Jump to content

Infected, probably from a WMP x264 codec virus


Recommended Posts

Not sure but a friend downloaded a fishy looking codec a ways back and I've had avast blocking threats ever since, never getting rid of the problem though. :( 

 

Help?

 

Thanks for your time.

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16428  BrowserJavaVersion: 10.51.2
Run by User at 15:35:04 on 2014-01-20
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.16277.12696 [GMT -8:00]
.
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
C:\Program Files\Tablet\Wacom\WacomHost.exe
C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Hotkey\Hotkey.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
c:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
c:\Program Files (x86)\Hotkey\PowerBiosServer.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\system32\Wacom_Tablet.exe
C:\Windows\explorer.exe
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
C:\Windows\system32\viakaraokesrv.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.


mWinlogon: Userinit = userinit.exe,
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [AdobeBridge] <no file>
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [CLMLServer] "c:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [RemoteControl10] "c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
mRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
StartupFolder: C:\Users\User\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\User\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\Hotkey.lnk - C:\Program Files (x86)\Hotkey\Hotkey.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
TCP: NameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{02726543-EDAE-43B7-851A-281FCF3BF10E} : DHCPNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{02726543-EDAE-43B7-851A-281FCF3BF10E}\3416666656022456E656027596C637869627560223 : DHCPNameServer = 206.13.29.12 192.168.1.254 192.168.0.249
TCP: Interfaces\{02726543-EDAE-43B7-851A-281FCF3BF10E}\B454437303 : DHCPNameServer = 192.168.1.1 68.238.64.12
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL

x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [CECAPLF] C:\Program Files (x86)\ChiconyCam\CECAPLF.exe
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
x64-Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
x64-Run: [shadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\vms82hdo.default-1380596108096\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\TabletPlugins\npwacom.dll
FF - plugin: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll
FF - plugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll
FF - plugin: C:\Users\User\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\User\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\User\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Users\User\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.mysearchdial.hmpg - true

FF - user.js: extensions.mysearchdial.dfltSrch - true
FF - user.js: extensions.mysearchdial.srchPrvdr - Mysearchdial
FF - user.js: extensions.mysearchdial.dnsErr - true
FF - user.js: extensions.mysearchdial_i.newTab - false


FF - user.js: extensions.mysearchdial.id - 2016D878D59AA0AA
FF - user.js: extensions.mysearchdial.instlDay - 16048
FF - user.js: extensions.mysearchdial.vrsn - 1.8.21.0
FF - user.js: extensions.mysearchdial.vrsni - 1.8.21.0
FF - user.js: extensions.mysearchdial_i.vrsnTs - 1.8.21.020:42:34
FF - user.js: extensions.mysearchdial.prtnrId - mysearchdial
FF - user.js: extensions.mysearchdial.prdct - mysearchdial
FF - user.js: extensions.mysearchdial.aflt - irmsd1103
FF - user.js: extensions.mysearchdial_i.smplGrp - none
FF - user.js: extensions.mysearchdial.tlbrId - base
FF - user.js: extensions.mysearchdial.instlRef -
FF - user.js: extensions.mysearchdial.dfltLng -
FF - user.js: extensions.mysearchdial.appId - {CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}
FF - user.js: extensions.mysearchdial.excTlbr - false
FF - user.js: extensions.mysearchdial_i.hmpg - true
FF - user.js: extensions.mysearchdial.cr - 920963865
FF - user.js: extensions.mysearchdial.cd - 2XzuyEtN2Y1L1QzutBtDtCyC0DzzyBzz0DyDzy0A0AtD0A0AtN0D0Tzu0SyBtDzytN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R
FF - user.js: extensions.irmysearch.aflt - irmsd1103
FF - user.js: extensions.irmysearch.instlRef -
FF - user.js: extensions.irmysearch.cr - 920963865
FF - user.js: extensions.irmysearch.cd - 2XzuyEtN2Y1L1QzutBtDtCyC0DzzyBzz0DyDzy0A0AtD0A0AtN0D0Tzu0SyBtDzytN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-3-4 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-3-4 207904]
R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2013-1-2 645952]
R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2013-1-2 27456]
R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2012-8-2 19264]
R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2013-11-19 32544]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2013-4-8 55280]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-1-17 1034464]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2013-1-17 422216]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-6-6 283200]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-1-17 78648]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-1-20 50344]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-1-2 7168]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-1-10 627936]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2013-1-2 161560]
R2 mi-raysat_3dsmax2012_64;mental ray 3.9 Satellite for Autodesk 3ds Max 2012 64-bit - English 64-bit;C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [2011-2-22 86016]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-12-2 1370912]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-7-30 15128352]
R2 PowerBiosServer;PowerBiosServer;C:\Program Files (x86)\Hotkey\PowerBiosServer.exe [2011-2-18 35328]
R2 TabletServiceWacom;TabletServiceWacom;C:\Windows\System32\Wacom_Tablet.exe [2013-1-23 6159656]
R2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-11-10 5087584]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2013-1-2 363800]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service;C:\Windows\System32\ViakaraokeSrv.exe [2012-3-28 27760]
R2 WTabletServicePro;Wacom Professional Service;C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [2013-3-18 613688]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2012-9-12 196904]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-5-15 331264]
R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2012-8-2 357184]
R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2012-8-2 789824]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2013-12-2 39200]
R3 RSBASTOR;Realtek PCIE CardReader Driver - BA;C:\Windows\System32\drivers\RtsBaStor.sys [2013-1-2 292968]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-1-2 677480]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\System32\drivers\rtwlane.sys [2013-1-2 1077864]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2012-3-28 2184816]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536]
S3 aswStm;aswStm;C:\Windows\System32\drivers\aswstm.sys [2014-1-20 79672]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-1-17 1431888]
S3 hidkmdf;KMDF Driver;C:\Windows\System32\drivers\hidkmdf.sys [2013-3-18 14320]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-12 111616]
S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\Windows\System32\drivers\MijXfilt.sys [2013-7-21 121416]
S3 PPJoyBus;Parallel Port Joystick Bus Enumerator;C:\Windows\System32\drivers\PPJoyBus64.sys [2009-11-3 20032]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-1-17 19456]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-1-17 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-1-17 30208]
S3 vjoy;vJoy Device;C:\Windows\System32\drivers\vjoy.sys [2013-9-15 15544]
S3 vpcuxd;USB Virtualization Stub Service;C:\Windows\System32\drivers\vpcuxd.sys [2013-4-26 16384]
S3 vzandnetadb;ADB Interface DriverNet for VZW;C:\Windows\System32\drivers\lgvzandnetadb.sys [2013-10-30 31744]
S3 vzandnetdiag;LGE AndroidNet for VZW USB Serial Port;C:\Windows\System32\drivers\lgvzandnetdiag64.sys [2013-10-30 29696]
S3 vzandnetmodem;LGE AndroidNet for VZW USB Modem;C:\Windows\System32\drivers\lgvzandnetmdm64.sys [2013-10-30 36864]
S3 vzandnetndis;LGE AndroidNet for VZW NDIS Ethernet Adapter;C:\Windows\System32\drivers\lgvzandnetndis64.sys [2013-10-30 94208]
S3 WacHidRouter;Wacom Hid Router;C:\Windows\System32\drivers\wachidrouter.sys [2013-3-18 82416]
S3 wacomrouterfilter;Wacom Router Filter Driver;C:\Windows\System32\drivers\wacomrouterfilter.sys [2013-3-18 15344]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-1-17 1255736]
.
=============== Created Last 30 ================
.
2014-01-20 23:21:23    25928    ----a-w-    C:\Windows\System32\drivers\mbam.sys
2014-01-20 23:03:56    --------    d-----w-    C:\Program Files (x86)\ESET
2014-01-20 19:04:09    79672    ----a-w-    C:\Windows\System32\drivers\aswstm.sys
2014-01-20 19:03:43    96168    ----a-w-    C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-01-20 19:01:13    10315576    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{40236716-059B-41A4-B655-1CAB983068F0}\mpengine.dll
2014-01-20 18:39:24    --------    d-----w-    C:\Users\User\AppData\Local\Esdtion
2014-01-16 01:33:22    --------    d-----w-    C:\FRST
2014-01-16 01:16:13    --------    d-----w-    C:\AdwCleaner
2014-01-16 00:50:43    --------    d-----w-    C:\Users\User\AppData\Roaming\Malwarebytes
2014-01-16 00:50:21    --------    d-----w-    C:\ProgramData\Malwarebytes
2014-01-16 00:50:21    --------    d-----w-    C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-16 00:49:09    --------    d-----w-    C:\MGADiagToolOutput
2014-01-15 23:54:09    --------    d-----w-    C:\Users\User\Doctor Web
2014-01-15 23:54:08    --------    d-----w-    C:\ProgramData\Doctor Web
.
==================== Find3M  ====================
.
2014-01-20 19:03:59    78648    ----a-w-    C:\Windows\System32\drivers\aswMonFlt.sys
2014-01-20 19:03:59    43152    ----a-w-    C:\Windows\avastSS.scr
2014-01-20 19:03:59    207904    ----a-w-    C:\Windows\System32\drivers\aswVmm.sys
2014-01-20 19:03:59    1034464    ----a-w-    C:\Windows\System32\drivers\aswSnx.sys
2013-12-10 22:34:12    71048    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-10 22:34:12    692616    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2013-11-29 16:56:58    1096480    ----a-w-    C:\Windows\System32\nvspcap64.dll
2013-11-29 16:56:57    979744    ----a-w-    C:\Windows\SysWow64\nvspcap.dll
2013-11-26 10:19:07    2724864    ----a-w-    C:\Windows\System32\mshtml.tlb
2013-11-26 10:18:23    4096    ----a-w-    C:\Windows\System32\ieetwcollectorres.dll
2013-11-26 09:48:07    66048    ----a-w-    C:\Windows\System32\iesetup.dll
2013-11-26 09:46:25    48640    ----a-w-    C:\Windows\System32\ieetwproxystub.dll
2013-11-26 09:23:02    2724864    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2013-11-26 09:18:39    139264    ----a-w-    C:\Windows\System32\ieUnatt.exe
2013-11-26 09:18:09    111616    ----a-w-    C:\Windows\System32\ieetwcollector.exe
2013-11-26 09:16:57    708608    ----a-w-    C:\Windows\System32\jscript9diag.dll
2013-11-26 08:35:02    5769216    ----a-w-    C:\Windows\System32\jscript9.dll
2013-11-26 08:28:16    553472    ----a-w-    C:\Windows\SysWow64\jscript9diag.dll
2013-11-26 08:16:12    4243968    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2013-11-26 08:02:16    1995264    ----a-w-    C:\Windows\System32\inetcpl.cpl
2013-11-26 07:32:06    1928192    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2013-11-26 07:07:57    2334208    ----a-w-    C:\Windows\System32\wininet.dll
2013-11-26 06:33:33    1820160    ----a-w-    C:\Windows\SysWow64\wininet.dll
2013-11-23 18:26:20    417792    ----a-w-    C:\Windows\SysWow64\WMPhoto.dll
2013-11-23 17:47:34    465920    ----a-w-    C:\Windows\System32\WMPhoto.dll
2013-11-19 11:33:38    267936    ----a-w-    C:\Windows\System32\MpSigStub.exe
2013-11-12 02:23:09    2048    ----a-w-    C:\Windows\System32\tzres.dll
2013-11-12 02:07:29    2048    ----a-w-    C:\Windows\SysWow64\tzres.dll
2013-11-11 15:02:02    6674208    ----a-w-    C:\Windows\System32\nvcpl.dll
2013-11-11 15:02:02    3490080    ----a-w-    C:\Windows\System32\nvsvc64.dll
2013-11-11 15:01:59    922912    ----a-w-    C:\Windows\System32\nvvsvc.exe
2013-11-11 15:01:59    67072    ----a-w-    C:\Windows\System32\nv3dappshextr.dll
2013-11-11 15:01:59    63776    ----a-w-    C:\Windows\System32\nvshext.dll
2013-11-11 15:01:59    2559776    ----a-w-    C:\Windows\System32\nvsvcr.dll
2013-11-11 15:01:59    219424    ----a-w-    C:\Windows\System32\nvmctray.dll
2013-11-11 15:01:59    1065248    ----a-w-    C:\Windows\System32\nv3dappshext.dll
2013-11-11 15:01:58    3467927    ----a-w-    C:\Windows\System32\nvcoproc.bin
2013-10-30 17:03:12    39200    ----a-w-    C:\Windows\System32\drivers\nvvad64v.sys
2013-10-30 17:02:58    35104    ----a-w-    C:\Windows\System32\nvaudcap64v.dll
2013-10-30 17:02:56    32544    ----a-w-    C:\Windows\SysWow64\nvaudcap32v.dll
2013-10-30 02:32:01    335360    ----a-w-    C:\Windows\System32\msieftp.dll
2013-10-30 02:19:52    301568    ----a-w-    C:\Windows\SysWow64\msieftp.dll
2013-10-30 01:24:31    3155968    ----a-w-    C:\Windows\System32\win32k.sys
2013-10-28 03:30:44    108968    ----a-w-    C:\Windows\System32\WindowsAccessBridge-64.dll
2013-10-23 10:30:23    1884448    ----a-w-    C:\Windows\System32\nvdispco6433165.dll
2013-10-23 10:30:23    1511712    ----a-w-    C:\Windows\System32\nvdispgenco6433165.dll
.
============= FINISH: 15:35:13.34 ===============
 

 

 

 

 

Link to post
Share on other sites

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 1/11/2013 9:21:19 AM
System Uptime: 1/20/2014 11:06:47 AM (4 hours ago)
.
Motherboard: CLEVO CO.                        |  | W251EFQ/W270EFQ                 
Processor: Intel® Core i7-3740QM CPU @ 2.70GHz | U29 | 2701/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 698 GiB total, 160.915 GiB free.
D: is CDROM ()
E: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP224: 1/9/2014 3:52:19 PM - avast! antivirus system restore point
RP225: 1/15/2014 3:03:36 PM - Windows Update
RP226: 1/16/2014 9:39:39 AM - Windows Update
RP227: 1/20/2014 10:40:07 AM - Restore Operation
RP228: 1/20/2014 10:53:53 AM - avast! antivirus system restore point
RP229: 1/20/2014 11:01:14 AM - Installed Java 7 Update 51
.
==== Installed Programs ======================
.
7-Zip 9.20 (x64 edition)
Acoustica Effects Pack
Acoustica Mixcraft 5
Adobe Acrobat X Pro - English, Français, Deutsch
Adobe After Effects CS6
Adobe AIR
Adobe Download Assistant
Adobe Flash Player 11 Plugin
Adobe Flash Professional CS6
Adobe Help Manager
Adobe Illustrator CS5.1
Adobe Photoshop CS5.1
Adobe Reader XI (11.0.06)
Allegorithmic Substance BatchTools 1.x
Allegorithmic Substance Designer 3.x
AnyDVD
Apple Application Support
Apple Software Update
Audacity 2.0.3
Autodesk 3ds Max 2012 64-bit - English
Autodesk Backburner 2012.0.0
Autodesk DirectConnect 2.0
Autodesk DirectConnect 2012 64-bit
Autodesk FBX Plug-in 2012.0 - 3ds Max 2012 64-bit
Autodesk MatchMover 2012 64-bit
Autodesk Material Library 2012
Autodesk Material Library Base Resolution Image Library 2012
Autodesk Material Library Medium Resolution Image Library 2012
Autodesk Maya 2012 64-bit
AUTODESK MAYA V8.5
avast! Free Antivirus
Awesomenauts
Bastion
BisonCam
Bitmap Font Generator
Blender
Blood Bowl: Legendary Edition
Broken Sword: Shadow of the Templars - Director's Cut
CamStudio 2.7.2
Capsized
Castle Crashers
CCleaner
cgCharacter Mediview
ChiconyCam
Chivalry: Medieval Warfare
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
CloudReading
Composite 2012 64-bit
CutePDF Writer 3.0
CyberLink Media Suite
CyberLink Power2Go
CyberLink PowerDVD 10
D-Fend Reloaded 1.3.5 (deinstall)
DAEMON Tools Lite
Dead Island
Dear Esther
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Digital Voice Editor 3
Don't Starve
Dota 2
Dropbox
Dungeons & Dragons: Chronicles of Mystara
DVD Flick 1.3.0.7
DVD43 Plug-in v1.0.0.6
Eets Munchies
English Country Tune
ESET Online Scanner v3
ETDWare PS/2-X64 10.5.2.0
FEZ
FileZilla Client 3.6.0.2
Flotilla
Foxit Reader
Fractal: Make Blooms Not War
Fraps (remove only)
FTL: Faster Than Light
Game of Thrones
GeForce Experience NvStream Client Components
Gone Home
Google Talk Plugin
Hack n Slash Prototype
Hammerwatch
HandBrake 0.9.8
headus UVLayout v2 Professional
Hotfix for Microsoft Visual C# 2010 Express - ENU (KB2635973)
Hotkey 6.0030
Hotline Miami
ImgBurn
Incredipede
Intel® Control Center
Intel® Management Engine Components
Intel® OpenCL CPU Runtime
Intel® Processor Graphics
Intel® Rapid Storage Technology
Intel® USB 3.0 eXtensible Host Controller Driver
Intel® Trusted Connect Service Client
Intrusion 2
Jamestown
Java 7 Update 45 (64-bit)
Java 7 Update 51
Java Auto Updater
Kentucky Route Zero
League of Legends
Legend of Dungeon
LG United Mobile Driver
LG Verizon United Driver
Little Inferno
Magicka
Malwarebytes Anti-Malware version 1.75.0.1300
Mark of the Ninja
Maya 8.5
Maya 8.5 Documentation (en_US)
McPixel
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft .NET Framework 4.5
Microsoft Application Error Reporting
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170)
Microsoft Games for Windows - LIVE Redistributable
Microsoft Help Viewer 1.1
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2008 R2 Management Objects
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft SQL Server Compact 3.5 SP2 x64 ENU
Microsoft SQL Server System CLR Types
Microsoft Visual C# 2010 Express - ENU
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU
Microsoft Visual Studio 2010 Service Pack 1
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
Microsoft Xbox 360 Accessories 1.2
Microsoft XNA Framework Redistributable 3.1
Microsoft XNA Framework Redistributable 4.0 Refresh
Microsoft XNA Game Studio 4.0
Microsoft XNA Game Studio 4.0 (ARP entry)
Microsoft XNA Game Studio 4.0 (Redists)
Microsoft XNA Game Studio 4.0 (Shared Components)
Microsoft XNA Game Studio 4.0 (Visual Studio)
Microsoft XNA Game Studio 4.0 (XnaLiveProxy)
Microsoft XNA Game Studio 4.0 Documentation
Microsoft XNA Game Studio Platform Tools
Microsoft_VC80_ATL_x86
Microsoft_VC80_ATL_x86_x64
Microsoft_VC80_CRT_x86
Microsoft_VC80_CRT_x86_x64
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFC_x86_x64
Microsoft_VC80_MFCLOC_x86
Microsoft_VC80_MFCLOC_x86_x64
Microsoft_VC90_ATL_x86
Microsoft_VC90_ATL_x86_x64
Microsoft_VC90_CRT_x86
Microsoft_VC90_CRT_x86_x64
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFC_x86_x64
Microsoft_VC90_MFCLOC_x86
Microsoft_VC90_MFCLOC_x86_x64
Mirror's Edge
Monaco
MotioninJoy Gamepad tool 0.7.1001
Mozilla Firefox 26.0 (x86 en-US)
Mozilla Maintenance Service
MPK mini Editor
Multimedia Fusion 2
Natural Selection 2
Neverwinter
Notepad++
NVIDIA Control Panel 331.82
NVIDIA GeForce Experience 1.8
NVIDIA Graphics Driver 331.82
NVIDIA Install Application
NVIDIA LED Visualizer 1.0
NVIDIA Network Service
NVIDIA Optimus Update 10.10.5
NVIDIA Photoshop Plug-ins 64 bit
NVIDIA PhysX
NVIDIA PhysX Plug-in for Autodesk Maya 2012 64 bit
NVIDIA PhysX System Software 9.13.0725
NVIDIA ShadowPlay 10.10.5
NVIDIA Update 10.10.5
NVIDIA Update Core
NVIDIA Virtual Audio 1.2.12
Oil Rush
OpenAL
OpenOffice.org 3.4.1
Organ Trail: Director's Cut
Origin
Overlord
Pando Media Booster
Path of Exile
PDF Settings CS5
PDF Settings CS6
PeerBlock 1.1 (r518)
Penny Arcade's On the Rain-Slick Precipice of Darkness 3
Platform
Poker Night at the Inventory
Populous
Proteus
Python 3.3.1
QuickTime
RAW - Realms of Ancient War
Realtek Ethernet Controller Driver
Realtek PCIE Card Reader
Recettear: An Item Shop's Tale
RIFT
Rogue Legacy
Sacred 2 Gold
Scribblenauts Unlimited
Security Update for Microsoft .NET Framework 4.5 (KB2737083)
Security Update for Microsoft .NET Framework 4.5 (KB2742613)
Security Update for Microsoft .NET Framework 4.5 (KB2789648)
Security Update for Microsoft .NET Framework 4.5 (KB2804582)
Security Update for Microsoft .NET Framework 4.5 (KB2833957)
Security Update for Microsoft .NET Framework 4.5 (KB2840642)
Security Update for Microsoft .NET Framework 4.5 (KB2840642v2)
Security Update for Microsoft .NET Framework 4.5 (KB2861208)
Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition
Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687276) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition
Security Update for Microsoft Outlook 2010 (KB2837597) 32-Bit Edition
Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition
Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition
SHIELD Streaming
Skype™ 6.1
Spacebase DF-9 Prototype
Spelunky
Starseed Pilgrim
Stealth Bastard Deluxe
Steam
Super Meat Boy
Team Fortress 2
TeamViewer 8
Terraria
The Bard's Tale
The Sims™ 3
The Sims™ 3 High-End Loft Stuff
The Sims™ 3 Late Night
Thirty Flights of Loving
Thomas Was Alone
Ticket to Ride
Tiny and Big: Grandpa's Leftovers
TopoGun 2.00 W64 BETA1
TortoiseSVN 1.8.3.24901 (64 bit)
Trine
Trine 2
Unity
Unity Web Player
Update for Microsoft .NET Framework 4.5 (KB2750147)
Update for Microsoft .NET Framework 4.5 (KB2805221)
Update for Microsoft .NET Framework 4.5 (KB2805226)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector (KB983403)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition
USB Vibration Joystick
Ventrilo Client for Windows x64
VIA Platform Device Manager
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
VLC media player 2.0.7
VSO ConvertXtoDVD v5.0.0.45 FINAL
Wacom Tablet
Waking Mars
WebCam Installer
WebTablet FB Plugin 32 bit
WebTablet FB Plugin 64 bit
WebTablet IE Plugin
WebTablet Netscape Plugin
Worms Reloaded
ZBrush 4R5
ZBrush 4R6
Zip Motion Block Video codec (Remove Only)
.
==== Event Viewer Messages From Past Week ========
.
1/20/2014 11:16:55 AM, Error: Service Control Manager [7022]  - The Windows Update service hung on starting.
1/20/2014 11:09:33 AM, Error: Service Control Manager [7000]  - The Hardlock service failed to start due to the following error:  Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
1/16/2014 9:46:08 AM, Error: Service Control Manager [7000]  - The Encrypting File System (EFS) service failed to start due to the following error:  The system cannot find the file specified.
1/15/2014 3:24:43 PM, Error: Service Control Manager [7030]  - The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
1/15/2014 3:24:13 PM, Error: Application Popup [1060]  - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
1/15/2014 3:18:54 PM, Error: Service Control Manager [7034]  - The mental ray 3.9 Satellite for Autodesk 3ds Max 2012 64-bit - English 64-bit service terminated unexpectedly.  It has done this 1 time(s).
1/15/2014 2:55:41 PM, Error: Service Control Manager [7031]  - The TeamViewer 8 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 2000 milliseconds: Restart the service.
.
==== End Of File ===========================
 

Link to post
Share on other sites

Hello ccbx4321! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
Step 1

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 2

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan button. Wait until is finished.
  • Click on Clean.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner\AdwCleaner[s0].txt as well.
Step 3
  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

In your next reply, post the following log files:

  • Junkware Removal Tool log
  • AdwCleaner log
  • Malwarebytes' Anti-Malware log
Link to post
Share on other sites

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Home Premium x64
Ran by User on Tue 01/21/2014 at 18:28:23.98
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AboutURLs\\Tabs



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\caphyon
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopes
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3314199
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{54678BB3-D71A-4F82-9EAF-6EF2CD141BAD}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"



~~~ FireFox

Successfully deleted: [File] C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\vms82hdo.default-1380596108096\user.js
Successfully deleted the following from C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\vms82hdo.default-1380596108096\prefs.js

user_pref("extensions.mysearchdial.aflt", "irmsd1103");
user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");
user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1QzutBtDtCyC0DzzyBzz0DyDzy0A0AtD0A0AtN0D0Tzu0SyBtDzytN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R");
user_pref("extensions.mysearchdial.cr", "920963865");
user_pref("extensions.mysearchdial.dfltLng", "");
user_pref("extensions.mysearchdial.dfltSrch", true);
user_pref("extensions.mysearchdial.dnsErr", true);
user_pref("extensions.mysearchdial.excTlbr", false);
user_pref("extensions.mysearchdial.hmpg", true);

user_pref("extensions.mysearchdial.id", "2016D878D59AA0AA");
user_pref("extensions.mysearchdial.instlDay", "16048");
user_pref("extensions.mysearchdial.instlRef", "");

user_pref("extensions.mysearchdial.prdct", "mysearchdial");
user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");
user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");
user_pref("extensions.mysearchdial.tlbrId", "base");

user_pref("extensions.mysearchdial.vrsn", "1.8.21.0");
user_pref("extensions.mysearchdial.vrsni", "1.8.21.0");
user_pref("extensions.mysearchdial_i.hmpg", true);
user_pref("extensions.mysearchdial_i.newTab", false);
user_pref("extensions.mysearchdial_i.smplGrp", "none");
user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.21.020:42:34");
Emptied folder: C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\vms82hdo.default-1380596108096\minidumps [19 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 01/21/2014 at 18:34:15.98
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

Link to post
Share on other sites

# AdwCleaner v3.017 - Report created 15/01/2014 at 17:19:44
# Updated 12/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : User - CCB824321
# Running from : C:\Users\User\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\Conduit
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Users\User\AppData\Local\Conduit
Folder Deleted : C:\Users\User\AppData\LocalLow\Conduit
File Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\vms82hdo.default-1380596108096\searchplugins\Mysearchdial.xml
File Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\vms82hdo.default-1380596108096\user.js

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3314199
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\PIP

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page]

-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\vms82hdo.default-1380596108096\prefs.js ]

Line Deleted : user_pref("extensions.mysearchdial.aflt", "irmsd1103");
Line Deleted : user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");
Line Deleted : user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1QzutBtDtCyC0DzzyBzz0DyDzy0A0AtD0A0AtN0D0Tzu0SyBtDzytN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R");
Line Deleted : user_pref("extensions.mysearchdial.cr", "920963865");
Line Deleted : user_pref("extensions.mysearchdial.dfltLng", "");
Line Deleted : user_pref("extensions.mysearchdial.dfltSrch", true);
Line Deleted : user_pref("extensions.mysearchdial.dnsErr", true);
Line Deleted : user_pref("extensions.mysearchdial.excTlbr", false);
Line Deleted : user_pref("extensions.mysearchdial.hmpg", true);

Line Deleted : user_pref("extensions.mysearchdial.id", "2016D878D59AA0AA");
Line Deleted : user_pref("extensions.mysearchdial.instlDay", "16048");
Line Deleted : user_pref("extensions.mysearchdial.instlRef", "");

Line Deleted : user_pref("extensions.mysearchdial.prdct", "mysearchdial");
Line Deleted : user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");
Line Deleted : user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");
Line Deleted : user_pref("extensions.mysearchdial.tlbrId", "base");

Line Deleted : user_pref("extensions.mysearchdial.vrsn", "1.8.21.0");
Line Deleted : user_pref("extensions.mysearchdial.vrsni", "1.8.21.0");
Line Deleted : user_pref("extensions.mysearchdial_i.hmpg", true);
Line Deleted : user_pref("extensions.mysearchdial_i.newTab", false);
Line Deleted : user_pref("extensions.mysearchdial_i.smplGrp", "none");
Line Deleted : user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.21.020:42:34");

*************************

AdwCleaner[R0].txt - [6060 octets] - [15/01/2014 17:17:46]
AdwCleaner[s0].txt - [5522 octets] - [15/01/2014 17:19:44]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [5582 octets] ##########
# AdwCleaner v3.017 - Report created 21/01/2014 at 18:39:35
# Updated 12/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : User - CCB824321
# Running from : C:\Users\User\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Deleted : HKLM\Software\PIP

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page]

-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\vms82hdo.default-1380596108096\prefs.js ]


*************************

AdwCleaner[R0].txt - [7846 octets] - [15/01/2014 17:17:46]
AdwCleaner[s0].txt - [7146 octets] - [15/01/2014 17:19:44]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [7206 octets] ##########
 

 

 

 

 

 

 

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.01.21.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
User :: CCB824321 [administrator]

1/21/2014 6:44:49 PM
mbam-log-2014-01-21 (18-44-49).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 240035
Time elapsed: 5 minute(s), 9 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
 

Link to post
Share on other sites

Finished.  Says, "No threat found".

 

That's not very reassuring though, since I did a full scan a week or so ago and it said the same thing.  Then a few hours later, the avast shield was blocking the virus from automatically opening up firefox windows to weird sites.  So I clearly still had the virus after the scan.

 

It's a bit nasty, it seems to attach itself to legitimate programs and execute its code from there.  I had it run from a program my video card uses and then later from my laptop's camera software.  Very strange.

 

Though I admit I haven't seen any signs of it since you started helping me here so maybe one of the programs you had me run DID get it. Did you need another log or anything?  What do I do now?

Link to post
Share on other sites

In this case, let's make additional scan:

Please scan your machine with ESET OnlineScan

  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.

    ESET OnlineScan

  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer.

      Save it to your Desktop.

    • Double click on the esetsmartinstaller_enu.png to download the ESET Smart Installer. icon on your Desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under Scan Settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
Link to post
Share on other sites

C:\Program Files\CamStudio 2.7\BunndleOfferManager.exe    a variant of Win32/Bunndle application    cleaned by deleting - quarantined
C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WSTAPH18\BiTool[1].dll    Win32/Somoto.B application    cleaned by deleting - quarantined
C:\Users\User\AppData\Roaming\Adobe\acupx217.dll    a variant of Win32/Kryptik.BTQK trojan    cleaned by deleting (after the next restart) - quarantined
C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EPUHelp.exe    a variant of Win32/Kryptik.BTQK trojan    cleaned by deleting - quarantined
C:\Users\User\Downloads\FoxitReader611.1031_enu_Setup.exe    Win32/Bundled.Toolbar.Google.D application    cleaned by deleting - quarantined
C:\Users\User\Downloads\rcsetup148.exe    Win32/Bundled.Toolbar.Google.D application    cleaned by deleting - quarantined
Operating memory    a variant of Win32/Kryptik.BTQK trojan    contained infected files
 

Link to post
Share on other sites

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
Link to post
Share on other sites

Here are the 2 files.  I've noticed avast catching Nvbackend.exe and Cecaplf.exe in the past (a video card related program and a chicony web cam software).  These are just 2 I've spotted running some of what I think is the "malicious code", but I've also noticed it in other places; a bing destop tool or something like that as well.  Which is weird.

 

FRST log:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-01-2014 02
Ran by User (administrator) on CCB824321 on 26-01-2014 08:58:29
Running from C:\Users\User\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\Hotkey\PowerBiosServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Wacom Technology, Corp.) C:\Windows\System32\Wacom_Tablet.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(http://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Chicony) C:\Program Files (x86)\ChiconyCam\CECAPLF.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Microsoft Corporation) C:\Windows\System32\regsvr32.exe
() C:\Program Files (x86)\Hotkey\Hotkey.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(Dropbox, Inc.) C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [CECAPLF] - C:\Program Files (x86)\ChiconyCam\CECAPLF.exe [121456 2011-07-06] (Chicony)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2776360 2011-12-04] (ELAN Microelectronics Corp.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-08] (NVIDIA Corporation)
HKLM\...\Run: [XboxStat] - C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [shadowPlay] - C:\Windows\system32\nvspcap64.dll [1096480 2013-11-29] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2273056 2013-11-29] (NVIDIA Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [CLMLServer] - c:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2011-03-09] (CyberLink)
HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5025904 2012-02-12] (VIA)
HKLM-x32\...\Run: [iAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-09] (Intel Corporation)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [RemoteControl10] - c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2011-03-30] (CyberLink Corp.)
HKLM-x32\...\Run: [uSB3MON] - C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [switchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [bCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2012-01-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [815512 2012-01-03] (Adobe Systems Inc.)
HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-01-23] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [steam] - C:\Program Files (x86)\Steam\steam.exe [1815464 2014-01-07] (Valve Corporation)
HKCU\...\Run: [AdobeBridge] - [x]
HKCU\...\Run: [Google Update] - C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-02-22] (Google Inc.)
HKCU\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2013-01-17] ()
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKCU\...\Run: [Esdtion] - regsvr32.exe C:\Users\User\AppData\Local\Esdtion\AllWan.dll <===== ATTENTION
MountPoints2: F - F:\TL-Bootstrap.exe
MountPoints2: {69716b4b-7614-11e2-b037-2016d878d59a} - F:\TL-Bootstrap.exe
MountPoints2: {a4775a08-3b30-11e3-842a-2016d878d59a} - F:\VerizonSWUpgradeAssistantLauncher.exe
MountPoints2: {be0d16f9-cc04-11e2-9955-2016d878d59a} - E:\setup.exe
MountPoints2: {cf91d045-60fc-11e2-af05-2016d878d59a} - G:\Setup.exe
MountPoints2: {d34b0d65-bdd9-11e2-bdaa-2016d878d59a} - F:\TL-Bootstrap.exe
HKU\The Pwnicorn\...\Run: [AdobeBridge] - [x]
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-11-14] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-11-14] (NVIDIA Corporation)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\vms82hdo.default-1380596108096
FF Homepage: www.google.com
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.3 - C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll No File
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\User\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\User\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\User\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\User\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\User\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin ProgramFiles/Appdata: C:\Users\User\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\User\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\User\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: MC Shared Search Scope - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\vms82hdo.default-1380596108096\Extensions\{F671377A-7A8C-6634-134C-102331F87BA0} [2013-12-26]
FF Extension: Adblock Plus - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\vms82hdo.default-1380596108096\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-09]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-01-17]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-10-09]

Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-23] (AVAST Software)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2012-01-19] (Intel Corporation)
R2 mi-raysat_3dsmax2012_64; C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [86016 2011-02-22] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1370912 2013-11-29] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15128352 2013-11-29] (NVIDIA Corporation)
R2 PowerBiosServer; c:\Program Files (x86)\Hotkey\PowerBiosServer.exe [35328 2011-02-18] ()
R2 TabletServiceWacom; C:\Windows\system32\Wacom_Tablet.exe [6159656 2010-02-01] (Wacom Technology, Corp.)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-01-09] (VIA Technologies, Inc.)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [613688 2013-02-08] (Wacom Technology, Corp.)

==================== Drivers (Whitelisted) ====================

R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [123840 2010-06-09] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [123840 2010-06-09] (SlySoft, Inc.)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-01-23] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-10-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-10-21] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-01-23] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-01-23] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [80184 2014-01-23] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-20] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-06-06] (DT Soft Ltd)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [27456 2012-07-09] (Intel Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-10-30] (NVIDIA Corporation)
S3 PPJoyBus; C:\Windows\System32\DRIVERS\PPJoyBus64.sys [20032 2009-11-03] (Deon van der Westhuysen)
R3 RTL8192Ce; C:\Windows\System32\DRIVERS\rtwlane.sys [1077864 2011-12-04] (Realtek Semiconductor Corporation                           )
S3 vhidmini; C:\Windows\System32\DRIVERS\vjoy.sys [15544 2013-04-18] (Headsoft)
S3 vjoy; C:\Windows\System32\DRIVERS\vjoy.sys [15544 2013-04-18] (Headsoft)
S3 vzandnetadb; C:\Windows\System32\Drivers\lgvzandnetadb.sys [31744 2013-05-08] (Google Inc)
S3 vzandnetdiag; C:\Windows\System32\DRIVERS\lgvzandnetdiag64.sys [29696 2013-05-06] (LG Electronics Inc.)
S3 vzandnetmodem; C:\Windows\System32\DRIVERS\lgvzandnetmdm64.sys [36864 2013-05-06] (LG Electronics Inc.)
S3 vzandnetndis; C:\Windows\System32\DRIVERS\lgvzandnetndis64.sys [94208 2013-07-06] (LG Electronics Inc.)
S3 wacommousefilter; system32\DRIVERS\wacommousefilter.sys [x]
S3 wacomvhid; system32\DRIVERS\wacomvhid.sys [x]

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 79059559E89D06E8B80CE2944BE20228
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\System32\Drivers\AnyDVD.sys ACE1F390F0398E7B3FE36C98FBA67575
C:\Windows\SysWOW64\Drivers\AnyDVD.sys ACE1F390F0398E7B3FE36C98FBA67575
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\system32\drivers\aswMonFlt.sys 0ACC3F49015E628590CA4372322EB46B
C:\Windows\system32\drivers\aswRdr2.sys 679712B7A353EE665B9301592164A172
C:\Windows\System32\Drivers\aswRvrt.sys C04F7B373881009D7994D9BF55D24AB4
C:\Windows\system32\drivers\aswSnx.sys 43599E630DFC30AD4E6A2B4B269EB1C0
C:\Windows\system32\drivers\aswSP.sys F22DE5F5BA8ADA0A861441B624B51EB5
C:\Windows\system32\drivers\aswStm.sys FD3EA14ADF6216BDF4030DB2EFD43D96
C:\Windows\System32\Drivers\aswVmm.sys 90399625F341AB76BA4B85A5E860EB1F
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\BthEnum.sys CF98190A94F62E405C8CB255018B2315
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bthpan.sys 02DD601B708DD0667E1331FA8518E9FF
C:\Windows\System32\Drivers\BTHport.sys 738D0E9272F59EB7A1449C3EC118E6C4
C:\Windows\System32\Drivers\BTHUSB.sys F188B7394D81010767B6DF3178519A37
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706
C:\Windows\System32\drivers\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\dtsoftbus01.sys 46571ED73AE84469DCA53081D33CF3C8
C:\Windows\System32\drivers\dxgkrnl.sys 88612F1CE3BF42256913BF6E61C70D52
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ElbyCDIO.sys A14D6E3EF78F6D6AC42F98D633F2400A
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ETD.sys 0B9BF3F5BC94E2D9CF565136145E1863
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\system32\drivers\hardlock.sys 091582DA724F54830012E3FAAF2F1D1A
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidkmdf.sys 7772A36C8ECB7CB1B6760B7C233D2DB4
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\iaStorA.sys 0FE66A51D81A25AACEAAE4C26308121D
C:\Windows\System32\DRIVERS\iaStorF.sys A0EA86734FD36A1A047CA24EC6528CBA
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\igdkmd64.sys 348214F96642FD4FEF630DE021BA3540
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\IntcDAud.sys 6C9FFFECA9FED31347D211C5D1FFBD2D
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\iusb3hcs.sys D596D915CF091DA1F8CE4BD38BB5D509
C:\Windows\System32\DRIVERS\iusb3hub.sys 023896E23B61543A15A230EED996D911
C:\Windows\System32\DRIVERS\iusb3xhc.sys 7FAEC13F1ADD619F4B5B2D2CBF841E8E
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 8F489706472F7E9A06BAAA198703FA64
C:\Windows\System32\Drivers\ksecpkg.sys 868A2CAAB12EFC7A021682BCA0EEC54C
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HECIx64.sys 772A1DEEDFDBC244183B5C805D1B7D85
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\MijXfilt.sys C030F9E822A057C1A7A9BB4EA3E8877E
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys 1A4F75E63C9FB84B85DFFC6B63FD5404
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys B98F8C6E31CD07B2E6F71F7F648E38C0
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nvlddmkm.sys F554291C0A11F5B713B54C5886D4AA31
C:\Windows\System32\DRIVERS\nvpciflt.sys 3F403A74349FCE04DF8D7BE24E6A02BD
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\System32\drivers\nvvad64v.sys E54A699931F73E52C6DA2DA2776BA98D
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\drivers\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\PPJoyBus64.sys 610183C42EFB6A9A0E3F31DBCABB6A58
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\System32\Drivers\PxHlpa64.sys AED797CCA02783296C68AA10D0CFF8A9
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\drivers\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rfcomm.sys 3DD798846E2C28102B922C56E71B7932
C:\Windows\System32\DRIVERS\RtsBaStor.sys 7D9A999CCBB82020321BCCFEB9BB3C91
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Rt64win7.sys 8181B5E7BFC040E0B26349C73E719335
C:\Windows\System32\DRIVERS\rtwlane.sys E84C220E68121F1AD9B4B6F32D10780F
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\sdbus.sys 111E0EBC0AD79CB0FA014B907B231CF0
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\serenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\tcpip.sys 40AF23633D197905F03AB5628C558C51
C:\Windows\System32\DRIVERS\tcpip.sys 40AF23633D197905F03AB5628C558C51
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys 4CE278FC9671BA81A138D70823FCAA09
C:\Windows\System32\drivers\tsusbflt.sys 17C6B51CBCCDED95B3CC14E22791F85E
C:\Windows\system32\drivers\TsUsbGD.sys AD64450A4ABE076F5CB34CC08EEACB07
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbaudio.sys B0435098C81D04CAFFF80DDB746CD3A2
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\system32\drivers\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\system32\drivers\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC
C:\Windows\system32\drivers\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vjoy.sys 021D113774914686E55476E4D368B3D5
C:\Windows\System32\drivers\viahduaa.sys E8AF45C4FE2457D003E1842806F38748
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vjoy.sys 021D113774914686E55476E4D368B3D5
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vpchbus.sys B4A73CA4EF9A02B9738CEA9AD5FE5917
C:\Windows\System32\DRIVERS\vpcnfltr.sys E675FB2B48C54F09895482E2253B289C
C:\Windows\System32\DRIVERS\vpcusb.sys 5FB42082B0D19A0268705F1DD343DF20
C:\Windows\System32\DRIVERS\vpcuxd.sys 63F4E10873BEB4124028C6D1A66B0968
C:\Windows\System32\drivers\vpcvmm.sys 207B6539799CC1C112661A9B620DD233
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\Drivers\lgvzandnetadb.sys 81C91EFA54A50231FCF38D96E1BF83B8
C:\Windows\System32\DRIVERS\lgvzandnetdiag64.sys 73E1B04E3F8A6EEC98B58637CAB24998
C:\Windows\System32\DRIVERS\lgvzandnetmdm64.sys 4C42D3454DFE2B485BAE2B2D079BB491
C:\Windows\System32\DRIVERS\lgvzandnetndis64.sys E51D7F5902EB1899CDABDD6C55B84D8D
C:\Windows\System32\DRIVERS\wachidrouter.sys DA4512D642C1691A298FA757AB946DDE
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wacomrouterfilter.sys 056891AD9FB65EEE3A927C9FB5131FC7
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\System32\DRIVERS\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
C:\Windows\System32\DRIVERS\xusb21.sys 2EE48CFCE7CA8E0DB4C44C7476C0943B

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-26 08:57 - 2014-01-26 08:57 - 02078208 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2014-01-25 01:35 - 2014-01-25 01:51 - 00000942 _____ C:\Users\User\Desktop\esetScan.txt
2014-01-21 18:42 - 2014-01-21 18:39 - 00007314 _____ C:\Users\User\Desktop\AdwCleaner[s0].txt
2014-01-21 18:34 - 2014-01-21 18:34 - 00004930 _____ C:\Users\User\Desktop\JRT.txt
2014-01-21 18:28 - 2014-01-21 18:28 - 00000000 ____D C:\Windows\ERUNT
2014-01-21 18:27 - 2014-01-21 18:27 - 01236282 _____ C:\Users\User\Downloads\AdwCleaner.exe
2014-01-21 18:27 - 2014-01-21 18:27 - 01037068 _____ (Thisisu) C:\Users\User\Downloads\JRT.exe
2014-01-21 10:50 - 2014-01-21 11:00 - 1098684656 _____ (Unity Technologies ApS) C:\Users\User\Downloads\UnitySetup-4.3.3.exe
2014-01-20 15:30 - 2014-01-20 15:35 - 00027872 _____ C:\Users\User\Desktop\dds.txt
2014-01-20 15:30 - 2014-01-20 15:35 - 00014438 _____ C:\Users\User\Desktop\attach.txt
2014-01-20 15:21 - 2014-01-20 15:21 - 00001116 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-20 15:21 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-20 15:20 - 2014-01-20 15:20 - 00688992 ____R (Swearware) C:\Users\User\Desktop\dds.com
2014-01-20 15:19 - 2014-01-20 15:20 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\User\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-20 15:03 - 2014-01-20 15:03 - 02347384 _____ (ESET) C:\Users\User\Downloads\esetsmartinstaller_enu.exe
2014-01-20 15:03 - 2014-01-20 15:03 - 00000000 ____D C:\Program Files (x86)\ESET
2014-01-20 11:27 - 2013-11-26 17:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-20 11:27 - 2013-11-26 17:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-20 11:27 - 2013-11-26 17:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-20 11:27 - 2013-11-26 17:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-20 11:27 - 2013-11-26 17:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-20 11:27 - 2013-11-26 17:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-20 11:27 - 2013-11-26 17:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-20 11:27 - 2013-11-26 03:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-20 11:27 - 2013-11-26 02:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-20 11:04 - 2014-01-23 07:27 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-01-20 11:03 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-20 11:03 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-20 11:03 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-20 11:03 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-20 11:02 - 2014-01-20 11:03 - 00005175 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-20 10:39 - 2014-01-25 01:47 - 00000000 ____D C:\Users\User\AppData\Local\Esdtion
2014-01-15 17:38 - 2014-01-15 17:39 - 00059960 _____ C:\Users\User\Downloads\fixlist.txt
2014-01-15 17:33 - 2014-01-26 08:58 - 00040001 _____ C:\Users\User\Downloads\FRST.txt
2014-01-15 17:33 - 2014-01-15 17:39 - 00044444 _____ C:\Users\User\Downloads\Addition.txt
2014-01-15 17:33 - 2014-01-15 17:33 - 00188336 _____ C:\Users\User\Downloads\Extras.Txt
2014-01-15 17:33 - 2014-01-15 17:33 - 00120578 _____ C:\Users\User\Downloads\OTL.Txt
2014-01-15 17:33 - 2014-01-15 17:33 - 00000000 ____D C:\FRST
2014-01-15 17:16 - 2014-01-21 18:39 - 00000000 ____D C:\AdwCleaner
2014-01-15 16:56 - 2014-01-20 10:38 - 00000000 ____D C:\Users\User\Desktop\malware crap
2014-01-15 16:50 - 2014-01-20 15:21 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-15 16:50 - 2014-01-15 16:50 - 00000000 ____D C:\Users\User\AppData\Roaming\Malwarebytes
2014-01-15 16:50 - 2014-01-15 16:50 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-15 16:49 - 2014-01-15 16:49 - 00000000 ____D C:\MGADiagToolOutput
2014-01-15 16:48 - 2014-01-15 16:48 - 00000000 ____D C:\ProgramData\Office Genuine Advantage
2014-01-15 16:47 - 2014-01-20 10:50 - 00000000 ____D C:\Program Files (x86)\ERUNT
2014-01-15 15:54 - 2014-01-15 15:58 - 00000000 ____D C:\ProgramData\Doctor Web
2014-01-15 15:54 - 2014-01-15 15:54 - 00000000 ____D C:\Users\User\Doctor Web
2014-01-15 15:26 - 2014-01-15 15:26 - 00037964 _____ C:\ComboFix.txt
2014-01-15 15:16 - 2014-01-15 15:26 - 00000000 ____D C:\Qoobox
2014-01-15 15:15 - 2014-01-20 10:49 - 00000000 ____D C:\Windows\erdnt
2014-01-09 17:03 - 2014-01-09 17:03 - 00000000 ____D C:\Users\User\Documents\Reus

==================== One Month Modified Files and Folders =======

2014-01-26 08:58 - 2014-01-15 17:33 - 00040001 _____ C:\Users\User\Downloads\FRST.txt
2014-01-26 08:57 - 2014-01-26 08:57 - 02078208 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2014-01-26 08:57 - 2013-01-02 13:32 - 01662549 _____ C:\Windows\WindowsUpdate.log
2014-01-26 08:54 - 2009-07-13 20:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-26 08:54 - 2009-07-13 20:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-26 08:53 - 2009-07-13 21:13 - 00788182 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-26 08:52 - 2013-01-18 16:38 - 00000000 ____D C:\Users\User\AppData\Local\Adobe
2014-01-26 08:51 - 2013-02-22 17:04 - 00000904 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1285269184-562634182-578993391-1001UA.job
2014-01-26 08:50 - 2013-04-26 23:49 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-26 08:50 - 2013-02-22 17:04 - 00000852 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1285269184-562634182-578993391-1001Core.job
2014-01-26 08:50 - 2013-01-17 13:23 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-25 01:57 - 2013-01-17 15:29 - 00000000 ____D C:\Users\User\AppData\Local\PMB Files
2014-01-25 01:57 - 2013-01-17 15:28 - 00000000 ____D C:\Program Files (x86)\Steam
2014-01-25 01:55 - 2013-02-13 13:14 - 00000000 ____D C:\Users\User\AppData\Roaming\Dropbox
2014-01-25 01:55 - 2013-01-25 10:39 - 00000000 ____D C:\Users\User\AppData\Local\TSVNCache
2014-01-25 01:54 - 2013-04-11 18:33 - 00026010 _____ C:\Windows\setupact.log
2014-01-25 01:53 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-25 01:51 - 2014-01-25 01:35 - 00000942 _____ C:\Users\User\Desktop\esetScan.txt
2014-01-25 01:47 - 2014-01-20 10:39 - 00000000 ____D C:\Users\User\AppData\Local\Esdtion
2014-01-25 01:16 - 2013-04-27 00:24 - 00000000 ____D C:\Users\User\Downloads\Win Xp Pro SP3 oem
2014-01-25 01:12 - 2013-06-26 23:34 - 00000000 ____D C:\Users\User\Downloads\uvlp20800
2014-01-25 01:01 - 2013-05-31 19:43 - 00000000 ____D C:\Users\User\Downloads\Acoustica Mixcraft v5.2 build 151+Patch
2014-01-25 00:44 - 2013-12-09 20:42 - 00000000 ____D C:\Program Files\CamStudio 2.7
2014-01-25 00:44 - 2013-01-11 09:21 - 00000000 ___RD C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-24 20:21 - 2013-01-17 16:38 - 00000000 ____D C:\Users\User\AppData\Roaming\Adobe
2014-01-23 10:54 - 2013-01-21 01:43 - 00000000 ____D C:\ProgramData\Unity
2014-01-23 07:39 - 2013-02-13 13:18 - 00000000 ___RD C:\Users\User\Documents\Dropbox
2014-01-23 07:36 - 2013-04-26 16:17 - 00078566 _____ C:\Windows\PFRO.log
2014-01-23 07:27 - 2014-01-20 11:04 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-01-23 07:27 - 2013-10-21 07:30 - 00001973 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-01-23 07:27 - 2013-01-17 13:23 - 01038072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-01-23 07:27 - 2013-01-17 13:23 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-01-23 07:27 - 2013-01-17 13:23 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-01-23 07:27 - 2013-01-17 13:23 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-01-23 07:27 - 2013-01-17 13:19 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-22 07:17 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\system32\NDF
2014-01-21 18:40 - 2013-01-21 01:42 - 00000000 ____D C:\Users\User\AppData\Local\Unity
2014-01-21 18:39 - 2014-01-21 18:42 - 00007314 _____ C:\Users\User\Desktop\AdwCleaner[s0].txt
2014-01-21 18:39 - 2014-01-15 17:16 - 00000000 ____D C:\AdwCleaner
2014-01-21 18:34 - 2014-01-21 18:34 - 00004930 _____ C:\Users\User\Desktop\JRT.txt
2014-01-21 18:28 - 2014-01-21 18:28 - 00000000 ____D C:\Windows\ERUNT
2014-01-21 18:27 - 2014-01-21 18:27 - 01236282 _____ C:\Users\User\Downloads\AdwCleaner.exe
2014-01-21 18:27 - 2014-01-21 18:27 - 01037068 _____ (Thisisu) C:\Users\User\Downloads\JRT.exe
2014-01-21 11:09 - 2013-01-21 01:40 - 00000000 ____D C:\Program Files (x86)\Unity
2014-01-21 11:08 - 2013-01-21 01:42 - 00000000 ____D C:\Users\Public\Documents\Unity Projects
2014-01-21 11:06 - 2013-01-21 01:42 - 00001127 _____ C:\Users\Public\Desktop\Unity.lnk
2014-01-21 11:00 - 2014-01-21 10:50 - 1098684656 _____ (Unity Technologies ApS) C:\Users\User\Downloads\UnitySetup-4.3.3.exe
2014-01-21 05:19 - 2013-01-17 13:16 - 00000000 ____D C:\Users\User\AppData\Roaming\Mozilla
2014-01-20 19:22 - 2009-07-13 20:45 - 05096448 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-20 18:35 - 2013-08-15 10:24 - 00000000 ____D C:\Windows\system32\MRT
2014-01-20 18:34 - 2013-01-17 13:51 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-20 15:35 - 2014-01-20 15:30 - 00027872 _____ C:\Users\User\Desktop\dds.txt
2014-01-20 15:35 - 2014-01-20 15:30 - 00014438 _____ C:\Users\User\Desktop\attach.txt
2014-01-20 15:21 - 2014-01-20 15:21 - 00001116 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-20 15:21 - 2014-01-15 16:50 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-20 15:20 - 2014-01-20 15:20 - 00688992 ____R (Swearware) C:\Users\User\Desktop\dds.com
2014-01-20 15:20 - 2014-01-20 15:19 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\User\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-20 15:03 - 2014-01-20 15:03 - 02347384 _____ (ESET) C:\Users\User\Downloads\esetsmartinstaller_enu.exe
2014-01-20 15:03 - 2014-01-20 15:03 - 00000000 ____D C:\Program Files (x86)\ESET
2014-01-20 11:04 - 2013-10-16 10:45 - 00000000 ____D C:\ProgramData\Oracle
2014-01-20 11:03 - 2014-01-20 11:02 - 00005175 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-20 11:03 - 2013-03-04 19:04 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys
2014-01-20 11:03 - 2013-03-04 18:21 - 00000000 ____D C:\Program Files (x86)\Java
2014-01-20 10:58 - 2013-02-13 13:14 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-20 10:58 - 2013-01-17 13:23 - 00409832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1390244415
2014-01-20 10:50 - 2014-01-15 16:47 - 00000000 ____D C:\Program Files (x86)\ERUNT
2014-01-20 10:50 - 2013-12-19 22:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-20 10:50 - 2013-11-19 11:05 - 00000000 ____D C:\Windows\SysWOW64\NV
2014-01-20 10:50 - 2013-11-19 11:05 - 00000000 ____D C:\Windows\system32\NV
2014-01-20 10:50 - 2013-04-26 16:17 - 00000000 ____D C:\Users\The Pwnicorn
2014-01-20 10:50 - 2013-01-17 15:29 - 00000000 ____D C:\ProgramData\PMB Files
2014-01-20 10:50 - 2013-01-17 13:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-20 10:50 - 2013-01-02 13:25 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2014-01-20 10:50 - 2013-01-02 13:24 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2014-01-20 10:50 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\AppCompat
2014-01-20 10:49 - 2014-01-15 15:15 - 00000000 ____D C:\Windows\erdnt
2014-01-20 10:49 - 2013-04-11 23:05 - 00000000 ____D C:\Windows\pss
2014-01-20 10:49 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration
2014-01-20 10:43 - 2013-03-26 13:25 - 00000000 ____D C:\NVIDIA
2014-01-20 10:38 - 2014-01-15 16:56 - 00000000 ____D C:\Users\User\Desktop\malware crap
2014-01-15 17:39 - 2014-01-15 17:38 - 00059960 _____ C:\Users\User\Downloads\fixlist.txt
2014-01-15 17:39 - 2014-01-15 17:33 - 00044444 _____ C:\Users\User\Downloads\Addition.txt
2014-01-15 17:33 - 2014-01-15 17:33 - 00188336 _____ C:\Users\User\Downloads\Extras.Txt
2014-01-15 17:33 - 2014-01-15 17:33 - 00120578 _____ C:\Users\User\Downloads\OTL.Txt
2014-01-15 17:33 - 2014-01-15 17:33 - 00000000 ____D C:\FRST
2014-01-15 16:50 - 2014-01-15 16:50 - 00000000 ____D C:\Users\User\AppData\Roaming\Malwarebytes
2014-01-15 16:50 - 2014-01-15 16:50 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-15 16:49 - 2014-01-15 16:49 - 00000000 ____D C:\MGADiagToolOutput
2014-01-15 16:48 - 2014-01-15 16:48 - 00000000 ____D C:\ProgramData\Office Genuine Advantage
2014-01-15 15:58 - 2014-01-15 15:54 - 00000000 ____D C:\ProgramData\Doctor Web
2014-01-15 15:54 - 2014-01-15 15:54 - 00000000 ____D C:\Users\User\Doctor Web
2014-01-15 15:26 - 2014-01-15 15:26 - 00037964 _____ C:\ComboFix.txt
2014-01-15 15:26 - 2014-01-15 15:16 - 00000000 ____D C:\Qoobox
2014-01-09 17:03 - 2014-01-09 17:03 - 00000000 ____D C:\Users\User\Documents\Reus
2014-01-08 17:27 - 2013-01-02 13:26 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-01 17:02 - 2013-02-06 18:04 - 00000157 _____ C:\Windows\SysWOW64\SystemPreferences.xml
2013-12-30 22:53 - 2013-01-17 18:05 - 00000000 ____D C:\Users\User\Documents\Visual Studio 2010
2013-12-30 14:54 - 2013-01-21 15:41 - 00000000 ____D C:\Users\User\AppData\Local\CutePDF Writer
2013-12-27 13:06 - 2013-02-13 00:21 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype

Files to move or delete:
====================
C:\Users\User\AppData\Roaming\CamLayout.ini
C:\Users\User\AppData\Roaming\CamShapes.ini


Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\jgmleljx.exe
C:\Users\User\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\User\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== BCD ================================

Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=\Device\HarddiskVolume1
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
default                 {current}
resumeobject            {85b5f432-5521-11e2-9b66-0090f5de5c90}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30

Windows Boot Loader
-------------------
identifier              {current}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  en-US
loadoptions             ENABLE_INTEGRITY_CHECKS
inherit                 {bootloadersettings}
recoverysequence        {85b5f434-5521-11e2-9b66-0090f5de5c90}
recoveryenabled         Yes
testsigning             No
osdevice                partition=C:
systemroot              \Windows
resumeobject            {85b5f432-5521-11e2-9b66-0090f5de5c90}
nx                      OptIn

Windows Boot Loader
-------------------
identifier              {85b5f434-5521-11e2-9b66-0090f5de5c90}
device                  ramdisk=[C:]\Recovery\85b5f434-5521-11e2-9b66-0090f5de5c90\Winre.wim,{85b5f435-5521-11e2-9b66-0090f5de5c90}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\85b5f434-5521-11e2-9b66-0090f5de5c90\Winre.wim,{85b5f435-5521-11e2-9b66-0090f5de5c90}
systemroot              \windows
nx                      OptIn
winpe                   Yes

Resume from Hibernate
---------------------
identifier              {85b5f432-5521-11e2-9b66-0090f5de5c90}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No

Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=\Device\HarddiskVolume1
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes

EMS Settings
------------
identifier              {emssettings}
bootems                 Yes

Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM Defects
-----------
identifier              {badmemory}

Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}

Device options
--------------
identifier              {85b5f435-5521-11e2-9b66-0090f5de5c90}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\85b5f434-5521-11e2-9b66-0090f5de5c90\boot.sdi



LastRegBack: 2014-01-20 18:14

==================== End Of Log ============================

Link to post
Share on other sites

Additional log:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-01-2014 02
Ran by User at 2014-01-26 08:59:00
Running from C:\Users\User\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

7-Zip 9.20 (x64 edition) (Version: 9.20.00.0 - Igor Pavlov)
Acoustica Effects Pack (x32 Version: 3.0 - Acoustica, Inc)
Acoustica Mixcraft 5 (x32 Version:  - Acoustica)
Adobe Acrobat X Pro - English, Français, Deutsch (x32 Version: 10.1.2 - Adobe Systems)
Adobe After Effects CS6 (x32 Version: 11 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.7.0.2090 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.7.0.2090 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (x32 Version: 1.2.5 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.5 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Professional CS6 (x32 Version: 12.0 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Illustrator CS5.1 (x32 Version: 15.1 - Adobe Systems Incorporated)
Adobe Photoshop CS5.1 (x32 Version: 12.1 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) (x32 Version: 11.0.06 - Adobe Systems Incorporated)
Allegorithmic Substance BatchTools 1.x (x32 Version: 1.5.0 build 11975 (2013-03-27) - Allegorithmic)
Allegorithmic Substance Designer 3.x (x32 Version: 3.5.0 build 11973 (2013-03-27) - Allegorithmic)
AnyDVD (x32 Version: 6.6.6.0 - SlySoft)
Apple Application Support (x32 Version: 2.3 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.3 (x32 Version: 2.0.3 - Audacity Team)
Autodesk 3ds Max 2012 64-bit - English (Version: 14.0 - Autodesk)
Autodesk 3ds Max 2012 64-bit - English (Version: 14.0 - Autodesk) Hidden
Autodesk Backburner 2012.0.0 (x32 Version: 2012.0.0 - Autodesk, Inc.)
Autodesk DirectConnect 2.0 (x32 Version: 2006.09.26 - Autodesk)
Autodesk DirectConnect 2012 64-bit (Version: 6.0.443.0 - Autodesk)
Autodesk DirectConnect 2012 64-bit (Version: 6.0.443.0 - Autodesk) Hidden
Autodesk FBX Plug-in 2012.0 - 3ds Max 2012 64-bit (Version:  - Autodesk)
Autodesk MatchMover 2012 64-bit (Version: 14.00.0000 - Autodesk)
Autodesk Material Library 2012 (x32 Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (x32 Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2012 (x32 Version: 2.5.0.8 - Autodesk)
Autodesk Maya 2012 64-bit (Version: 14.0.0.0 - Autodesk)
Autodesk Maya 2012 64-bit (Version: 14.0.0.0 - Autodesk) Hidden
AUTODESK MAYA V8.5 (x32 Version:  - )
avast! Free Antivirus (x32 Version: 9.0.2013 - Avast Software)
Awesomenauts (x32 Version:  - )
Bastion (x32 Version:  - Supergiant Games)
BisonCam (x32 Version:  - BisonCam)
Bitmap Font Generator (x32 Version:  - )
Blender (Version: 2.67a - Blender Foundation)
Blood Bowl: Legendary Edition (x32 Version:  - Cyanide Studios)
Broken Sword: Shadow of the Templars - Director's Cut (x32 Version:  - Revolution Software Ltd)
CamStudio 2.7.2 (Version: 2.7.2 - CamStudio Open Source)
Capsized (x32 Version:  - )
Castle Crashers (x32 Version:  - )
CCleaner (Version: 4.00 - Piriform)
cgCharacter Mediview (x32 Version:  - )
ChiconyCam (x32 Version: 1.0.47.0819 - Chicony Electronics Co.,Ltd.)
Chivalry: Medieval Warfare (x32 Version:  - )
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.)
CloudReading (x32 Version: 1.0.27.1025 - Foxit Corporation)
Composite 2012 64-bit (Version: 7.0.0 - Autodesk)
CutePDF Writer 3.0 (Version:  3.0 - CutePDF.com)
CyberLink Media Suite (x32 Version: 8.0.3518 - CyberLink Corp.)
CyberLink Media Suite (x32 Version: 8.0.3518 - CyberLink Corp.) Hidden
CyberLink Power2Go (x32 Version: 7.0.0.2211 - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 7.0.0.2211 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (x32 Version: 10.0.3523.02 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.3523.02 - CyberLink Corp.) Hidden
DAEMON Tools Lite (x32 Version: 4.47.1.0333 - Disc Soft Ltd)
Dead Island (x32 Version:  - Techland)
Dear Esther (x32 Version:  - )
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32 Version:  - Microsoft)
D-Fend Reloaded 1.3.5 (deinstall) (x32 Version: 1.3.5 - Alexander Herzog)
Digital Voice Editor 3 (x32 Version: 3.3.01.11240 - Sony Corporation)
Don't Starve (x32 Version:  - )
Dota 2 (x32 Version:  - )
Dropbox (HKCU Version: 2.4.11 - Dropbox, Inc.)
Dungeons & Dragons: Chronicles of Mystara (x32 Version:  - Iron Galaxy Studios)
DVD Flick 1.3.0.7 (x32 Version: 1.3.0.7 - Dennis Meuwissen)
DVD43 Plug-in v1.0.0.6 (x32 Version:  - )
Eets Munchies (x32 Version:  - )
English Country Tune (x32 Version:  - )
ESET Online Scanner v3 (x32 Version:  - )
ETDWare PS/2-X64 10.5.2.0 (Version: 10.5.2.0 - ELAN Microelectronic Corp.)
FEZ (x32 Version:  - Polytron Corporation)
FileZilla Client 3.6.0.2 (x32 Version: 3.6.0.2 - FileZilla Project)
Flotilla (x32 Version:  - Blendo Games)
Foxit Reader (x32 Version: 6.1.1.1031 - Foxit Corporation)
Fractal: Make Blooms Not War (x32 Version:  - Cipher Prime Studios)
Fraps (remove only) (x32 Version:  - )
FTL: Faster Than Light (x32 Version:  - Subset Games)
Game of Thrones  (x32 Version:  - Cyanide Studios)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Gone Home (x32 Version:  - The Fullbright Company)
Google Talk Plugin (x32 Version: 5.1.2.17113 - Google)
Hack n Slash Prototype (x32 Version:  - )
Hammerwatch (x32 Version:  - )
HandBrake 0.9.8 (x32 Version: 0.9.8 - )
headus UVLayout v2 Professional (x32 Version: 2.08.00 - headus)
Hotkey 6.0030 (x32 Version: 6.0030 - NoteBook)
Hotkey 6.0030 (x32 Version: 6.0030 - NoteBook) Hidden
Hotline Miami (x32 Version:  - )
ImgBurn (x32 Version: 2.5.7.0 - LIGHTNING UK!)
Incredipede (x32 Version:  - Colin Northway with art by Thomas Shahan)
Intel® Control Center (x32 Version: 1.2.1.1008 - Intel Corporation)
Intel® Management Engine Components (x32 Version: 8.0.1.1399 - Intel Corporation)
Intel® OpenCL CPU Runtime (x32 Version:  - Intel Corporation)
Intel® Processor Graphics (x32 Version: 9.17.10.2932 - Intel Corporation)
Intel® Rapid Storage Technology (x32 Version: 11.5.0.1207 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (x32 Version: 1.0.5.235 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.23.219.2 - Intel Corporation)
Intrusion 2 (x32 Version:  - )
Jamestown (x32 Version:  - )
Jamestown (x32 Version: Final - AllSmartGames)
Java 7 Update 45 (64-bit) (Version: 7.0.450 - Oracle)
Java 7 Update 51 (x32 Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Kentucky Route Zero (x32 Version:  - Cardboard Computer)
League of Legends (x32 Version: 1.3 - Riot Games)
Legend of Dungeon (x32 Version:  - )
LG United Mobile Driver (x32 Version: 3.10.1.0 - LG Electronics)
LG Verizon United Driver (x32 Version: 2.11.1 - LG Electronics)
Little Inferno (x32 Version:  - )
Magicka (x32 Version:  - Arrowhead Game Studios AB)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Mark of the Ninja (x32 Version:  - Klei Entertainment)
Maya 8.5 (x32 Version: 8.50.0000 - Autodesk)
Maya 8.5 Documentation (en_US) (x32 Version: 8.50.0000 - Autodesk)
McPixel (x32 Version:  - Sos)
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (x32 Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.2.3.0 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Office 2010 Service Pack 1 (SP1) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (x32 Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (x32 Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x32 Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft Visual C# 2010 Express - ENU (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C# 2010 Express - ENU (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (x32 Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40303 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40308 - Microsoft Corporation) Hidden
Microsoft Xbox 360 Accessories 1.2 (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (x32 Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (x32 Version: 4.0.30901.0 - Microsoft Corporation)
Microsoft XNA Game Studio 4.0 (ARP entry) (x32 Version: 4.0.20823.0 - Microsoft Corporation) Hidden
Microsoft XNA Game Studio 4.0 (Redists) (x32 Version: 4.0.20823.0 - Microsoft Corporation) Hidden
Microsoft XNA Game Studio 4.0 (Shared Components) (x32 Version: 4.0.20823.0 - Microsoft Corporation) Hidden
Microsoft XNA Game Studio 4.0 (Visual Studio) (x32 Version: 4.0.20823.0 - Microsoft Corporation) Hidden
Microsoft XNA Game Studio 4.0 (x32 Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Game Studio 4.0 (XnaLiveProxy) (x32 Version: 4.0.20823.0 - Microsoft Corporation) Hidden
Microsoft XNA Game Studio 4.0 Documentation (x32 Version: 4.0.20823.0 - Microsoft Corporation) Hidden
Microsoft XNA Game Studio Platform Tools (x32 Version: 1.3.0.0 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Mirror's Edge (x32 Version:  - DICE)
Monaco (x32 Version:  - Pocketwatch Games)
MotioninJoy Gamepad tool 0.7.1001 (Version: 0.7.1001 - www.motioninjoy.com)
Mozilla Firefox 26.0 (x86 en-US) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
MPK mini Editor (x32 Version:  - )
Multimedia Fusion 2 (x32 Version:  - )
Natural Selection 2 (x32 Version:  - Unknown Worlds Entertainment)
Neverwinter (x32 Version:  - Cryptic Studios)
Notepad++ (x32 Version: 6.2.3 - )
NVIDIA Control Panel 331.82 (Version: 331.82 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 1.8 (Version: 1.8 - NVIDIA Corporation)
NVIDIA Graphics Driver 331.82 (Version: 331.82 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.142.992 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 10.10.5 (Version: 10.10.5 - NVIDIA Corporation) Hidden
NVIDIA Photoshop Plug-ins 64 bit (x32 Version: 8.50 - )
NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA PhysX Plug-in for Autodesk Maya 2012 64 bit (Version: 2.60.0216.1828 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0725 (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA ShadowPlay 10.10.5 (Version: 10.10.5 - NVIDIA Corporation) Hidden
NVIDIA Update 10.10.5 (Version: 10.10.5 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 10.10.5 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.12 (Version: 1.2.12 - NVIDIA Corporation)
Oil Rush (x32 Version:  - )
OpenAL (x32 Version:  - )
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593 - Apache Software Foundation)
Organ Trail: Director's Cut (x32 Version:  - The Men Who Wear Many Hats)
Origin (x32 Version: 9.3.2.2730 - Electronic Arts, Inc.)
Overlord (x32 Version:  - CodeMasters)
Pando Media Booster (x32 Version: 2.6.0.8 - Pando Networks Inc.)
Paranautical Activity (x32 Version:  - Code Avarice)
Path of Exile (x32 Version:  - Grinding Gear Games)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PeerBlock 1.1 (r518) (Version: 1.1.0.518 - PeerBlock, LLC)
Penny Arcade's On the Rain-Slick Precipice of Darkness 3 (x32 Version:  - )
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
Poker Night at the Inventory (x32 Version:  - Telltale Games)
Populous (x32 Version: 1.0.0.0 - Electronic Arts)
Proteus (x32 Version:  - )
Python 3.3.1 (x32 Version: 3.3.1150 - Python Software Foundation)
QuickTime (x32 Version: 7.73.80.64 - Apple Inc.)
RAW - Realms of Ancient War (x32 Version:  - Wizarbox)
Realtek Ethernet Controller Driver (x32 Version: 7.52.203.2012 - Realtek)
Realtek PCIE Card Reader (x32 Version: 6.1.7601.27015 - Realtek Semiconductor Corp.)
Recettear: An Item Shop's Tale (x32 Version:  - EasyGameStation)
RIFT (HKCU Version:  - Trion Worlds, Inc.)
Rogue Legacy (x32 Version:  - Cellar Door Games)
Sacred 2 Gold (x32 Version:  - Ascaron)
Scribblenauts Unlimited (x32 Version:  - 5th Cell Media)
SHIELD Streaming (Version: 1.6.75 - NVIDIA Corporation) Hidden
Skype™ 6.1 (x32 Version: 6.1.129 - Skype Technologies S.A.)
Spacebase DF-9 Prototype (x32 Version:  - )
Spelunky (x32 Version:  - )
Starseed Pilgrim (x32 Version:  - Droqen)
Stealth Bastard Deluxe (x32 Version:  - Curve Studios)
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
Super Meat Boy (x32 Version:  - )
Team Fortress 2 (x32 Version:  - Valve)
TeamViewer 8 (x32 Version: 8.0.22298 - TeamViewer)
Terraria (x32 Version:  - Re-Logic)
The Bard's Tale (x32 Version:  - inXile Entertainment)
The Sims™ 3 (x32 Version: 1.57.62 - Electronic Arts)
The Sims™ 3 High-End Loft Stuff (x32 Version: 3.13.1 - Electronic Arts)
The Sims™ 3 Late Night (x32 Version: 6.5.1 - Electronic Arts)
Thirty Flights of Loving (x32 Version:  - )
Thomas Was Alone (x32 Version:  - )
Ticket to Ride (x32 Version:  - Days of Wonder)
Tiny and Big: Grandpa's Leftovers (x32 Version:  - )
TopoGun 2.00 W64 BETA1 (x32 Version: 2.00 W64 BETA1 - SC PIXELMACHINE SRL)
TortoiseSVN 1.8.3.24901 (64 bit) (Version: 1.8.24901 - TortoiseSVN)
Trine (x32 Version:  - Frozenbyte)
Trine 2 (x32 Version:  - Frozenbyte)
Unity (x32 Version:  - Unity Technologies ApS)
Unity Web Player (HKCU Version:  - Unity Technologies ApS)
Update for Microsoft .NET Framework 4.5 (KB2750147) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4.5 (KB2805221) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4.5 (KB2805226) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2010 (KB2553065) (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2566458) (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Outlook Social Connector (KB983403) (x32 Version:  - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (x32 Version:  - Microsoft)
USB Vibration Joystick (x32 Version: v3.70 - )
Ventrilo Client for Windows x64 (Version: 3.0.8.0 - Flagship Industries, Inc.)
VIA Platform Device Manager (x32 Version: 1.39 - VIA Technologies, Inc.)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (x32 Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player 2.0.7 (x32 Version: 2.0.7 - VideoLAN)
VSO ConvertXtoDVD v5.0.0.45 FINAL (x32 Version: 5.0.0.45 - Friends in War)
Wacom Tablet (Version: 6.3.5w3 - Wacom Technology Corp.)
Waking Mars (x32 Version:  - Tiger Style)
WebCam Installer (x32 Version: 4.04 - WebCam)
WebCam Installer (x32 Version: 4.04 - WebCam) Hidden
WebTablet FB Plugin 32 bit (x32 Version: 2.1.0.3 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (Version: 2.1.0.3 - Wacom Technology Corp.)
WebTablet IE Plugin (x32 Version: 1.1.0.4 - Wacom Technology Corp.)
WebTablet Netscape Plugin (x32 Version: 1.1.0.3 - Wacom Technology Corp.)
Worms Reloaded (x32 Version:  - Team17 Software Ltd.)
ZBrush 4R5 (x32 Version: 4R5 - Pixologic)
ZBrush 4R6 (x32 Version: 4R6 - Pixologic)
Zip Motion Block Video codec (Remove Only) (x32 Version:  - DOSBox Team)

==================== Restore Points  =========================

23-01-2014 15:26:27 avast! antivirus system restore point

==================== Hosts content: ==========================

2013-04-06 00:49 - 2013-05-17 01:07 - 00001113 ___RA C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com 3dns.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.adobe.com activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com adobe-dns.adobe.com
127.0.0.1 adobeereg.com crl.verisign.net ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com
127.0.0.1 lm.licenses.adobe.com lmlicenses.wip4.adobe.com na2m-pr.licenses.adobe.com ood.opsource.net practivate.adobe practivate.adobe.com practivate.adobe.ipp practivate.adobe.newoa practivate.adobe.ntp
127.0.0.1 wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com wwis-dubc1-vip60.adobe.com www.adobeereg.com www.wip.adobe.com www.wip1.adobe.com
127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com


==================== Scheduled Tasks (whitelisted) =============

Task: {2E53EB33-33B1-4CA0-AAFB-4D45E371744D} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-01-23] (AVAST Software)
Task: {3021324F-17B4-41F7-B051-EAA6DEADB29F} - System32\Tasks\{B7BE19F4-AC6B-4F94-95A8-6444CA658377} => C:\Program Files (x86)\Steam\steamapps\common\Jamestown\Jamestown.exe [2013-01-26] ()
Task: {4A246A57-D017-40BF-A09B-2964F16F05E3} - System32\Tasks\{DD9F4122-427C-42F7-8058-F2DA211CC010} => C:\Program Files (x86)\Steam\steamapps\common\Jamestown\Jamestown.exe [2013-01-26] ()
Task: {52A8025C-182B-4176-BAB9-6054E0627C99} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1285269184-562634182-578993391-1001Core => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-22] (Google Inc.)
Task: {68F2B67D-AB20-4DE3-9979-B8C048FE96B8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-10] (Adobe Systems Incorporated)
Task: {8CE3A3E6-FC09-4742-AED5-E8080A236B9C} - System32\Tasks\{1641D7FD-BADA-4DB4-A7B1-29FA0F8D693B} => C:\Windows\system32\msiexec.exe [2010-11-20] (Microsoft Corporation)
Task: {C5F833CD-148E-4608-A302-212C32FA7850} - System32\Tasks\AdobeAAMUpdater-1.0-CCB824321-The Pwnicorn => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {D4EC6D4B-F5B3-4956-A437-73CF8077BDC3} - System32\Tasks\AdobeAAMUpdater-1.0-CCB824321-User => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {E5F41ED5-6E1F-4AFA-8F44-9C2136F68B56} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1285269184-562634182-578993391-1001UA => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-22] (Google Inc.)
Task: {EE665117-379A-45A5-B9FA-57A9AD5CBADA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd)
Task: {FEB6A38B-42C8-4993-A186-75AB1BE75E89} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1285269184-562634182-578993391-1001Core.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1285269184-562634182-578993391-1001UA.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-10-27 17:52 - 2013-10-27 17:52 - 00075504 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll
2013-10-27 17:52 - 2013-10-27 17:52 - 00088304 _____ () C:\Program Files\TortoiseSVN\bin\libsasl.dll
2010-01-02 06:42 - 2010-01-02 06:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2010-10-20 14:23 - 2010-10-20 14:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2012-06-18 07:24 - 2012-06-18 07:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2013-03-18 12:54 - 2013-02-08 11:22 - 01185080 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2012-05-15 09:10 - 2012-03-26 01:33 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-01-02 13:28 - 2012-02-12 08:28 - 00078448 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2013-01-02 13:28 - 2012-02-12 08:28 - 00386160 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2014-01-24 20:13 - 2014-01-24 09:39 - 02166272 _____ () C:\Program Files\AVAST Software\Avast\defs\14012401\algo.dll
2014-01-25 01:47 - 2014-01-25 01:47 - 00027136 _____ () C:\Users\User\AppData\Local\Esdtion\AllWan.dll
2009-06-06 14:50 - 2009-06-06 14:50 - 00019968 _____ () C:\Program Files (x86)\Hotkey\Audiodll.dll
2013-10-18 15:55 - 2013-10-18 15:55 - 25100288 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\libcef.dll
2011-03-09 14:21 - 2011-03-09 14:21 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2011-03-09 14:21 - 2011-03-09 14:21 - 00013096 _____ () c:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2012-08-10 15:51 - 2012-08-10 15:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2013-10-21 07:29 - 2013-10-21 07:29 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-08-15 12:05 - 2013-08-15 12:05 - 00017920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\7f1c4488c4b8d9e16fcf01504f5605a5\PSIClient.ni.dll
2014-01-20 10:56 - 2013-12-12 14:19 - 00142848 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2014-01-20 10:56 - 2013-11-04 17:12 - 00890592 _____ () C:\Program Files (x86)\Steam\libavutil-52.dll
2013-06-02 20:22 - 2013-12-12 14:04 - 00716800 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2013-06-02 20:22 - 2014-01-07 13:00 - 01138088 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-06-02 20:22 - 2013-12-12 14:04 - 20625832 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2013-06-02 20:22 - 2013-06-14 15:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2013-06-02 20:22 - 2013-06-14 15:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2013-06-02 20:22 - 2013-06-14 15:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2013-01-02 13:32 - 2012-01-19 03:23 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2012-11-29 13:59 - 2012-11-29 13:59 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2013-10-27 17:07 - 2013-10-27 17:07 - 00065264 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub32.dll
2013-10-27 17:06 - 2013-10-27 17:06 - 00071408 _____ () C:\Program Files\TortoiseSVN\bin\libsasl32.dll
2013-12-19 22:38 - 2013-12-19 22:38 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-03-24 20:17 - 2010-03-24 20:17 - 08794464 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/25/2014 01:56:51 AM) (Source: Application Error) (User: )
Description: Faulting application name: NvBackend.exe, version: 10.10.5.1, time stamp: 0x5298c5b1
Faulting module name: nvd3d9wrap.dll, version: 9.18.13.3182, time stamp: 0x5280d7e2
Exception code: 0xc0000005
Fault offset: 0x00005170
Faulting process id: 0xbd0
Faulting application start time: 0xNvBackend.exe0
Faulting application path: NvBackend.exe1
Faulting module path: NvBackend.exe2
Report Id: NvBackend.exe3

Error: (01/25/2014 01:56:02 AM) (Source: Application Error) (User: )
Description: Faulting application name: NvBackend.exe, version: 10.10.5.1, time stamp: 0x5298c5b1
Faulting module name: nvspcap.dll_unloaded, version: 0.0.0.0, time stamp: 0x5298c3ff
Exception code: 0xc0000005
Fault offset: 0x100be390
Faulting process id: 0xbd0
Faulting application start time: 0xNvBackend.exe0
Faulting application path: NvBackend.exe1
Faulting module path: NvBackend.exe2
Report Id: NvBackend.exe3

Error: (01/25/2014 01:54:48 AM) (Source: TabletServiceWacom) (User: )
Description: Could not init tablet driver

Error: (01/25/2014 01:54:44 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/25/2014 01:52:05 AM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (01/24/2014 08:16:25 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/24/2014 08:16:23 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/23/2014 10:11:11 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (01/23/2014 07:38:25 AM) (Source: TabletServiceWacom) (User: )
Description: Could not init tablet driver

Error: (01/23/2014 07:38:20 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (01/25/2014 01:54:11 AM) (Source: Service Control Manager) (User: )
Description: The Hardlock service failed to start due to the following error:
%%577

Error: (01/25/2014 01:52:04 AM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (01/23/2014 07:44:39 AM) (Source: Service Control Manager) (User: )
Description: The Windows Update service hung on starting.

Error: (01/23/2014 07:37:41 AM) (Source: Service Control Manager) (User: )
Description: The Hardlock service failed to start due to the following error:
%%577

Error: (01/23/2014 07:35:37 AM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (01/22/2014 10:02:58 AM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (01/21/2014 06:42:25 PM) (Source: Service Control Manager) (User: )
Description: The Hardlock service failed to start due to the following error:
%%577


Microsoft Office Sessions:
=========================
Error: (01/25/2014 01:56:51 AM) (Source: Application Error)(User: )
Description: NvBackend.exe10.10.5.15298c5b1nvd3d9wrap.dll9.18.13.31825280d7e2c000000500005170bd001cf19b36b3ca9a6C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exeC:\Program Files (x86)\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll02b0377f-85a7-11e3-8dad-2016d878d59a

Error: (01/25/2014 01:56:02 AM) (Source: Application Error)(User: )
Description: NvBackend.exe10.10.5.15298c5b1nvspcap.dll_unloaded0.0.0.05298c3ffc0000005100be390bd001cf19b36b3ca9a6C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exenvspcap.dlle593df44-85a6-11e3-8dad-2016d878d59a

Error: (01/25/2014 01:54:48 AM) (Source: TabletServiceWacom)(User: )
Description: Could not init tablet driver

Error: (01/25/2014 01:54:44 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/25/2014 01:52:05 AM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe)(User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (01/24/2014 08:16:25 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\User\Downloads\esetsmartinstaller_enu.exe

Error: (01/24/2014 08:16:23 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\User\Downloads\esetsmartinstaller_enu.exe

Error: (01/23/2014 10:11:11 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"c:\Program Files\Autodesk\Composite 2012\python\lib\distutils\command\wininst-8_d.exe

Error: (01/23/2014 07:38:25 AM) (Source: TabletServiceWacom)(User: )
Description: Could not init tablet driver

Error: (01/23/2014 07:38:20 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2014-01-25 01:54:11.662
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hardlock.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-01-25 01:54:11.506
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hardlock.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-01-23 07:37:41.899
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hardlock.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-01-23 07:37:41.805
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hardlock.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-01-21 18:42:25.358
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hardlock.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-01-21 18:42:25.062
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hardlock.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-01-20 19:21:32.097
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hardlock.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-01-20 19:21:31.879
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hardlock.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-01-20 19:18:15.614
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hardlock.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-01-20 19:18:15.520
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hardlock.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Percentage of memory in use: 20%
Total physical RAM: 16277.14 MB
Available physical RAM: 12945.02 MB
Total Pagefile: 32552.46 MB
Available Pagefile: 29205.46 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:698.29 GB) (Free:167.96 GB) NTFS
Drive e: (990525_0759) (CDROM) (Total:0.5 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: A08BCF78)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=698 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Link to post
Share on other sites

2013-04-06 00:49 - 2013-05-17 01:07 - 00001113 ___RA C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com 3dns.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.adobe.com activate.wip.adobe.com

127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com adobe-dns.adobe.com

127.0.0.1 adobeereg.com crl.verisign.net ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com

127.0.0.1 lm.licenses.adobe.com lmlicenses.wip4.adobe.com na2m-pr.licenses.adobe.com ood.opsource.net practivate.adobe practivate.adobe.com practivate.adobe.ipp practivate.adobe.newoa practivate.adobe.ntp

127.0.0.1 wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com wwis-dubc1-vip60.adobe.com www.adobeereg.com www.wip.adobe.com www.wip1.adobe.com

127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com

I'm sorry but since you have evidence of cracked or pirated software you're using on the system, this thread will be closed.

Piracy

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.