service (x32 Version: 24.1.1)

Mozilla Thunderbird 24.1.1 (x86 en-US) (x32 Version: 24.1.1)

MSVC80_x64_v2 (Version: 1.0.3.0)

MSVC80_x86_v2 (x32 Version: 1.0.3.0)

MSVC90_x64 (Version: 1.0.1.2)

MSVC90_x86 (x32 Version: 1.0.1.2)

MSVCRT (x32 Version: 15.4.2862.0708)

MSVCRT_amd64 (x32 Version: 15.4.2862.0708)

MSVCRT110 (x32 Version: 16.4.1108.0727)

MSVCRT110_amd64 (Version: 16.4.1109.0912)

MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)

MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)

MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0)

MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)

MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)

Neverwinter (x32)

Nexus Mod Manager (Version: 0.19.0)

NirSoft RegScanner (x32)

Nokia Connectivity Cable Driver (x32 Version: 7.1.101.0)

Nokia Suite (x32 Version: 3.7.22.0)

NoLimits Coasters 1.6 (remove only) (x32)

NVIDIA 3D Vision Controller Driver 331.65 (Version: 331.65)

NVIDIA 3D Vision Driver 331.65 (Version: 331.65)

NVIDIA Control Panel 331.65 (Version: 331.65)

NVIDIA GeForce Experience 1.7.1 (Version: 1.7.1)

NVIDIA Graphics Driver 331.65 (Version: 331.65)

NVIDIA Install Application (Version: 2.1002.140.952)

NVIDIA LED Visualizer 1.0 (Version: 1.0)

NVIDIA PhysX (x32 Version: 9.13.0725)

NVIDIA PhysX System Software 9.13.0725 (Version: 9.13.0725)

NVIDIA ShadowPlay 9.3.21 (Version: 9.3.21)

NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3165)

NVIDIA Update 9.3.21 (Version: 9.3.21)

NVIDIA Update Components (Version: 9.3.21)

NVIDIA Virtual Audio 1.2.9 (Version: 1.2.9)

OctaneVPN v0.1.279 (gb69fb82) (x32 Version: 0.1.279)

OpenOffice 4.0.1 (x32 Version: 4.01.9714)

OSM generic routable (x32)

Paint.NET v3.5.11 (Version: 3.61.0)

PC Connectivity Solution (x32 Version: 12.0.76.0)

Pdf995 (installed by H&R Block) (x32)

PdfEdit995 (installed by H&R Block) (x32)

PeerBlock 1.1 (r518) (Version: 1.1.0.518)

Penumbra: Overture (x32)

Photo Gallery (x32 Version: 16.4.3505.0912)

Picasa 3 (x32 Version: 3.9)

Players Only (HKCU Version: 6.0)

PlayersOnly.com (x32 Version: 1.0.0 (20100514.142051))

PlayersOnly.com (x32 Version: 1.0.0)

PlayOn (x32 Version: 3.6.2)

Poker Night at the Inventory (x32)

PokerCoach (x32)

PostgreSQL 8.4 (x32 Version: 8.4)

PunkBuster Services (x32 Version: 0.991)

Pure Poker 2.0 (x32 Version: 2.0.1.6964)

Puzzle Agent (x32)

Puzzle Agent 2 (x32)

Python 2.7.3 (64-bit) (Version: 2.7.3150)

R for Windows 3.0.2 (Version: 3.0.2)

Realtek Ethernet Controller Driver (x32 Version: 7.41.216.2011)

Red Faction: Armageddon (x32)

Resident Evil: Operation Raccoon City (x32 Version: 1.0.0.0)

Rochard (x32)

Saints Row: The Third (x32)

Sam & Max 301: The Penal Zone (x32)

Sam & Max 302: The Tomb of Sammun-Mak (x32)

Sam & Max 303: They Stole Max's Brain! (x32)

Sam & Max 304: Beyond the Alley of the Dolls (x32)

Sam & Max 305: The City that Dares not Sleep (x32)

Samorost 2 (x32)

Scan To (Version: 2.0.1)

Scribblenauts Unlimited (x32)

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32)

Shadowrun Returns (x32)

SHIELD Streaming (Version: 1.6.53)

Sid Meier's Civilization V (x32)

SoftwareManager (x32 Version: 1.1.0.0)

SopCast 2.0.4 (x32 Version: 2.0.4)

Source SDK Base 2007 (x32)

SportsBetting.ag Poker 8.2 (x32 Version: 8.2.8.201207191530)

Spotify (HKCU Version: 0.8.1.51.g11500dd6)

Spybot - Search & Destroy (x32 Version: 2.2.25)

StatKing (x32 Version: 2.510000)

Steam (x32 Version: 1.0.0.0)

Steel Storm: Burning Retribution (x32)

Stellarium 0.12.0 (Version: 0.12.0)

StreamTorrent 1.0 (x32)

System Shock 2 (x32)

Team Fortress 2 (x32)

TeamViewer 8 (x32 Version: 8.0.18051)

The Banner Saga: Factions (x32)

The Elder Scrolls V Skyrim - High Resolution Texture Pack (x32)

The Walking Dead (x32)

Titan Quest (x32)

True Poker (x32 Version: 16.6)

TrueCrypt (x32 Version: 7.1)

TSEV Skyrim LE (x32 Version: 2.0.0.0)

TuneUp Utilities 2012 (x32 Version: 12.0.2160.13)

TuneUp Utilities Language Pack (en-US) (x32 Version: 12.0.2160.13)

TVersity Codec Pack 1.7 (x32 Version: 1.7)

TVersity Media Server 2.3 (x32 Version: 2.3)

Ubisoft Game Launcher (x32 Version: 1.0.0.0)

UBitMenu UK (x32 Version: 01.04)

Ultimate Poker (x32 Version: 3.0.4273)

Unity Web Player (HKCU Version: )

Update for 2007 Microsoft Office System (KB967642) (x32)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)

Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32)

Update for Microsoft Office 2007 Help for Common Features (KB963673) (x32)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32)

Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32)

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32)

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2494150) (x32)

Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32)

Update for Microsoft Office Access 2007 Help (KB963663) (x32)

Update for Microsoft Office Excel 2007 Help (KB963678) (x32)

Update for Microsoft Office Infopath 2007 Help (KB963662) (x32)

Update for Microsoft Office OneNote 2007 Help (KB963670) (x32)

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32)

Update for Microsoft Office Outlook 2007 Help (KB963677) (x32)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2825642) 32-Bit Edition (x32)

Update for Microsoft Office Powerpoint 2007 Help (KB963669) (x32)

Update for Microsoft Office Publisher 2007 Help (KB963667) (x32)

Update for Microsoft Office Script Editor Help (KB963671) (x32)

Update for Microsoft Office Word 2007 Help (KB963665) (x32)

Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32)

Uplay (x32 Version: 2.0)

Veetle TV (x32 Version: 0.9.19)

VLC media player 2.1.1 (x32 Version: 2.1.1)

vShare.tv plugin 1.3 (x32 Version: 1.3) <==== ATTENTION

VVVVVV (x32)

Warbirds 2012 (x32 Version: 4.00 r1)

Warhammer 40,000: Dawn of War - Game of the Year Edition (x32)

WinDirStat 1.1.2 (HKCU)

Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (Version: 04/19/2012 2.3.1.0)

Windows Driver Package - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (Version: 05/31/2012 7.1.2.0)

Windows Driver Package - STMicroelectronics (STTub30) USB  (11/09/2009 3.0.1.0) (Version: 11/09/2009 3.0.1.0)

Windows Live Communications Platform (x32 Version: 16.4.3505.0912)

Windows Live Essentials (x32 Version: 16.4.3505.0912)

Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)

Windows Live Installer (x32 Version: 16.4.3505.0912)

Windows Live Mail (x32 Version: 16.4.3505.0912)

Windows Live MIME IFilter (Version: 16.4.3505.0912)

Windows Live Photo Common (x32 Version: 16.4.3505.0912)

Windows Live PIMT Platform (x32 Version: 16.4.3505.0912)

Windows Live SOXE (x32 Version: 16.4.3505.0912)

Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912)

Windows Live UX Platform (x32 Version: 16.4.3505.0912)

Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912)

Windows Live Writer (x32 Version: 16.4.3505.0912)

Windows Live Writer Resources (x32 Version: 16.4.3505.0912)

Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8)

WinRAR 5.00 (64-bit) (Version: 5.00.0)

World of Goo (x32)

WSOP.com (x32)

XCOM: Enemy Unknown (x32)

Xilisoft DVD Ripper Platinum (x32 Version: 7.2.0.20120420)

Xilisoft DVD Ripper Platinum 6 (x32 Version: 6.5.2.0310)

Xiph.Org Open Codecs 0.85.17777 (x32 Version: 0.85.17777)

 

==================== Restore Points  =========================

 

02-12-2013 17:38:53 Scheduled Checkpoint

10-12-2013 05:31:08 Scheduled Checkpoint

 

==================== Hosts content: ==========================

 

2009-07-13 21:34 - 2013-08-01 23:05 - 00000988 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 serial.alcohol-soft.com

127.0.0.1 www.alcohol-soft.com

127.0.0.1 images.alcohol-soft.com

127.0.0.1 trial.alcohol-soft.com

127.0.0.1 alcohol-soft.com

 

 

==================== Scheduled Tasks (whitelisted) =============

 

Task: {07F6FC3F-FCB3-4863-BA64-342F436C5137} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1526527927-2342081291-3310083387-1000UA => C:\Users\middle3\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-16] (Google Inc.)

Task: {1D41EA29-101B-462D-AFBB-00CBD6A929C5} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe

Task: {45FA362D-5340-44E5-86A7-5021CDFDE9C5} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-11-24] (AVAST Software)

Task: {66C66884-8C03-40C8-B9DE-4B8F9F4ED5C4} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe

Task: {74DF210E-619B-43B8-A328-E7E79A762B3E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)

Task: {74ED6477-2B02-401D-BC87-906C1B095C7A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe

Task: {8DBDBF27-8E97-4184-A1CC-D1794BF195A0} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2012 => C:\Program Files (x86)\TuneUp Utilities 2012\OneClick.exe [2011-12-14] (TuneUp Software)

Task: {97FB897E-8359-4C9E-B801-F2D581371339} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)

Task: {999E3448-01EE-4DFC-AD09-1F8313E0FEC5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1526527927-2342081291-3310083387-1000Core => C:\Users\middle3\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-16] (Google Inc.)

Task: {B02CD6F5-853C-4912-9199-A05FB7E2405B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated)

Task: {BFEEBC37-2304-4732-9731-14726E5B1D1F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-08] (Google Inc.)

Task: {D4741A62-CD39-45F3-B528-48125F2B5A96} - System32\Tasks\Minitab\Minitab Software Update Manager => C:\Program Files (x86)\Common Files\Minitab Shared\Software Manager\SoftwareManager.exe [2010-11-05] (Minitab)

Task: {E8C59240-3743-4226-AA6A-C9BECB7CC369} - System32\Tasks\Google Updater and Installer => C:\Users\middle3\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-16] (Google Inc.)

Task: {F9B127F0-545A-4678-93CA-D1B4324539C9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-08] (Google Inc.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1526527927-2342081291-3310083387-1000Core.job => C:\Users\middle3\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1526527927-2342081291-3310083387-1000UA.job => C:\Users\middle3\AppData\Local\Google\Update\GoogleUpdate.exe

 

==================== Loaded Modules (whitelisted) =============

 

2013-12-11 10:47 - 2013-12-11 06:31 - 02152448 _____ () C:\Program Files\AVAST Software\Avast\defs\13121100\algo.dll

2011-11-01 23:26 - 2011-11-01 23:26 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2011-11-01 23:26 - 2011-11-01 23:26 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2013-08-23 14:01 - 2013-08-23 14:01 - 25100288 _____ () C:\Users\middle3\AppData\Roaming\Dropbox\bin\libcef.dll

2013-11-24 01:05 - 2013-11-24 01:05 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

2013-12-10 23:35 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl

2013-12-10 23:35 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl

2013-09-20 11:22 - 2012-10-27 09:21 - 00027648 _____ () C:\Program Files (x86)\OctaneVPN\resources\bin\win32\octanevpnsrvc\servicemanager.pyd

2013-09-20 11:22 - 2012-10-27 09:20 - 00110080 _____ () C:\Program Files (x86)\OctaneVPN\resources\bin\win32\octanevpnsrvc\pywintypes27.dll

2013-09-20 11:22 - 2012-10-27 09:20 - 00042496 _____ () C:\Program Files (x86)\OctaneVPN\resources\bin\win32\octanevpnsrvc\win32service.pyd

2013-09-20 11:22 - 2012-10-27 09:21 - 00098816 _____ () C:\Program Files (x86)\OctaneVPN\resources\bin\win32\octanevpnsrvc\win32api.pyd

2013-09-20 11:22 - 2012-04-10 23:31 - 00285184 _____ () C:\Program Files (x86)\OctaneVPN\resources\bin\win32\octanevpnsrvc\_hashlib.pyd

2013-09-20 11:22 - 2012-10-27 09:20 - 00035840 _____ () C:\Program Files (x86)\OctaneVPN\resources\bin\win32\octanevpnsrvc\win32process.pyd

2013-09-20 11:22 - 2012-10-27 09:20 - 00108544 _____ () C:\Program Files (x86)\OctaneVPN\resources\bin\win32\octanevpnsrvc\win32security.pyd

2013-09-20 11:22 - 2012-10-27 09:20 - 00018432 _____ () C:\Program Files (x86)\OctaneVPN\resources\bin\win32\octanevpnsrvc\win32event.pyd

2013-09-20 11:22 - 2012-10-27 09:21 - 00033792 _____ () C:\Program Files (x86)\OctaneVPN\resources\bin\win32\octanevpnsrvc\win32evtlog.pyd

2013-09-20 11:22 - 2012-04-10 23:31 - 00074240 _____ () C:\Program Files (x86)\OctaneVPN\resources\bin\win32\octanevpnsrvc\_ctypes.pyd

2013-09-20 11:22 - 2012-04-10 23:31 - 00040960 _____ () C:\Program Files (x86)\OctaneVPN\resources\bin\win32\octanevpnsrvc\_socket.pyd

2013-09-20 11:22 - 2012-04-10 23:31 - 00721920 _____ () C:\Program Files (x86)\OctaneVPN\resources\bin\win32\octanevpnsrvc\_ssl.pyd

2013-09-20 11:22 - 2012-10-27 09:20 - 00119808 _____ () C:\Program Files (x86)\OctaneVPN\resources\bin\win32\octanevpnsrvc\win32file.pyd

2013-09-20 11:22 - 2012-10-27 09:20 - 00024064 _____ () C:\Program Files (x86)\OctaneVPN\resources\bin\win32\octanevpnsrvc\win32pipe.pyd

2013-12-10 23:35 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl

2013-12-10 23:35 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll

2013-12-10 23:35 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll

2013-12-05 20:06 - 2013-12-03 21:47 - 00702416 _____ () C:\Users\middle3\AppData\Local\Google\Chrome\Application\31.0.1650.63\libglesv2.dll

2013-12-05 20:06 - 2013-12-03 21:47 - 00099792 _____ () C:\Users\middle3\AppData\Local\Google\Chrome\Application\31.0.1650.63\libegl.dll

2013-12-05 20:06 - 2013-12-03 21:48 - 04055504 _____ () C:\Users\middle3\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll

2013-12-05 20:06 - 2013-12-03 21:48 - 00399312 _____ () C:\Users\middle3\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll

2013-12-05 20:06 - 2013-12-03 21:47 - 01619408 _____ () C:\Users\middle3\AppData\Local\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

AlternateDataStreams: C:\Program Files (x86)\Cake Poker 2.0:MID

AlternateDataStreams: C:\Program Files (x86)\Juicy Stakes 2.0:MID

AlternateDataStreams: C:\Program Files (x86)\Lock Poker:MID

 

==================== Safe Mode (whitelisted) ===================

 

 

==================== Faulty Device Manager Devices =============

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (12/11/2013 11:05:55 AM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.

 

Error: (12/11/2013 10:54:04 AM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.

 

Error: (12/11/2013 01:42:33 AM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.

 

Error: (12/11/2013 01:00:17 AM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

 

Error: (12/11/2013 00:18:58 AM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.

 

Error: (12/11/2013 00:15:14 AM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.

 

Error: (12/10/2013 11:35:48 PM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.

 

Error: (12/10/2013 11:34:57 PM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.

 

Error: (12/10/2013 05:32:30 PM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.

 

Error: (12/10/2013 05:31:16 PM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.

 

 

System errors:

=============

Error: (12/11/2013 11:05:20 AM) (Source: Disk) (User: )

Description: The driver detected a controller error on \Device\Harddisk3\DR3.

 

Error: (12/11/2013 11:05:19 AM) (Source: Disk) (User: )

Description: The driver detected a controller error on \Device\Harddisk3\DR3.

 

Error: (12/11/2013 11:05:19 AM) (Source: Disk) (User: )

Description: The driver detected a controller error on \Device\Harddisk3\DR3.

 

Error: (12/11/2013 11:05:18 AM) (Source: Disk) (User: )

Description: The driver detected a controller error on \Device\Harddisk3\DR3.

 

Error: (12/11/2013 11:05:18 AM) (Source: Disk) (User: )

Description: The driver detected a controller error on \Device\Harddisk3\DR3.

 

Error: (12/11/2013 11:04:19 AM) (Source: Service Control Manager) (User: )

Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error: 

%%1053

 

Error: (12/11/2013 11:04:19 AM) (Source: Service Control Manager) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.

 

Error: (12/11/2013 11:03:17 AM) (Source: Service Control Manager) (User: )

Description: The AODDriver4.2 service failed to start due to the following error: 

%%2

 

Error: (12/11/2013 01:15:07 AM) (Source: Disk) (User: )

Description: The device, \Device\Harddisk2\DR2, is not ready for access yet.

 

Error: (12/11/2013 01:15:07 AM) (Source: atapi) (User: )

Description: The driver detected a controller error on \Device\Ide\IdePort3.

 

 

Microsoft Office Sessions:

=========================

 

CodeIntegrity Errors:

===================================

  Date: 2013-10-20 21:23:46.882

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\ATI Technologies\Multimedia\AMDMFTDecoder_64.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-10-20 21:23:46.412

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\uxtheme.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-10-20 21:23:46.325

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\uxtheme.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-10-20 21:23:46.235

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\uxtheme.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-10-20 21:23:46.150

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\uxtheme.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-10-20 21:23:45.887

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\uxtheme.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-10-20 21:23:45.800

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\uxtheme.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-10-20 21:23:45.258

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\uxtheme.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-10-20 21:23:45.166

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\uxtheme.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-10-20 21:23:44.895

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\uxtheme.dll because the set of per-page image hashes could not be found on the system.

 

 

==================== Memory info =========================== 

 

Percentage of memory in use: 34%

Total physical RAM: 8190.09 MB

Available physical RAM: 5348.52 MB

Total Pagefile: 16378.32 MB

Available Pagefile: 13161.7 MB

Total Virtual: 8192 MB

Available Virtual: 8191.75 MB

 

==================== Drives ================================

 

Drive c: () (Fixed) (Total:931.41 GB) (Free:48.15 GB) NTFS

Drive e: (New Volume) (Fixed) (Total:931.51 GB) (Free:29.38 GB) NTFS

Drive i: () (Removable) (Total:3.76 GB) (Free:0.01 GB) FAT32

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: CA82A69D)

Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

 

========================================================

Disk: 1 (Size: 1863 GB) (Disk ID: 2BD2C32A)

Partition 1: (Not Active) - (Size=-198626508800) - (Type=07 NTFS)

 

========================================================

Disk: 2 (Size: 932 GB) (Disk ID: 5A4B2E62)

Partition 1: (Active) - (Size=102 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

 

========================================================

Disk: 3 (Size: 4 GB) (Disk ID: 6F20736B)

No partition Table on disk 3.

Disk 3 is a removable device.

 

==================== End Of Log ============================

Link to post
Share on other sites
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-12-2013 01

Ran by middle3 (administrator) on MIDDLE3-PC on 11-12-2013 12:13:00

Running from C:\Users\middle3\Downloads

Windows Seven Black Edition (X64) OS Language: English(US)

Internet Explorer Version 9

Boot Mode: Normal

 

==================== Processes (Whitelisted) =================

 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(AMD) C:\Windows\System32\atiesrxx.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

(AMD) C:\Windows\System32\atieclxx.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(ChicaLogic) C:\Program Files (x86)\ChicaLogic\ChicaPC-Shield\cpcsscheduler.exe

(ChicaLogic) C:\Program Files (x86)\ChicaLogic\ChicaPC-Shield\cpcsservice.exe

(ChicaLogic) C:\Program Files (x86)\ChicaLogic\ChicaPC-Shield\cpcsgui.exe

(SafeNet Inc.) C:\Windows\System32\hasplms.exe

(HP) C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe

(HP) C:\Windows\System32\HPSIsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

(OctaneVPN) C:\Program Files (x86)\OctaneVPN\resources\bin\win32\octanevpnsrvc\octanevpnsrvc.exe

(TrueCrypt Foundation) C:\Program Files\TrueCrypt\TrueCrypt.exe

(Flux Software LLC) C:\Users\middle3\AppData\Local\FluxSoftware\Flux\flux.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe

(Dropbox, Inc.) C:\Users\middle3\AppData\Roaming\Dropbox\bin\Dropbox.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Rocket Division Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe

(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe

(Google Inc.) C:\Users\middle3\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\middle3\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\middle3\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\middle3\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\middle3\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\middle3\AppData\Local\Google\Chrome\Application\chrome.exe

 

==================== Registry (Whitelisted) ==================

 

HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384 2013-11-08] (NVIDIA Corporation)

HKLM\...\Run: [shadowPlay] - C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart

HKCU\...\Run: [TrueCrypt] - C:\Program Files\TrueCrypt\TrueCrypt.exe [1517520 2012-01-17] (TrueCrypt Foundation)

HKCU\...\Run: [] - [x]

HKCU\...\Run: [F.lux] - C:\Users\middle3\AppData\Local\FluxSoftware\Flux\flux.exe [1016712 2013-10-15] (Flux Software LLC)

MountPoints2: {396cf4ab-2562-11e2-9d3c-14dae9997931} - F:\LGAutoRun.exe

MountPoints2: {aeace810-56d0-11e3-a8ab-14dae9997931} - F:\HTC_Sync_Manager_PC.exe

MountPoints2: {b523d81e-3101-11e3-a39f-14dae9997931} - F:\HTC_Sync_Manager_PC.exe

HKLM-x32\...\Run: [] - [x]

HKLM-x32\...\Run: [bCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)

HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)

HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-11-24] (AVAST Software)

HKLM-x32\...\Run: [20131121] - C:\Program Files\AVAST Software\Avast\Setup\emupdate\a102b0a6-59fb-4ba5-8ee8-09a617fcd9f9.exe [180184 2013-11-24] (AVAST Software)

HKLM-x32\...\Run: [sDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)

Startup: C:\Users\middle3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> C:\Users\middle3\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

BootExecute: autocheck autochk /p \??\P:autocheck autochk * PCloudBroom64.exe \systemroot\system32\BroomData.bitsdnclean64.exe

 

==================== Internet (Whitelisted) ====================

 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x157C54E747B5CD01

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie

URLSearchHook: HKCU - (No Name) - {7aeb3efd-e564-43f1-b658-5058a7c5743b} - No File

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe

SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear

BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

DPF: HKLM {8FEFF364-6A5F-4966-A917-A3AC28411659} http://download.easetuner.com/download/SOPCORE.CAB

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

 

FireFox:

========

FF ProfilePath: C:\Users\middle3\AppData\Roaming\Mozilla\Firefox\Profiles\xvgmumcc.default

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)

FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)

FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )

FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.19 - C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)

FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 - C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)

FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\middle3\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\middle3\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\middle3\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)

FF Extension: EPUBReader - C:\Users\middle3\AppData\Roaming\Mozilla\Firefox\Profiles\xvgmumcc.default\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}

FF Extension: noscript - C:\Users\middle3\AppData\Roaming\Mozilla\Firefox\Profiles\xvgmumcc.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi

FF Extension: Adblock Plus - C:\Users\middle3\AppData\Roaming\Mozilla\Firefox\Profiles\xvgmumcc.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension

FF Extension: SmartPrintButton - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension

FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF

FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

 

Chrome: 

=======



CHR DefaultSearchKeyword: google.com

CHR DefaultSearchProvider: Google

CHR DefaultSearchURL: {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}

CHR DefaultNewTabURL: {google:baseURL}_/chrome/newtab?{google:RLZ}{google:instantExtendedEnabledParameter}{google:ntpIsThemedParameter}ie={inputEncoding}

CHR Plugin: (Shockwave Flash) - C:\Users\middle3\AppData\Local\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()

CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Users\middle3\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Users\middle3\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll ()

CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)

CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll No File

CHR Plugin: (vShare.tv plug-in) - C:\Program Files (x86)\Mozilla Firefox\plugins\npvsharetvplg.dll No File

CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Users\middle3\AppData\Local\Google\Chrome\Application\plugins\npMozCouponPrinter.dll No File

CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)

CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)

CHR Plugin: (Java Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

CHR Plugin: (Nokia Suite Enabler Plugin) - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )

CHR Plugin: (Uplay PC) - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)

CHR Plugin: (Veetle TV Player) - C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)

CHR Plugin: (Veetle TV Core) - C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)

CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

CHR Plugin: (Unity Player) - C:\Users\middle3\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

CHR Plugin: (Google Update) - C:\Users\middle3\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File

CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll No File

CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll No File

CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File

CHR Extension: (YouTube) - C:\Users\middle3\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0

CHR Extension: (Honey) - C:\Users\middle3\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj\2.0.5.3_0

CHR Extension: (Add to Amazon Wish List) - C:\Users\middle3\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0

CHR Extension: (Google Search) - C:\Users\middle3\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0

CHR Extension: (HTTPS Everywhere) - C:\Users\middle3\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp\2013.10.16_0

CHR Extension: (Disconnect) - C:\Users\middle3\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo\5.10.2_0

CHR Extension: (Google Wallet) - C:\Users\middle3\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0

CHR Extension: (Gmail) - C:\Users\middle3\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1

CHR HKLM-x32\...\Chrome\Extension: [odnmefdnonkjkjnmmccgofnjlchlopdo] - C:\Users\middle3\AppData\Local\Temp\ccex.crx

CHR StartMenuInternet: Google Chrome - C:\Users\middle3\AppData\Local\Google\Chrome\Application\chrome.exe

 

==================== Services (Whitelisted) =================

 

S4 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-12-19] (Advanced Micro Devices, Inc.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-11-24] (AVAST Software)

R2 CPCSScheduler; C:\Program Files (x86)\ChicaLogic\ChicaPC-Shield\cpcsscheduler.exe [418376 2013-04-04] (ChicaLogic)

R2 CPCSService; C:\Program Files (x86)\ChicaLogic\ChicaPC-Shield\cpcsservice.exe [701512 2013-04-04] (ChicaLogic)

R2 hasplms; C:\Windows\system32\hasplms.exe [4609928 2013-08-01] (SafeNet Inc.)

R2 HPM1210RcvFaxSrvc; C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [362296 2010-05-11] (HP)

S4 MediaMall Server; C:\Program Files (x86)\MediaMall\MediaMallServer.exe [3940144 2013-04-15] (MediaMall Technologies, Inc.)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15125280 2013-11-08] (NVIDIA Corporation)

R2 OctaneVPNSrvc; C:\Program Files (x86)\OctaneVPN\resources\bin\win32\octanevpnsrvc\octanevpnsrvc.exe [822444 2013-11-05] (OctaneVPN)

S4 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2012-12-18] ()

R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)

R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)

R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)

R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software)

R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2123584 2011-12-14] (TuneUp Software)

S4 TVersityMediaServer; C:\ProgramData\TVersity\Media Server\MediaServer.exe [1621800 2012-08-10] ()

 

==================== Drivers (Whitelisted) ====================

 

S3 adp94xx; C:\Windows\system32\DRIVERS\adp94xx.sys [491088 2009-07-13] ()

S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.)

S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.)

R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-11-24] (AVAST Software)

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-11-24] (AVAST Software)

R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-11-24] (AVAST Software)

R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-24] ()

R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-11-24] (AVAST Software)

R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-11-24] (AVAST Software)

R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2013-11-24] (AVAST Software)

R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-11-24] ()

S3 b06bdrv; C:\Windows\system32\DRIVERS\bxvbda.sys [468480 2009-06-10] ()

R3 CPCSProtector; C:\Windows\system32\drivers\cpcs.sys [25928 2013-04-04] (ChicaLogic)

R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331328 2013-08-01] (SafeNet Inc.)

R3 msvad_simple; C:\Windows\System32\drivers\povrtdev.sys [28528 2010-04-29] (MediaMall Technologies, Inc.)

R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()

R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-09-27] (NVIDIA Corporation)

S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [47632 2013-04-29] (Panda Security, S.L.)

R0 sptd; C:\Windows\System32\Drivers\sptd.sys [530488 2012-01-01] ()

S3 STTub30; C:\Windows\System32\Drivers\STTub30.sys [44080 2011-12-20] (STMicroelectronics)

R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [11856 2011-12-12] (TuneUp Software)

R0 vidsflt53; C:\Windows\System32\DRIVERS\vsflt53.sys [141920 2013-05-07] (Acronis)

U3 ahopzzqw; C:\Windows\System32\Drivers\ahopzzqw.sys [0 ] (Microsoft Corporation)

S3 cpuz135; \??\C:\Users\middle3\AppData\Local\Temp\HBCD\PCWizard\pcwiz_x64.sys [x]

S3 gwiopm; \??\C:\Users\middle3\AppData\Local\Temp\HBCD\gwiopm.sys [x]

 

==================== NetSvcs (Whitelisted) ===================

 

 

==================== One Month Created Files and Folders ========

 

2013-12-11 11:21 - 2013-12-11 11:55 - 00000000 ____D C:\Users\middle3\Downloads\New folder

2013-12-11 11:10 - 2013-12-11 11:10 - 00044505 _____ C:\Users\middle3\Downloads\Addition.txt

2013-12-11 11:09 - 2013-12-11 12:13 - 00022888 _____ C:\Users\middle3\Downloads\FRST.txt

2013-12-11 11:09 - 2013-12-11 11:10 - 00051719 _____ C:\Users\middle3\Downloads\FRST first.txt

2013-12-11 11:09 - 2013-12-11 11:09 - 00000000 ____D C:\FRST

2013-12-11 11:08 - 2013-12-11 11:08 - 01928212 _____ (Farbar) C:\Users\middle3\Downloads\FRST64.exe

2013-12-11 11:02 - 2013-12-11 12:05 - 00000336 _____ C:\Windows\setupact.log

2013-12-11 11:02 - 2013-12-11 11:02 - 00000000 _____ C:\Windows\setuperr.log

2013-12-11 10:56 - 2013-12-11 11:00 - 00000000 ____D C:\AdwCleaner

2013-12-11 10:56 - 2013-12-11 10:56 - 01226802 _____ C:\Users\middle3\Downloads\AdwCleaner.exe

2013-12-11 01:08 - 2013-12-11 01:08 - 00688992 ____R (Swearware) C:\Users\middle3\Downloads\dds.com

2013-12-10 23:35 - 2013-12-10 23:37 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2

2013-12-10 23:35 - 2013-12-10 23:35 - 00001343 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk

2013-12-10 23:35 - 2013-12-10 23:35 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking

2013-12-10 23:35 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe

2013-12-10 23:25 - 2013-12-10 23:26 - 40658208 _____ (Safer-Networking Ltd.                                       ) C:\Users\middle3\Downloads\spybot-2.2.exe

2013-12-10 19:07 - 2013-12-10 19:07 - 00003315 _____ C:\Users\middle3\Desktop\RKreport[0]_S_12102013_190701.txt

2013-12-10 19:00 - 2013-12-11 00:12 - 00000000 ____D C:\Users\middle3\Desktop\RK_Quarantine

2013-12-10 19:00 - 2013-12-10 19:00 - 04166144 _____ C:\Users\middle3\Downloads\RogueKillerX64.exe

2013-12-10 17:37 - 2013-12-10 18:21 - 854227484 ____R C:\Users\middle3\Downloads\UFC.Fight.For .The.Troops.3.Prelims.HDTV.x264-WYW.mp4

2013-12-10 17:33 - 2013-12-10 18:11 - 1082205646 ____R C:\Users\middle3\Downloads\UFC.Fight.Night.Hunt.vs.Bigfoot.Prelims.HDTV.x264-WYW.mp4

2013-12-10 14:00 - 2013-12-10 14:00 - 00000000 ____D C:\Users\middle3\AppData\Roaming\Glarysoft Giveaway

2013-12-10 13:59 - 2013-12-10 13:59 - 09587376 _____ C:\Users\middle3\Downloads\ChicaPC-Shield v 1.75.0.1300.zip

2013-12-10 13:59 - 2013-12-10 13:59 - 00001134 _____ C:\Users\Public\Desktop\ChicaPC-Shield.lnk

2013-12-10 13:59 - 2013-12-10 13:59 - 00000000 ____D C:\Users\middle3\AppData\Roaming\ChicaLogic

2013-12-10 13:59 - 2013-12-10 13:59 - 00000000 ____D C:\ProgramData\ChicaLogic

2013-12-10 13:59 - 2013-12-10 13:59 - 00000000 ____D C:\Program Files (x86)\ChicaLogic

2013-12-10 13:59 - 2013-04-04 14:51 - 00025928 _____ (ChicaLogic) C:\Windows\system32\Drivers\cpcs.sys

2013-12-07 01:49 - 2013-12-07 01:49 - 00000000 ____D C:\ProgramData\PokerCoach

2013-12-07 01:47 - 2013-12-07 01:47 - 00001117 _____ C:\Users\middle3\Desktop\Poker Coach.lnk

2013-12-07 01:46 - 2013-12-07 01:47 - 00000000 ____D C:\Program Files (x86)\PokerCoach

2013-12-07 01:46 - 2013-12-07 01:46 - 00000000 ____D C:\Users\middle3\Documents\PokerCoach

2013-12-07 01:34 - 2013-12-07 01:34 - 06832656 _____ (Snowie Games Ltd                                            ) C:\Users\middle3\Downloads\PokerCoachSetup.exe

2013-12-07 01:31 - 2013-12-07 01:31 - 00001107 _____ C:\Users\middle3\Desktop\Backgammon Snowie.lnk

2013-12-07 01:31 - 1999-11-12 05:11 - 00183808 _____ C:\Windows\SysWOW64\BDEADMIN.CPL

2013-12-07 01:31 - 1999-01-20 05:01 - 00210032 _____ C:\Windows\SysWOW64\DBCLIENT.DLL

2013-12-07 01:30 - 2013-12-07 01:30 - 12367586 _____ (Snowie Games Limited                                        ) C:\Users\middle3\Downloads\Snowie Setup.exe

2013-12-07 01:30 - 2013-12-07 01:30 - 00000000 ____D C:\Program Files (x86)\SnowieGroup

2013-12-05 15:26 - 2013-12-10 19:23 - 1172102586 ____R C:\Users\middle3\Downloads\v7340 - Inna & Abbie_720.wmv

2013-12-02 16:17 - 2013-12-10 17:22 - 00010576 _____ C:\Users\middle3\Desktop\weights.ods

2013-11-29 11:42 - 2013-11-29 11:42 - 00001743 _____ C:\Users\Public\Desktop\iTunes.lnk

2013-11-29 11:41 - 2013-11-29 11:41 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2013-11-29 11:41 - 2013-11-29 11:41 - 00000000 ____D C:\Program Files\iTunes

2013-11-29 11:41 - 2013-11-29 11:41 - 00000000 ____D C:\Program Files\iPod

2013-11-29 11:41 - 2013-11-29 11:41 - 00000000 ____D C:\Program Files (x86)\iTunes

2013-11-29 11:37 - 2013-11-29 11:37 - 24489269 _____ C:\Users\middle3\Downloads\vlc-2.1.1-win32.exe

2013-11-29 11:25 - 2013-11-29 11:25 - 01970848 _____ C:\Users\middle3\Downloads\winrar-x64-500.exe

2013-11-25 16:57 - 2013-11-25 17:17 - 00000000 ____D C:\Users\middle3\Downloads\UFC.TUF.18.Finale.Gamblers.Pack-alienator13

2013-11-25 16:48 - 2013-11-25 23:15 - 00000000 ____D C:\Users\middle3\Desktop\18

2013-11-24 01:11 - 2013-11-24 01:11 - 00000000 ____D C:\Users\middle3\AppData\Roaming\AVAST Software

2013-11-24 01:06 - 2013-12-09 09:09 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update

2013-11-24 01:06 - 2013-11-24 01:06 - 00001966 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk

2013-11-20 15:30 - 2013-11-20 15:30 - 00048545 _____ C:\Users\middle3\Desktop\Vin# SHSRD78863U152717.html

2013-11-20 10:45 - 2013-11-20 10:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird

2013-11-19 21:11 - 2013-11-19 21:18 - 522727358 _____ C:\Users\middle3\Downloads\Family photos 2013.zip

2013-11-19 19:17 - 2013-11-19 19:17 - 00000000 ____D C:\Users\middle3\AppData\Local\NVIDIA Corporation

2013-11-19 18:56 - 2013-11-19 19:00 - 00098304 _____ C:\Users\middle3\Desktop\km_optimizer2.xls

2013-11-19 17:37 - 2013-11-19 17:37 - 00002014 _____ C:\Users\Public\Desktop\Foxit Reader.lnk

2013-11-19 17:37 - 2013-08-16 13:56 - 00216064 _____ C:\Windows\SysWOW64\gcapi_dll.dll

2013-11-19 15:39 - 2013-11-19 15:40 - 09099196 _____ C:\Users\middle3\Downloads\The Little Bit _.7z

2013-11-15 12:52 - 2013-11-15 13:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2013-11-15 00:54 - 2013-11-15 00:54 - 00000000 ____D C:\Users\middle3\AppData\Roaming\Amazon

2013-11-15 00:54 - 2013-11-15 00:54 - 00000000 ____D C:\Users\middle3\AppData\Local\webkit

2013-11-15 00:52 - 2013-11-15 01:12 - 00000000 ____D C:\Users\middle3\.kindle

2013-11-15 00:51 - 2013-11-15 00:51 - 00000000 ____D C:\Users\middle3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon

2013-11-15 00:51 - 2013-11-15 00:51 - 00000000 ____D C:\Users\middle3\AppData\Local\Amazon

2013-11-15 00:49 - 2013-11-15 00:50 - 188328784 _____ C:\Users\middle3\Downloads\KindlePreviewerInstall.exe

2013-11-15 00:48 - 2013-11-15 00:48 - 00894600 _____ (CNET Download.com) C:\Users\middle3\Downloads\cbsidlm-cbsi134-EPUB_to_MOBI-SEO-75613706.exe

2013-11-15 00:48 - 2013-11-15 00:48 - 00894600 _____ (CNET Download.com) C:\Users\middle3\Downloads\cbsidlm-cbsi134-EPUB_to_MOBI-SEO-75613706 (1).exe

2013-11-15 00:43 - 2013-11-15 00:43 - 00000000 ____D C:\Users\middle3\Desktop\New folder (3)

2013-11-11 20:55 - 2013-10-28 21:24 - 00000000 ____D C:\Users\middle3\Downloads\swc_client-Windows v0.2.18

2013-11-11 20:26 - 2013-11-11 20:26 - 00010718 _____ C:\Users\middle3\Desktop\nfl push chart.odt

 

==================== One Month Modified Files and Folders =======

 

2013-12-11 12:13 - 2013-12-11 11:09 - 00022888 _____ C:\Users\middle3\Downloads\FRST.txt

2013-12-11 12:09 - 2012-08-08 20:55 - 00000900 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2013-12-11 12:06 - 2012-01-09 17:21 - 00000000 ___RD C:\Users\middle3\Dropbox

2013-12-11 12:06 - 2012-01-09 17:19 - 00000000 ____D C:\Users\middle3\AppData\Roaming\Dropbox

2013-12-11 12:05 - 2013-12-11 11:02 - 00000336 _____ C:\Windows\setupact.log

2013-12-11 12:05 - 2013-09-20 11:23 - 00016877 _____ C:\vpnsrvc.log

2013-12-11 12:05 - 2012-08-08 20:55 - 00000896 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2013-12-11 12:05 - 2012-04-12 01:31 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2013-12-11 12:05 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2013-12-11 12:04 - 2013-02-22 00:38 - 00000000 ____D C:\ProgramData\NVIDIA

2013-12-11 12:00 - 2012-01-25 23:08 - 00000000 ____D C:\ProgramData\Microsoft Help

2013-12-11 12:00 - 2012-01-12 13:10 - 01280838 _____ C:\Windows\WindowsUpdate.log

2013-12-11 11:55 - 2013-12-11 11:21 - 00000000 ____D C:\Users\middle3\Downloads\New folder

2013-12-11 11:46 - 2012-04-12 01:31 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater

2013-12-11 11:46 - 2012-04-12 01:30 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2013-12-11 11:46 - 2011-12-30 17:37 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2013-12-11 11:12 - 2009-07-13 23:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2013-12-11 11:12 - 2009-07-13 23:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2013-12-11 11:10 - 2013-12-11 11:10 - 00044505 _____ C:\Users\middle3\Downloads\Addition.txt

2013-12-11 11:10 - 2013-12-11 11:09 - 00051719 _____ C:\Users\middle3\Downloads\FRST first.txt

2013-12-11 11:09 - 2013-12-11 11:09 - 00000000 ____D C:\FRST

2013-12-11 11:08 - 2013-12-11 11:08 - 01928212 _____ (Farbar) C:\Users\middle3\Downloads\FRST64.exe

2013-12-11 11:04 - 2011-12-30 16:58 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1526527927-2342081291-3310083387-1000UA.job

2013-12-11 11:02 - 2013-12-11 11:02 - 00000000 _____ C:\Windows\setuperr.log

2013-12-11 11:00 - 2013-12-11 10:56 - 00000000 ____D C:\AdwCleaner

2013-12-11 10:56 - 2013-12-11 10:56 - 01226802 _____ C:\Users\middle3\Downloads\AdwCleaner.exe

2013-12-11 10:54 - 2012-10-31 14:36 - 00000000 ____D C:\Users\middle3\AppData\Roaming\uTorrent

2013-12-11 01:42 - 2011-11-17 03:26 - 00000000 ____D C:\Bovada

2013-12-11 01:19 - 2013-08-13 22:23 - 00019636 _____ C:\Users\middle3\Desktop\dds.txt

2013-12-11 01:19 - 2013-08-13 22:23 - 00017255 _____ C:\Users\middle3\Desktop\attach.txt

2013-12-11 01:08 - 2013-12-11 01:08 - 00688992 ____R (Swearware) C:\Users\middle3\Downloads\dds.com

2013-12-11 00:30 - 2012-01-16 12:42 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy

2013-12-11 00:25 - 2012-01-23 13:33 - 00000000 ____D C:\Users\middle3\AppData\Roaming\Media Player Classic

2013-12-11 00:25 - 2012-01-02 00:47 - 00000000 ____D C:\Program Files (x86)\Steam

2013-12-11 00:20 - 2012-03-22 17:13 - 00000000 ____D C:\Windows\Minidump

2013-12-11 00:18 - 2011-12-30 17:01 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk

2013-12-11 00:18 - 2011-12-30 17:01 - 00000000 ____D C:\Program Files\CCleaner

2013-12-11 00:12 - 2013-12-10 19:00 - 00000000 ____D C:\Users\middle3\Desktop\RK_Quarantine

2013-12-10 23:37 - 2013-12-10 23:35 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2

2013-12-10 23:35 - 2013-12-10 23:35 - 00001343 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk

2013-12-10 23:35 - 2013-12-10 23:35 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking

2013-12-10 23:34 - 2012-01-16 12:42 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy

2013-12-10 23:26 - 2013-12-10 23:25 - 40658208 _____ (Safer-Networking Ltd.                                       ) C:\Users\middle3\Downloads\spybot-2.2.exe

2013-12-10 23:04 - 2011-12-30 16:58 - 00000864 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1526527927-2342081291-3310083387-1000Core.job

2013-12-10 21:29 - 2012-10-31 14:34 - 00000000 ____D C:\Program Files\PeerBlock

2013-12-10 19:23 - 2013-12-05 15:26 - 1172102586 ____R C:\Users\middle3\Downloads\v7340 - Inna & Abbie_720.wmv

2013-12-10 19:11 - 2013-01-15 21:01 - 00000000 ____D C:\Users\middle3\AppData\Roaming\vlc

2013-12-10 19:07 - 2013-12-10 19:07 - 00003315 _____ C:\Users\middle3\Desktop\RKreport[0]_S_12102013_190701.txt

2013-12-10 19:00 - 2013-12-10 19:00 - 04166144 _____ C:\Users\middle3\Downloads\RogueKillerX64.exe

2013-12-10 19:00 - 2013-09-20 11:22 - 00000000 ____D C:\Users\middle3\AppData\Roaming\OctaneVPN

2013-12-10 18:21 - 2013-12-10 17:37 - 854227484 ____R C:\Users\middle3\Downloads\UFC.Fight.For .The.Troops.3.Prelims.HDTV.x264-WYW.mp4

2013-12-10 18:11 - 2013-12-10 17:33 - 1082205646 ____R C:\Users\middle3\Downloads\UFC.Fight.Night.Hunt.vs.Bigfoot.Prelims.HDTV.x264-WYW.mp4

2013-12-10 17:28 - 2013-07-22 12:24 - 00098816 _____ C:\Users\middle3\Desktop\km_optimizer.xls

2013-12-10 17:26 - 2012-08-16 01:52 - 00026948 _____ C:\Users\middle3\Desktop\health.ods

2013-12-10 17:22 - 2013-12-02 16:17 - 00010576 _____ C:\Users\middle3\Desktop\weights.ods

2013-12-10 14:00 - 2013-12-10 14:00 - 00000000 ____D C:\Users\middle3\AppData\Roaming\Glarysoft Giveaway

2013-12-10 13:59 - 2013-12-10 13:59 - 09587376 _____ C:\Users\middle3\Downloads\ChicaPC-Shield v 1.75.0.1300.zip

2013-12-10 13:59 - 2013-12-10 13:59 - 00001134 _____ C:\Users\Public\Desktop\ChicaPC-Shield.lnk

2013-12-10 13:59 - 2013-12-10 13:59 - 00000000 ____D C:\Users\middle3\AppData\Roaming\ChicaLogic

2013-12-10 13:59 - 2013-12-10 13:59 - 00000000 ____D C:\ProgramData\ChicaLogic

2013-12-10 13:59 - 2013-12-10 13:59 - 00000000 ____D C:\Program Files (x86)\ChicaLogic

2013-12-10 11:43 - 2012-01-01 13:10 - 00267198 _____ C:\Users\middle3\Desktop\sports.ods

2013-12-09 13:04 - 2013-08-12 18:19 - 00049432 _____ C:\Users\middle3\Desktop\Old Kountermove data.ods

2013-12-09 09:09 - 2013-11-24 01:06 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update

2013-12-09 00:46 - 2012-01-01 11:57 - 00045532 _____ C:\Users\middle3\Desktop\2011wongs.ods

2013-12-07 15:15 - 2009-07-13 23:45 - 00450232 _____ C:\Windows\system32\FNTCACHE.DAT

2013-12-07 01:50 - 2011-12-30 13:39 - 00118832 _____ C:\Users\middle3\AppData\Local\GDIPFONTCACHEV1.DAT

2013-12-07 01:49 - 2013-12-07 01:49 - 00000000 ____D C:\ProgramData\PokerCoach

2013-12-07 01:47 - 2013-12-07 01:47 - 00001117 _____ C:\Users\middle3\Desktop\Poker Coach.lnk

2013-12-07 01:47 - 2013-12-07 01:46 - 00000000 ____D C:\Program Files (x86)\PokerCoach

2013-12-07 01:46 - 2013-12-07 01:46 - 00000000 ____D C:\Users\middle3\Documents\PokerCoach

2013-12-07 01:35 - 2012-03-14 01:13 - 00000000 ____D C:\Users\middle3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games

2013-12-07 01:34 - 2013-12-07 01:34 - 06832656 _____ (Snowie Games Ltd                                            ) C:\Users\middle3\Downloads\PokerCoachSetup.exe

2013-12-07 01:31 - 2013-12-07 01:31 - 00001107 _____ C:\Users\middle3\Desktop\Backgammon Snowie.lnk

2013-12-07 01:30 - 2013-12-07 01:30 - 12367586 _____ (Snowie Games Limited                                        ) C:\Users\middle3\Downloads\Snowie Setup.exe

2013-12-07 01:30 - 2013-12-07 01:30 - 00000000 ____D C:\Program Files (x86)\SnowieGroup

2013-12-05 20:06 - 2012-03-13 12:12 - 00002380 _____ C:\Users\middle3\Desktop\Google Chrome.lnk

2013-12-05 15:54 - 2011-11-17 04:39 - 00000000 ____D C:\Program Files (x86)\SABnzbd

2013-12-05 00:21 - 2009-07-14 00:13 - 00793234 _____ C:\Windows\system32\PerfStringBackup.INI

2013-12-02 18:24 - 2012-07-26 13:32 - 00000000 ____D C:\Program Files (x86)\PlayersOnly

2013-12-01 20:56 - 2013-04-24 17:45 - 00000000 ____D C:\Users\middle3\AppData\Local\eclipse

2013-12-01 10:04 - 2012-08-08 20:55 - 00003896 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2013-12-01 10:04 - 2012-08-08 20:55 - 00003644 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2013-11-29 14:22 - 2013-10-26 22:07 - 00030676 _____ C:\Users\middle3\Desktop\betowi.odt

2013-11-29 11:42 - 2013-11-29 11:42 - 00001743 _____ C:\Users\Public\Desktop\iTunes.lnk

2013-11-29 11:41 - 2013-11-29 11:41 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2013-11-29 11:41 - 2013-11-29 11:41 - 00000000 ____D C:\Program Files\iTunes

2013-11-29 11:41 - 2013-11-29 11:41 - 00000000 ____D C:\Program Files\iPod

2013-11-29 11:41 - 2013-11-29 11:41 - 00000000 ____D C:\Program Files (x86)\iTunes

2013-11-29 11:40 - 2012-04-09 11:30 - 00000000 ____D C:\Users\middle3\AppData\Local\Adobe

2013-11-29 11:38 - 2013-08-30 00:36 - 00001030 _____ C:\Users\Public\Desktop\VLC media player.lnk

2013-11-29 11:37 - 2013-11-29 11:37 - 24489269 _____ C:\Users\middle3\Downloads\vlc-2.1.1-win32.exe

2013-11-29 11:36 - 2013-04-24 13:33 - 00000000 ____D C:\Users\middle3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

2013-11-29 11:36 - 2011-12-31 10:48 - 00000000 ____D C:\Program Files\WinRAR

2013-11-29 11:25 - 2013-11-29 11:25 - 01970848 _____ C:\Users\middle3\Downloads\winrar-x64-500.exe

2013-11-27 22:59 - 2011-12-30 16:58 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1526527927-2342081291-3310083387-1000UA

2013-11-27 22:59 - 2011-12-30 16:58 - 00003498 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1526527927-2342081291-3310083387-1000Core

2013-11-26 17:47 - 2012-03-23 00:27 - 00034766 _____ C:\Users\middle3\Desktop\uf 15.odt

2013-11-25 23:15 - 2013-11-25 16:48 - 00000000 ____D C:\Users\middle3\Desktop\18

2013-11-25 17:17 - 2013-11-25 16:57 - 00000000 ____D C:\Users\middle3\Downloads\UFC.TUF.18.Finale.Gamblers.Pack-alienator13

2013-11-24 20:47 - 2012-10-15 15:24 - 00023574 _____ C:\Users\middle3\Desktop\New OpenDocument Text (3).odt

2013-11-24 01:11 - 2013-11-24 01:11 - 00000000 ____D C:\Users\middle3\AppData\Roaming\AVAST Software

2013-11-24 01:06 - 2013-11-24 01:06 - 00001966 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk

2013-11-24 01:05 - 2013-03-15 17:12 - 00205320 _____ C:\Windows\system32\Drivers\aswVmm.sys

2013-11-24 01:05 - 2013-03-15 17:11 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys

2013-11-24 01:05 - 2012-03-24 01:08 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys

2013-11-24 01:05 - 2011-12-30 17:06 - 00409832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys

2013-11-24 01:05 - 2011-12-30 17:06 - 00038984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys

2013-11-24 01:05 - 2011-12-30 17:05 - 01032416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys

2013-11-24 01:05 - 2011-12-30 17:05 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe

2013-11-24 01:05 - 2011-12-30 17:05 - 00084328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys

2013-11-24 01:05 - 2011-12-30 17:05 - 00065264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys

2013-11-24 01:05 - 2011-12-30 17:02 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr

2013-11-24 01:02 - 2011-12-30 17:05 - 00000000 _____ C:\Windows\SysWOW64\config.nt

2013-11-24 01:02 - 2011-12-30 17:02 - 00000000 ____D C:\ProgramData\AVAST Software

2013-11-21 19:28 - 2012-05-03 18:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2013-11-21 13:41 - 2013-08-29 12:55 - 00000000 ____D C:\Users\middle3\Desktop\New folder (2)

2013-11-20 15:30 - 2013-11-20 15:30 - 00048545 _____ C:\Users\middle3\Desktop\Vin# SHSRD78863U152717.html

2013-11-20 10:46 - 2013-11-20 10:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird

2013-11-19 21:18 - 2013-11-19 21:11 - 522727358 _____ C:\Users\middle3\Downloads\Family photos 2013.zip

2013-11-19 19:17 - 2013-11-19 19:17 - 00000000 ____D C:\Users\middle3\AppData\Local\NVIDIA Corporation

2013-11-19 19:00 - 2013-11-19 18:56 - 00098304 _____ C:\Users\middle3\Desktop\km_optimizer2.xls

2013-11-19 17:37 - 2013-11-19 17:37 - 00002014 _____ C:\Users\Public\Desktop\Foxit Reader.lnk

2013-11-19 17:37 - 2012-01-16 14:22 - 00000000 ____D C:\Users\middle3\AppData\Roaming\Foxit Software

2013-11-19 17:37 - 2012-01-05 11:54 - 00000000 ____D C:\Program Files (x86)\Foxit Software

2013-11-19 15:40 - 2013-11-19 15:39 - 09099196 _____ C:\Users\middle3\Downloads\The Little Bit _.7z

2013-11-17 13:50 - 2013-11-10 14:17 - 00016217 _____ C:\Users\middle3\Desktop\nascar.ods

2013-11-16 14:13 - 2012-02-25 11:08 - 00000000 ____D C:\Users\middle3\AppData\Local\Paint.NET

2013-11-15 14:57 - 2012-01-26 21:16 - 00000000 ____D C:\Program Files (x86)\Bovada Casino

2013-11-15 14:56 - 2012-01-16 14:33 - 00000000 ____D C:\Users\middle3\AppData\Roaming\Bitcoin

2013-11-15 13:06 - 2013-11-15 12:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2013-11-15 01:12 - 2013-11-15 00:52 - 00000000 ____D C:\Users\middle3\.kindle

2013-11-15 00:54 - 2013-11-15 00:54 - 00000000 ____D C:\Users\middle3\AppData\Roaming\Amazon

2013-11-15 00:54 - 2013-11-15 00:54 - 00000000 ____D C:\Users\middle3\AppData\Local\webkit

2013-11-15 00:52 - 2011-12-30 13:38 - 00000000 ____D C:\Users\middle3

2013-11-15 00:51 - 2013-11-15 00:51 - 00000000 ____D C:\Users\middle3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon

2013-11-15 00:51 - 2013-11-15 00:51 - 00000000 ____D C:\Users\middle3\AppData\Local\Amazon

2013-11-15 00:50 - 2013-11-15 00:49 - 188328784 _____ C:\Users\middle3\Downloads\KindlePreviewerInstall.exe

2013-11-15 00:48 - 2013-11-15 00:48 - 00894600 _____ (CNET Download.com) C:\Users\middle3\Downloads\cbsidlm-cbsi134-EPUB_to_MOBI-SEO-75613706.exe

2013-11-15 00:48 - 2013-11-15 00:48 - 00894600 _____ (CNET Download.com) C:\Users\middle3\Downloads\cbsidlm-cbsi134-EPUB_to_MOBI-SEO-75613706 (1).exe

2013-11-15 00:43 - 2013-11-15 00:43 - 00000000 ____D C:\Users\middle3\Desktop\New folder (3)

2013-11-13 23:24 - 2013-10-17 14:53 - 00014651 _____ C:\Users\middle3\Desktop\florida.odt

2013-11-13 13:56 - 2013-07-14 14:42 - 00000000 ____D C:\Windows\system32\MRT

2013-11-13 13:51 - 2011-12-30 17:34 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2013-11-11 21:07 - 2013-09-12 00:49 - 00000000 ____D C:\BlackChipPoker

2013-11-11 20:26 - 2013-11-11 20:26 - 00010718 _____ C:\Users\middle3\Desktop\nfl push chart.odt

 

Some content of TEMP:

====================

C:\Users\middle3\AppData\Local\Temp\Checkupdate.exe

C:\Users\middle3\AppData\Local\Temp\Foxit Reader Updater.exe

C:\Users\middle3\AppData\Local\Temp\gcapi_dll.dll

C:\Users\middle3\AppData\Local\Temp\gtapi_signed.dll

C:\Users\middle3\AppData\Local\Temp\Quarantine.exe

 

 

==================== Bamital & volsnap Check =================

 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

 

 

LastRegBack: 2013-12-10 12:37

 

==================== End Of Log ============================

Link to post
Share on other sites

Download attached fixlist.txt file and save it to the Desktop, or the folder you saved FRST into.

NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

 

Run FRST and press the Fix button just once and wait.


The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

Next,

 

Run Malwarebytes,  Open > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Quick scan

Make sure that everything is checked, and click Remove Selected on any found items.

 

Post that log.

 

Next,

 

Run Eset Online Scanner

 

**Note** You will need to use Internet explorer for this scan - Vista and win 7 right click on IE shortcut and run as admin

 

Go to Eset web page http://www.eset.com/us/online-scanner/ to run an online scan from ESET.

 

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • click on the Run ESET Online Scanner button
  • Tick the box next to YES, I accept the Terms of Use.
    Click Start
  • When asked, allow the add/on to be installed
    Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings, ensure the options
  • Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
    Click Scan
  • wait for the virus definitions to be downloaded
  • Wait for the scan to finish

 

When the scan is complete

 

  • If no threats were found
  • put a checkmark in "Uninstall application on close"
  • close program
  • report to me that nothing was found

 

If threats were found

 

  • click on "list of threats found"
  • click on "export to text file" and save it as ESET SCAN and save to the desktop
  • Click on back
  • put a checkmark in "Uninstall application on close"
  • click on finish

 

close program

 

copy and paste the report in next reply

 

Post produced logs...

 

Kevin

 

fixlist.txt

Link to post
Share on other sites
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-12-2013

Ran by middle3 at 2013-12-11 22:06:22 Run:1

Running from C:\Users\middle3\Downloads

Boot Mode: Normal

==============================================

 

Content of fixlist:

*****************

Start

U3 ahopzzqw; C:\Windows\System32\Drivers\ahopzzqw.sys [0 ] (Microsoft Corporation)

C:\Windows\System32\Drivers\ahopzzqw.sys

S3 gwiopm; \??\C:\Users\middle3\AppData\Local\Temp\HBCD\gwiopm.sys [x]

C:\Users\middle3\AppData\Local\Temp\HBCD\gwiopm.sys

C:\Users\middle3\AppData\Local\Temp\Checkupdate.exe

C:\Users\middle3\AppData\Local\Temp\Foxit Reader Updater.exe

C:\Users\middle3\AppData\Local\Temp\gcapi_dll.dll

C:\Users\middle3\AppData\Local\Temp\gtapi_signed.dll

C:\Users\middle3\AppData\Local\Temp\Quarantine.exe

2009-07-13 21:34 - 2013-08-01 23:05 - 00000988 ____A C:\Windows\system32\Drivers\etc\hosts

AlternateDataStreams: C:\Program Files (x86)\Cake Poker 2.0:MID

AlternateDataStreams: C:\Program Files (x86)\Juicy Stakes 2.0:MID

AlternateDataStreams: C:\Program Files (x86)\Lock Poker:MID

End

 

 

 

*****************

 

ahopzzqw => Service not found.

"C:\Windows\System32\Drivers\ahopzzqw.sys" => File/Directory not found.

gwiopm => Service deleted successfully.

"C:\Users\middle3\AppData\Local\Temp\HBCD\gwiopm.sys" => File/Directory not found.

C:\Users\middle3\AppData\Local\Temp\Checkupdate.exe => Moved successfully.

C:\Users\middle3\AppData\Local\Temp\Foxit Reader Updater.exe => Moved successfully.

C:\Users\middle3\AppData\Local\Temp\gcapi_dll.dll => Moved successfully.

C:\Users\middle3\AppData\Local\Temp\gtapi_signed.dll => Moved successfully.

C:\Users\middle3\AppData\Local\Temp\Quarantine.exe => Moved successfully.

C:\Windows\system32\Drivers\etc\hosts => Moved successfully.

C:\Program Files (x86)\Cake Poker 2.0 => ":MID" ADS removed successfully.

C:\Program Files (x86)\Juicy Stakes 2.0 => ":MID" ADS removed successfully.

C:\Program Files (x86)\Lock Poker => ":MID" ADS removed successfully.

 

==== End of Fixlog ====

Link to post
Share on other sites
C:\AdwCleaner\Quarantine\C\Program Files (x86)\TVersitybar\ldrtbTVe0.dll.vir a variant of Win32/Toolbar.Conduit.P application

C:\AdwCleaner\Quarantine\C\Program Files (x86)\TVersitybar\ldrtbTVe2.dll.vir a variant of Win32/Toolbar.Conduit.P application

C:\AdwCleaner\Quarantine\C\Program Files (x86)\TVersitybar\ldrtbTVer.dll.vir a variant of Win32/Toolbar.Conduit.P application

C:\AdwCleaner\Quarantine\C\Program Files (x86)\TVersitybar\prxtbTVe0.dll.vir Win32/Toolbar.Conduit.N application

C:\AdwCleaner\Quarantine\C\Program Files (x86)\TVersitybar\prxtbTVe1.dll.vir Win32/Toolbar.Conduit.N application

C:\AdwCleaner\Quarantine\C\Program Files (x86)\TVersitybar\prxtbTVer.dll.vir Win32/Toolbar.Conduit.O application

C:\AdwCleaner\Quarantine\C\Program Files (x86)\TVersitybar\tbTVe0.dll.vir a variant of Win32/Toolbar.Conduit.B application

C:\AdwCleaner\Quarantine\C\Program Files (x86)\TVersitybar\tbTVe2.dll.vir a variant of Win32/Toolbar.Conduit.B application

C:\AdwCleaner\Quarantine\C\Program Files (x86)\TVersitybar\tbTVer.dll.vir a variant of Win32/Toolbar.Conduit.B application

C:\AdwCleaner\Quarantine\C\Users\middle3\AppData\Local\TVersitybar\ldrtbTVe0.dll.vir a variant of Win32/Toolbar.Conduit.P application

C:\AdwCleaner\Quarantine\C\Users\middle3\AppData\Local\TVersitybar\ldrtbTVe2.dll.vir a variant of Win32/Toolbar.Conduit.P application

C:\AdwCleaner\Quarantine\C\Users\middle3\AppData\Local\TVersitybar\ldrtbTVer.dll.vir a variant of Win32/Toolbar.Conduit.P application

C:\AdwCleaner\Quarantine\C\Users\middle3\AppData\Local\TVersitybar\tbTVe0.dll.vir a variant of Win32/Toolbar.Conduit.B application

C:\AdwCleaner\Quarantine\C\Users\middle3\AppData\Local\TVersitybar\tbTVe2.dll.vir a variant of Win32/Toolbar.Conduit.B application

C:\AdwCleaner\Quarantine\C\Users\middle3\AppData\Local\TVersitybar\tbTVer.dll.vir a variant of Win32/Toolbar.Conduit.B application

C:\AdwCleaner\Quarantine\C\Users\middle3\AppData\LocalLow\TVersitybar\ldrtbTVe0.dll.vir a variant of Win32/Toolbar.Conduit.P application

C:\AdwCleaner\Quarantine\C\Users\middle3\AppData\LocalLow\TVersitybar\ldrtbTVe2.dll.vir a variant of Win32/Toolbar.Conduit.P application

C:\AdwCleaner\Quarantine\C\Users\middle3\AppData\LocalLow\TVersitybar\ldrtbTVer.dll.vir a variant of Win32/Toolbar.Conduit.P application

C:\AdwCleaner\Quarantine\C\Users\middle3\AppData\LocalLow\TVersitybar\tbTVe0.dll.vir a variant of Win32/Toolbar.Conduit.B application

C:\AdwCleaner\Quarantine\C\Users\middle3\AppData\LocalLow\TVersitybar\tbTVe2.dll.vir a variant of Win32/Toolbar.Conduit.B application

C:\AdwCleaner\Quarantine\C\Users\middle3\AppData\LocalLow\TVersitybar\tbTVer.dll.vir a variant of Win32/Toolbar.Conduit.B application

C:\downloads\setup.exe Win32/RubyRoyal application

C:\Program Files (x86)\Square Enix\FINAL FANTASY VII\rld.dll Win32/HackTool.Crack.BB application

C:\Program Files (x86)\uTorrent\uTorrent.exe a variant of Win32/Bunndle application

C:\televisiondownloads\dead island riptide\Dead Island Riptide (Pre-Cracked)\steam_api.dll a variant of Win32/HackTool.Crack.BQ application

C:\televisiondownloads\surgeon simulator\Surgeon_Simulator_2013_STEAM_RiP\ss2013.exe multiple threats

C:\Users\middle3\Desktop\from left (new 2012)\xbox 360 mods\JungleFlasher v0.1.64 Beta\PortIO32.exe a variant of MSIL/TrojanDropper.Agent.EH trojan

C:\Users\middle3\Desktop\from left (new 2012)\xbox 360 mods\JungleFlasher v0.1.64 Beta\What.NET.exe a variant of MSIL/TrojanDropper.Agent.EH trojan

C:\Users\middle3\Desktop\from left (new 2012)\xbox 360 mods\JungleFlasher.0.1.60.Beta\JungleFlasher v0.1.60 Beta\PortIO32.exe a variant of MSIL/TrojanDropper.Agent.EH trojan

C:\Users\middle3\Desktop\from left (new 2012)\xbox 360 mods\JungleFlasher.0.1.60.Beta\JungleFlasher v0.1.60 Beta\What.NET.exe a variant of MSIL/TrojanDropper.Agent.EH trojan

C:\Users\middle3\Desktop\Old f drive\former f drive\Documents\Final Draft v7.1.1.19\Patch.exe a variant of Win32/HackTool.Patcher.A application

C:\Users\middle3\Desktop\Old f drive\from old middle drive\blue flash backup\aaron backup\JungleFlasher v0.1.64 Beta\PortIO32.exe a variant of MSIL/TrojanDropper.Agent.EH trojan

C:\Users\middle3\Desktop\Old f drive\from old middle drive\blue flash backup\aaron backup\JungleFlasher v0.1.64 Beta\What.NET.exe a variant of MSIL/TrojanDropper.Agent.EH trojan

C:\Users\middle3\Desktop\Old f drive\from old middle drive\Flash Drive Backup\JungleFlasher v0.1.64 Beta\PortIO32.exe a variant of MSIL/TrojanDropper.Agent.EH trojan

C:\Users\middle3\Desktop\Old f drive\from old middle drive\Flash Drive Backup\JungleFlasher v0.1.64 Beta\What.NET.exe a variant of MSIL/TrojanDropper.Agent.EH trojan

C:\Users\middle3\Desktop\Old f drive\from old middle drive\JungleFlasher v0.1.64 Beta\PortIO32.exe a variant of MSIL/TrojanDropper.Agent.EH trojan

C:\Users\middle3\Desktop\Old f drive\from old middle drive\JungleFlasher v0.1.64 Beta\What.NET.exe a variant of MSIL/TrojanDropper.Agent.EH trojan

C:\Users\middle3\Documents\downloads\SetupImgBurn_2.5.1.0.exe multiple threats

C:\Users\middle3\Downloads\background_changer.exe multiple threats

C:\Users\middle3\Downloads\cbsidlm-cbsi134-EPUB_to_MOBI-SEO-75613706 (1).exe a variant of Win32/CNETInstaller.B application

C:\Users\middle3\Downloads\cbsidlm-cbsi134-EPUB_to_MOBI-SEO-75613706.exe a variant of Win32/CNETInstaller.B application

C:\Users\middle3\Downloads\GraboidVideoSetup-3.11.exe Win32/Graboid application

C:\Users\middle3\Downloads\Pick_up_Magazine_-_Issue_8_2013 via AnySend.exe Win32/AnySend.A application

C:\Users\middle3\Downloads\smbx13.exe Win32/OpenCandy application

C:\Users\middle3\Downloads\utorrent.exe a variant of Win32/Bunndle application
Link to post
Share on other sites

Download OTM from either of the following links and save to your Desktop: (If your security alerts to OTM, either accept the alert or turn off security to allow OTM to run)

http://oldtimer.geekstogo.com/OTM.exe.
http://www.itxassociates.com/OT-Tools/OTM.com
http://www.itxassociates.com/OT-Tools/OTM.exe  

Double click OTM.exe to start the tool. Vista or Windows 7 users accepy UAC alert. Be aware all processes will be stopped during run, also Desktop will disappear, this will be put back on completion.... If your security alerts to OTM either, accept the alert or turn off security until OTM completes...

  • Copy the text from the code box belowbelow to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy). Ensure to start with and include the colon before Files :Files

    :Filesipconfig /flushdns /cC:\downloads\setup.exeC:\Program Files (x86)\Square Enix\FINAL FANTASY VII\rld.dllC:\Program Files (x86)\uTorrentC:\televisiondownloads\dead island riptide\Dead Island Riptide (Pre-Cracked)\steam_api.dllC:\televisiondownloads\surgeon simulator\Surgeon_Simulator_2013_STEAM_RiP\ss2013.exeC:\Users\middle3\Desktop\from left (new 2012)\xbox 360 mods\JungleFlasher v0.1.64 Beta\PortIO32.exeC:\Users\middle3\Desktop\from left (new 2012)\xbox 360 mods\JungleFlasher v0.1.64 Beta\What.NET.exeC:\Users\middle3\Desktop\from left (new 2012)\xbox 360 mods\JungleFlasher.0.1.60.Beta\JungleFlasher v0.1.60 Beta\PortIO32.exeC:\Users\middle3\Desktop\from left (new 2012)\xbox 360 mods\JungleFlasher.0.1.60.Beta\JungleFlasher v0.1.60 Beta\What.NET.exeC:\Users\middle3\Desktop\Old f drive\former f drive\Documents\Final Draft v7.1.1.19\Patch.exeC:\Users\middle3\Desktop\Old f drive\from old middle drive\blue flash backup\aaron backup\JungleFlasher v0.1.64 Beta\PortIO32.exeC:\Users\middle3\Desktop\Old f drive\from old middle drive\blue flash backup\aaron backup\JungleFlasher v0.1.64 Beta\What.NET.exeC:\Users\middle3\Desktop\Old f drive\from old middle drive\Flash Drive Backup\JungleFlasher v0.1.64 Beta\PortIO32.exeC:\Users\middle3\Desktop\Old f drive\from old middle drive\Flash Drive Backup\JungleFlasher v0.1.64 Beta\What.NET.exeC:\Users\middle3\Desktop\Old f drive\from old middle drive\JungleFlasher v0.1.64 Beta\PortIO32.exeC:\Users\middle3\Desktop\Old f drive\from old middle drive\JungleFlasher v0.1.64 Beta\What.NET.exeC:\Users\middle3\Documents\downloads\SetupImgBurn_2.5.1.0.exeC:\Users\middle3\Downloads\background_changer.exeC:\Users\middle3\Downloads\cbsidlm-cbsi134-EPUB_to_MOBI-SEO-75613706 (1).exeC:\Users\middle3\Downloads\cbsidlm-cbsi134-EPUB_to_MOBI-SEO-75613706.exeC:\Users\middle3\Downloads\GraboidVideoSetup-3.11.exeC:\Users\middle3\Downloads\Pick_up_Magazine_-_Issue_8_2013 via AnySend.exeC:\Users\middle3\Downloads\smbx13.exeC:\Users\middle3\Downloads\utorrent.exe:Commands[EmptyTemp]
  • Return to OTMoveIt3, right click in the "Paste Instructions for Items to be Moved" window (under the yellow bar) and choose Paste.
  • Click the red btnmoveit.png button.
  • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTM


Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

If the machine reboots, the Results log can be found here:

c:\_OTMoveIt\MovedFiles\mmddyyyy_hhmmss.log

Where mmddyyyy_hhmmss is the date of the tool run.

 

Next,

 

Download Security Check by screen317 from either of the following:

http://screen317.spywareinfoforum.org/SecurityCheck.exe or http://screen317.changelog.fr/SecurityCheck.exe

Save it to your Desktop. (If your security alerts either accept the alert, or turn the security off while Secuirity Check runs)

Double click SecurityCheck.exe (Vista or Windows 7 users right click and select "Run as Administrator") and follow the onscreen instructions inside of the black box. Press any key when asked.

A Notepad document should open automatically called checkup.txt; please post the contents of that document.

 

Post those logs, let me know if any remaining issues or concerns...

Link to post
Share on other sites
All processes killed

========== FILES ==========

< ipconfig /flushdns /c >

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

C:\Users\middle3\Downloads\cmd.bat deleted successfully.

C:\Users\middle3\Downloads\cmd.txt deleted successfully.

C:\downloads\setup.exe moved successfully.

DllUnregisterServer procedure not found in C:\Program Files (x86)\Square Enix\FINAL FANTASY VII\rld.dll

C:\Program Files (x86)\Square Enix\FINAL FANTASY VII\rld.dll moved successfully.

C:\Program Files (x86)\uTorrent folder moved successfully.

LoadLibrary failed for C:\televisiondownloads\dead island riptide\Dead Island Riptide (Pre-Cracked)\steam_api.dll

C:\televisiondownloads\dead island riptide\Dead Island Riptide (Pre-Cracked)\steam_api.dll moved successfully.

C:\televisiondownloads\surgeon simulator\Surgeon_Simulator_2013_STEAM_RiP\ss2013.exe moved successfully.

C:\Users\middle3\Desktop\from left (new 2012)\xbox 360 mods\JungleFlasher v0.1.64 Beta\PortIO32.exe moved successfully.

C:\Users\middle3\Desktop\from left (new 2012)\xbox 360 mods\JungleFlasher v0.1.64 Beta\What.NET.exe moved successfully.

C:\Users\middle3\Desktop\from left (new 2012)\xbox 360 mods\JungleFlasher.0.1.60.Beta\JungleFlasher v0.1.60 Beta\PortIO32.exe moved successfully.

C:\Users\middle3\Desktop\from left (new 2012)\xbox 360 mods\JungleFlasher.0.1.60.Beta\JungleFlasher v0.1.60 Beta\What.NET.exe moved successfully.

C:\Users\middle3\Desktop\Old f drive\former f drive\Documents\Final Draft v7.1.1.19\Patch.exe moved successfully.

C:\Users\middle3\Desktop\Old f drive\from old middle drive\blue flash backup\aaron backup\JungleFlasher v0.1.64 Beta\PortIO32.exe moved successfully.

C:\Users\middle3\Desktop\Old f drive\from old middle drive\blue flash backup\aaron backup\JungleFlasher v0.1.64 Beta\What.NET.exe moved successfully.

C:\Users\middle3\Desktop\Old f drive\from old middle drive\Flash Drive Backup\JungleFlasher v0.1.64 Beta\PortIO32.exe moved successfully.

C:\Users\middle3\Desktop\Old f drive\from old middle drive\Flash Drive Backup\JungleFlasher v0.1.64 Beta\What.NET.exe moved successfully.

C:\Users\middle3\Desktop\Old f drive\from old middle drive\JungleFlasher v0.1.64 Beta\PortIO32.exe moved successfully.

C:\Users\middle3\Desktop\Old f drive\from old middle drive\JungleFlasher v0.1.64 Beta\What.NET.exe moved successfully.

C:\Users\middle3\Documents\downloads\SetupImgBurn_2.5.1.0.exe moved successfully.

C:\Users\middle3\Downloads\background_changer.exe moved successfully.

C:\Users\middle3\Downloads\cbsidlm-cbsi134-EPUB_to_MOBI-SEO-75613706 (1).exe moved successfully.

C:\Users\middle3\Downloads\cbsidlm-cbsi134-EPUB_to_MOBI-SEO-75613706.exe moved successfully.

C:\Users\middle3\Downloads\GraboidVideoSetup-3.11.exe moved successfully.

C:\Users\middle3\Downloads\Pick_up_Magazine_-_Issue_8_2013 via AnySend.exe moved successfully.

C:\Users\middle3\Downloads\smbx13.exe moved successfully.

C:\Users\middle3\Downloads\utorrent.exe moved successfully.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: All Users

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

->Flash cache emptied: 57472 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

 

User: middle3

->Temp folder emptied: 11792661 bytes

->Temporary Internet Files folder emptied: 22175142 bytes

->Java cache emptied: 536093 bytes

->FireFox cache emptied: 189519709 bytes

->Google Chrome cache emptied: 368046757 bytes

->Flash cache emptied: 59922 bytes

 

User: postgres

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

 

User: Public

 

User: UpdatusUser

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

->Flash cache emptied: 57472 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32 (64bit) .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 8408321 bytes

%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 66525078 bytes

%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67496 bytes

RecycleBin emptied: 0 bytes

 

Total Files Cleaned = 636.00 mb

 

 

OTM by OldTimer - Version 3.1.21.0 log created on 12122013_172455

 

Files moved on Reboot...

C:\Users\middle3\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

File C:\Windows\temp\_avast_\Webshlock.txt not found!

File move failed. C:\Windows\temp\TmpFile1 scheduled to be moved on reboot.

 

Registry entries deleted on Reboot...
Link to post
Share on other sites
 Results of screen317's Security Check version 0.99.77  

 Windows 7  x64 (UAC is disabled!)  


 Internet Explorer 11  

``````````````Antivirus/Firewall Check:`````````````` 

 Windows Firewall Enabled!  

avast! Antivirus   

 Antivirus up to date!   

`````````Anti-malware/Other Utilities Check:````````` 

 Spybot - Search & Destroy 

 Malwarebytes Anti-Malware version 1.75.0.1300  

 TuneUp Utilities 2012   

 TuneUp Utilities Language Pack (en-US) 

 NirSoft RegScanner    

 JavaFX 2.1.1    

 Java 7 Update 45  

 Adobe Flash Player 11.9.900.170  

 Mozilla Firefox (25.0.1) 

 Mozilla Thunderbird (24.2.0) 

 Google Chrome 31.0.1650.57  

 Google Chrome 31.0.1650.63  

 Google Chrome plugins...  

````````Process Check: objlist.exe by Laurent````````  

`````````````````System Health check````````````````` 

 Total Fragmentation on Drive C: 1% 

````````````````````End of Log`````````````````````` 
Link to post
Share on other sites

I appreciate all the help you've given me.

 

I am having a new problem that started since we began this process.  When I mount an encrypted drive with truecrypt, explorer gives me a blank window and says "Drive:X is not accessible."  When I try to access this mounted drive it takes a long time (2-3 minutes) in responding and gives me an error, "You need to format the drive before you can use it"  The drive has data on it.     Plus Windows Explorer seems to behave erratically as long as the drive is mounted.

 

This drive worked fine prior to doing all of this.  Is it possible we removed a driver along the way?  

Link to post
Share on other sites

We remove no entries related to TrueCrypt, can you re-install, does that make any difference... Also you have not installed Service Pack One (SP1) for your system, any reason for that...

 

Run the following:

 

Download CKScanner from here: http://downloads.malwareremoval.com/CKScanner.exe

Important - Save it to your desktop.

Doubleclick CKScanner.exe (Right click and "Run as administrator" in Vista/Win7).

Give permission if necessary, and click Search For Files.

After a very short time, when the cursor hourglass disappears, click Save List To File.

A message box will verify the file saved. Please run the program once only.

Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.

Link to post
Share on other sites
CKScanner 2.4 - Additional Security Risks - These are not necessarily bad

c:\downloads\crackleplugininstaller.exe

c:\program files\comicrack\changes.txt

c:\program files\comicrack\comicrack.engine.display.forms.dll

c:\program files\comicrack\comicrack.engine.dll

c:\program files\comicrack\comicrack.exe

c:\program files\comicrack\comicrack.exe.config

c:\program files\comicrack\comicrack.ini

c:\program files\comicrack\comicrack.plugins.dll

c:\program files\comicrack\comicrack.url

c:\program files\comicrack\cyo.common.dll

c:\program files\comicrack\cyo.common.presentation.dll

c:\program files\comicrack\cyo.common.windows.dll

c:\program files\comicrack\defaultlists.txt

c:\program files\comicrack\icsharpcode.sharpziplib.dll

c:\program files\comicrack\ironpython.dll

c:\program files\comicrack\ironpython.modules.dll

c:\program files\comicrack\license.txt

c:\program files\comicrack\microsoft.dynamic.dll

c:\program files\comicrack\microsoft.scripting.dll

c:\program files\comicrack\microsoft.scripting.metadata.dll

c:\program files\comicrack\microsoft.windowsapicodepack.dll

c:\program files\comicrack\microsoft.windowsapicodepack.shell.dll

c:\program files\comicrack\mysql.data.dll

c:\program files\comicrack\newstemplate.html

c:\program files\comicrack\readme.txt

c:\program files\comicrack\sharpcompress.dll

c:\program files\comicrack\sharppdf.dll

c:\program files\comicrack\tao.opengl.dll

c:\program files\comicrack\tao.platform.windows.dll

c:\program files\comicrack\uninst.exe

c:\program files\comicrack\windows7.multitouch.dll

c:\program files\comicrack\help\comicrack introduction.djvu

c:\program files\comicrack\help\comicrack introduction.djvu.xml

c:\program files\comicrack\help\comicrack online manual.ini

c:\program files\comicrack\help\comicrack wiki.ini

c:\program files\comicrack\help\readme.txt

c:\program files\comicrack\resources\7z.dll

c:\program files\comicrack\resources\7z.exe

c:\program files\comicrack\resources\7z64.dll

c:\program files\comicrack\resources\c44.exe

c:\program files\comicrack\resources\ddjvu.exe

c:\program files\comicrack\resources\djvm.exe

c:\program files\comicrack\resources\libdjvulibre.dll

c:\program files\comicrack\resources\libjpeg.dll

c:\program files\comicrack\resources\libtiff.dll

c:\program files\comicrack\resources\libz.dll

c:\program files\comicrack\resources\icons\ageratings.zip

c:\program files\comicrack\resources\icons\ageratings_australia.zip

c:\program files\comicrack\resources\icons\formats.zip

c:\program files\comicrack\resources\icons\publishers.zip

c:\program files\comicrack\resources\icons\special.zip

c:\program files\comicrack\scripts\autonumber.py

c:\program files\comicrack\scripts\commitproposed.py

c:\program files\comicrack\scripts\newcomics.py

c:\program files\comicrack\scripts\otherscripts.py

c:\program files\comicrack\scripts\package.ini

c:\program files\comicrack\scripts\sample.py

c:\program files\comicrack\scripts\sample.xml

c:\program files\comicrack\scripts\searchandreplace.py

c:\program files\r\r-3.0.2\library\survival\tests\data.cracks

c:\program files (x86)\capcom\resident evil operation raccoon city\dlc\pack1\worlds\data\textures\decals\concrete_cracks_01_d.dds

c:\program files (x86)\capcom\resident evil operation raccoon city\dlc\pack1\worlds\data\textures\decals\concrete_cracks_01_n.dds

c:\program files (x86)\capcom\resident evil operation raccoon city\dlc\pack1\worlds\data\textures\terrain\concrete_cracked_01_d.dds

c:\program files (x86)\capcom\resident evil operation raccoon city\dlc\pack1\worlds\data\textures\terrain\concrete_cracked_01_m.dds

c:\program files (x86)\capcom\resident evil operation raccoon city\dlc\pack1\worlds\data\textures\terrain\concrete_cracked_01_n.dds

c:\program files (x86)\capcom\resident evil operation raccoon city\dlc\pack1\worlds\data\textures\terrain\concrete_cracked_01_s.dds

c:\program files (x86)\capcom\resident evil operation raccoon city\dlc\pack1\worlds\surfaces\decals\dec_concrete_cracks_01.matb

c:\program files (x86)\dont starve\data\inventoryimages\tallbirdegg_cracked.tex

c:\program files (x86)\dont starve\data\scripts\components\wisecracker.lua

c:\program files (x86)\gimp-2.0\share\gimp\2.0\patterns\cracked.pat

c:\program files (x86)\rvg software\holdem manager\keygenerateclasslibrary.dll

c:\program files (x86)\shadowrun returns\shadowrun_data\streamingassets\contentpacks\dead_man_switch\data\props\hive_floor_cementcracked01.pb.bytes

c:\program files (x86)\shadowrun returns\shadowrun_data\streamingassets\contentpacks\dead_man_switch\data\props\hive_floor_cementcracked02.pb.bytes

c:\program files (x86)\shadowrun returns\shadowrun_data\streamingassets\contentpacks\dead_man_switch\data\props\hive_floor_cementcracked03.pb.bytes

c:\program files (x86)\shadowrun returns\shadowrun_data\streamingassets\contentpacks\dead_man_switch\data\props\hive_floor_cementcracked04.pb.bytes

c:\program files (x86)\shadowrun returns\shadowrun_data\streamingassets\contentpacks\dead_man_switch\data\props\hive_floor_cementcracked05.pb.bytes

c:\program files (x86)\shadowrun returns\shadowrun_data\streamingassets\contentpacks\seattle\data\props\office_decor_wallcrack01.pb.bytes

c:\program files (x86)\shadowrun returns\shadowrun_data\streamingassets\contentpacks\seattle\data\props\office_ground_groundcrack01.pb.bytes

c:\program files (x86)\shadowrun returns\shadowrun_data\streamingassets\contentpacks\seattle\data\props\office_ground_groundcrack02.pb.bytes

c:\program files (x86)\shadowrun returns\shadowrun_data\streamingassets\contentpacks\seattle\data\props\pikeplace_ground_cracks01.pb.bytes

c:\program files (x86)\shadowrun returns\shadowrun_data\streamingassets\contentpacks\seattle\data\props\pikeplace_ground_cracks02.pb.bytes

c:\program files (x86)\shadowrun returns\shadowrun_data\streamingassets\contentpacks\seattle\data\props\pikeplace_ground_cracks03.pb.bytes

c:\program files (x86)\steam\steamapps\common\aquaria\scripts\entities\energyorbcracked.lua

c:\program files (x86)\steam\steamapps\common\aquaria\sfx\local\licage-crack1.ogg

c:\program files (x86)\steam\steamapps\common\aquaria\sfx\local\licage-crack2.ogg

c:\program files (x86)\steam\steamapps\common\aquaria\_mods\guert_mod\tempo\energyorbcracked.lua

c:\program files (x86)\steam\steamapps\common\penumbra overture\redist\sounds\ice_cave\ice_cave_crack.snt

c:\program files (x86)\steam\steamapps\common\penumbra overture\redist\sounds\ice_cave\ice_cave_crack1.ogg

c:\program files (x86)\steam\steamapps\common\penumbra overture\redist\sounds\ice_cave\ice_cave_crack2.ogg

c:\program files (x86)\steam\steamapps\common\penumbra overture\redist\sounds\ice_cave\ice_cave_crack3.ogg

c:\program files (x86)\steam\steamapps\common\penumbra overture\redist\sounds\ice_cave\ice_cave_crack4.ogg

c:\program files (x86)\steam\steamapps\common\penumbra overture\redist\sounds\ice_cave\ice_cave_crack5.ogg

c:\program files (x86)\steam\steamapps\common\penumbra overture\redist\sounds\ice_cave\ice_cave_ice_crack.snt

c:\program files (x86)\steam\steamapps\common\penumbra overture\redist\sounds\ice_cave\ice_cave_ice_crack1.ogg

c:\program files (x86)\steam\steamapps\sourcemods\bms\materials\decals\concretecrack2.vmt

c:\program files (x86)\steam\steamapps\sourcemods\bms\materials\decals\concretecrack2.vtf

c:\program files (x86)\steam\steamapps\sourcemods\bms\materials\decals\concretecrack3.vmt

c:\program files (x86)\steam\steamapps\sourcemods\bms\materials\decals\concretecrack3.vtf

c:\program files (x86)\steam\steamapps\sourcemods\bms\materials\decals\concrete_large_crack1.vmt

c:\program files (x86)\steam\steamapps\sourcemods\bms\materials\decals\concrete_large_crack1.vtf

c:\program files (x86)\steam\steamapps\sourcemods\bms\materials\decals\concrete_large_crack2.vmt

c:\program files (x86)\steam\steamapps\sourcemods\bms\materials\decals\concrete_large_crack2.vtf

c:\program files (x86)\steam\steamapps\sourcemods\bms\materials\decals\concrete_large_crack3.vmt

c:\program files (x86)\steam\steamapps\sourcemods\bms\materials\decals\concrete_large_crack3.vtf

c:\program files (x86)\steam\steamapps\sourcemods\bms\materials\decals\concrete_large_crack4.vmt

c:\program files (x86)\steam\steamapps\sourcemods\bms\materials\decals\concrete_large_crack4.vtf

c:\program files (x86)\steam\steamapps\sourcemods\bms\materials\decals\concrete_large_crack5.vmt

c:\program files (x86)\steam\steamapps\sourcemods\bms\materials\decals\concrete_large_crack5.vtf

c:\program files (x86)\steam\steamapps\sourcemods\bms\materials\decals\floorcrack2.vmt

c:\program files (x86)\steam\steamapps\sourcemods\bms\materials\decals\floorcrack2.vtf

c:\program files (x86)\steam\steamapps\sourcemods\bms\materials\decals\concrete\crack_01.vmt

c:\program files (x86)\steam\steamapps\sourcemods\bms\materials\decals\concrete\crack_01.vtf

c:\program files (x86)\steam\steamapps\sourcemods\bms\materials\decals\concrete\crack_03.vmt

c:\program files (x86)\steam\steamapps\sourcemods\bms\materials\decals\concrete\crack_03.vtf

c:\program files (x86)\steam\steamapps\sourcemods\bms\materials\decals\concrete\crack_04.vmt

c:\program files (x86)\steam\steamapps\sourcemods\bms\materials\decals\concrete\crack_04.vtf

c:\program files (x86)\steam\steamapps\sourcemods\bms\materials\decals\concrete\crack_05.vmt

c:\program files (x86)\steam\steamapps\sourcemods\bms\materials\decals\concrete\crack_05.vtf

c:\program files (x86)\steam\steamapps\sourcemods\bms\models\props_powerup\cinephys_wallcrack.dx80.vtx

c:\program files (x86)\steam\steamapps\sourcemods\bms\models\props_powerup\cinephys_wallcrack.dx90.vtx

c:\program files (x86)\steam\steamapps\sourcemods\bms\models\props_powerup\cinephys_wallcrack.mdl

c:\program files (x86)\steam\steamapps\sourcemods\bms\models\props_powerup\cinephys_wallcrack.sw.vtx

c:\program files (x86)\steam\steamapps\sourcemods\bms\models\props_powerup\cinephys_wallcrack.vvd

c:\televisiondownloads\books\james davies - cracked- why psychiatry is doing more harm than good (pdf).pdf

c:\televisiondownloads\books\margalit fox - the riddle of the labyrinth- the quest to crack an ancient code (epub).epub

c:\televisiondownloads\books\matt curtin - brute force- cracking the data encryption (pdf).pdf

c:\televisiondownloads\books\megan flint - [firecracker 01] - firecracker in heat [mf] (epub).epub

c:\televisiondownloads\books\megan flint - [firecracker 01] - firecracker in heat [mf] (mobi).mobi

c:\televisiondownloads\books\megan flint - [firecracker 02] - firecracker gone astray [mf] (epub).epub

c:\televisiondownloads\books\megan flint - [firecracker 02] - firecracker gone astray [mf] (mobi).mobi

c:\televisiondownloads\books\moira rogers - [last call 06] - firecracker [mf] (epub).epub

c:\televisiondownloads\books\moira rogers - [last call 06] - firecracker [mf] (mobi).mobi

c:\televisiondownloads\new folder\temp\comics\comicrack.ini

c:\users\middle3\desktop\blue drive backup\crack.zip

c:\users\middle3\desktop\games\minecraft.v1.2.5.cracked-p2p.rar

c:\users\middle3\desktop\games\duke\dnra\ra\ra_data\textures\textures\ra_cracked_dirt.dds

c:\users\middle3\desktop\games\duke\dukearmy3_15\dukearmy\graphics\firstperson\2324_crackknuckles.md2

c:\users\middle3\desktop\games\duke\nr-normal\fcrack01.voc

c:\users\middle3\desktop\games\minecraft.v1.2.5.cracked-p2p\minecraft.v1.2.5.cracked-p2p\read me.txt

c:\users\middle3\music\itunes\itunes media\music\compilations\death to the pixies (live)\2-14 crackity jones.m4a

c:\users\middle3\music\itunes\itunes media\music\faith no more\angel dust\11 crack hitler.m4a

c:\users\middle3\music\itunes\itunes media\music\stone temple pilots\core\11 crackerman.m4a

c:\_otm\movedfiles\12122013_172455\c_televisiondownloads\dead island riptide\dead island riptide (pre-cracked)\steam_api.dll

scanner sequence 3.ZZ.11.XENAMZ

 ----- EOF ----- 
Link to post
Share on other sites

Did you re-install TrueCrypt, did that make any difference?

 

Run the following;

 

Run the MGA Diagnostic Tool and post back the report it creates:

 

  •  

     

  • Download MGADiag from here: http://go.microsoft.com/fwlink/?linkid=52012 and save it to your desktop.

     

     

  • Double-click on MGADiag.exe to launch the program

     

     

  • Click "Continue"

     

     

  • Ensure that the "Windows" tab is selected (it should be by default).

     

     

  • Click the "Copy" button to copy the MGA Diagnostic Report to the Windows clipboard.

     

     

  • Paste the MGA Diagnostic Report back here in your next reply.

     

     

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.