Jump to content

Some virus made all my desktop and start menu items disappear


Recommended Posts

Can someone help me?

I use Windows 8, and I already saw a post here about something similiar, but still can't see any of my items. 

I think that I sucessfully removed the virus, Installed RogueKiller and OTL, but I don't know what to do next.

Thank you in advance.

Link to post
Share on other sites

This was the OTL report, but I don't know what to do with this.

 

OTL logfile created on: 07/07/2014 15:46:53 - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\daniel\Downloads

64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation

Internet Explorer (Version = 9.10.9200.16921)

Locale: 00000816 | Country: Portugal | Language: PTG | Date Format: dd/MM/yyyy

 

7,89 Gb Total Physical Memory | 5,14 Gb Available Physical Memory | 65,13% Memory free

9,08 Gb Paging File | 6,55 Gb Available in Paging File | 72,11% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 918,63 Gb Total Space | 792,54 Gb Free Space | 86,27% Space Free | Partition Type: NTFS

Drive D: | 178,00 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

 

Computer Name: DANIEL | User Name: daniel | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - C:\Users\daniel\Downloads\OTL.exe (OldTimer Tools)

PRC - C:\Users\daniel\Downloads\RogueKiller.exe ()

PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)

PRC - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)

PRC - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\Program Files (x86)\AVG\AVG2014\avgfws.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)

PRC - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)

PRC - C:\Users\daniel\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)

PRC - C:\Program Files (x86)\WBDesktop.Updater.exe (cake bake)

PRC - C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (Power Software Ltd)

PRC - C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)

PRC - C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe ()

PRC - C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)

PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)

PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)

PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)

PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe (Intel Corporation)

 

 

========== Modules (No Company Name) ==========

 

MOD - C:\Users\daniel\Downloads\RogueKiller.exe ()

MOD - C:\Program Files (x86)\Steam\video.dll ()

MOD - C:\Program Files (x86)\Steam\bin\chromehtml.DLL ()

MOD - C:\Program Files (x86)\Steam\SDL2.dll ()

MOD - C:\Program Files (x86)\Steam\libavcodec-55.dll ()

MOD - C:\Program Files (x86)\Steam\libavutil-53.dll ()

MOD - C:\Program Files (x86)\Steam\libavformat-55.dll ()

MOD - C:\Program Files (x86)\Steam\libavresample-1.dll ()

MOD - C:\Program Files (x86)\Steam\bin\libcef.dll ()

MOD - C:\Program Files (x86)\Steam\libswscale-2.dll ()

MOD - C:\Program Files (x86)\Steam\bin\avcodec-53.dll ()

MOD - C:\Program Files (x86)\Steam\bin\avformat-53.dll ()

MOD - C:\Program Files (x86)\Steam\bin\avutil-51.dll ()

MOD - C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll ()

MOD - C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe ()

 

 

========== Services (SafeList) ==========

 

SRV:64bit: - (NvStreamSvc) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation)

SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)

SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)

SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)

SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)

SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)

SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)

SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)

SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)

SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)

SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)

SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)

SRV:64bit: - (RtkAudioService) -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor)

SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)

SRV:64bit: - (TOSHIBA eco Utility Service) -- C:\Program Files\TOSHIBA\Teco\TecoService.exe (TOSHIBA Corporation)

SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)

SRV:64bit: - (Thpsrv) -- C:\Windows\SysNative\ThpSrv.exe (TOSHIBA Corporation)

SRV:64bit: - (TPCHSrv) -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe (TOSHIBA Corporation)

SRV:64bit: - (TMachInfo) -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe (TOSHIBA Corporation)

SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)

SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)

SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)

SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)

SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)

SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)

SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)

SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)

SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)

SRV:64bit: - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation)

SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)

SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)

SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)

SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)

SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)

SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)

SRV:64bit: - (Intel® -- C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel® Corporation)

SRV:64bit: - (TODDSrv) -- C:\Windows\SysNative\TODDSrv.exe (TOSHIBA Corporation)

SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)

SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.)

SRV - (avgfws) -- C:\Program Files (x86)\AVG\AVG2014\avgfws.exe (AVG Technologies CZ, s.r.o.)

SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)

SRV - (NvNetworkService) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)

SRV - (TunngleService) -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe (Tunngle.net GmbH)

SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)

SRV - (WebCake Desktop Updater) -- C:\Program Files (x86)\WBDesktop.Updater.exe (cake bake)

SRV - (Desura Install Service) -- C:\Program Files (x86)\Common Files\Desura\desura_service.exe (Desura Pty Ltd)

SRV - (TemproMonitoringService) -- C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe (Toshiba Europe GmbH)

SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation)

SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)

SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)

SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)

SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)

SRV - (Intel® -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)

SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe (Intel Corporation)

 

 

========== Driver Services (SafeList) ==========

 

DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\Drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)

DRV:64bit: - (Avgloga) -- C:\Windows\SysNative\Drivers\avgloga.sys (AVG Technologies CZ, s.r.o.)

DRV:64bit: - (AVGIDSHA) -- C:\Windows\SysNative\Drivers\avgidsha.sys (AVG Technologies CZ, s.r.o.)

DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\Drivers\avgidsdrivera.sys (AVG Technologies CZ, s.r.o.)

DRV:64bit: - (Avgdiska) -- C:\Windows\SysNative\Drivers\avgdiska.sys (AVG Technologies CZ, s.r.o.)

DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\Drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)

DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\Drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.)

DRV:64bit: - (NvStreamKms) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys (NVIDIA Corporation)

DRV:64bit: - (Avgwfpa) -- C:\Windows\SysNative\Drivers\avgwfpa.sys (AVG Technologies CZ, s.r.o.)

DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\Drivers\nvvad64v.sys (NVIDIA Corporation)

DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation)

DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation)

DRV:64bit: - (tosrfec) -- C:\Windows\SysNative\Drivers\tosrfec.sys (TOSHIBA Corporation)

DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation)

DRV:64bit: - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation)

DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation)

DRV:64bit: - (Avgfwfd) -- C:\Windows\SysNative\Drivers\avgfwd6a.sys (AVG Technologies CZ, s.r.o.)

DRV:64bit: - (Avgboota) -- C:\Windows\SysNative\Drivers\avgboota.sys (AVG Technologies CZ, s.r.o.)

DRV:64bit: - (SynTP) -- C:\Windows\SysNative\Drivers\SynTP.sys (Synaptics Incorporated)

DRV:64bit: - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation)

DRV:64bit: - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation)

DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\Drivers\dtsoftbus01.sys (Disc Soft Ltd)

DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation)

DRV:64bit: - (SCDEmu) -- C:\windows\SysNative\drivers\scdemu.sys (Power Software Ltd)

DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation)

DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation)

DRV:64bit: - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation)

DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation)

DRV:64bit: - (CeKbFilter) -- C:\Windows\SysNative\Drivers\CeKbFilter.sys (Compal Electronics, INC.)

DRV:64bit: - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation)

DRV:64bit: - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation)

DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation)

DRV:64bit: - (SmbDrvI) -- C:\Windows\SysNative\Drivers\Smb_driver_Intel.sys (Synaptics Incorporated)

DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation)

DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation)

DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation)

DRV:64bit: - (igfx) -- C:\Windows\SysNative\Drivers\igdkmd64.sys (Intel Corporation)

DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation)

DRV:64bit: - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation)

DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\Drivers\nvpciflt.sys (NVIDIA Corporation)

DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation)

DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation)

DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\Drivers\iaStorA.sys (Intel Corporation)

DRV:64bit: - (RTWlanE) -- C:\Windows\SysNative\Drivers\rtwlane.sys (Realtek Semiconductor Corporation                           )

DRV:64bit: - (Thotkey) -- C:\Windows\SysNative\Drivers\Thotkey.sys (Windows ® Win 7 DDK provider)

DRV:64bit: - (RTL8168) -- C:\Windows\SysNative\Drivers\Rt630x64.sys (Realtek                                            )

DRV:64bit: - (Thpdrv) -- C:\Windows\SysNative\Drivers\thpdrv.sys (TOSHIBA Corporation)

DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)

DRV:64bit: - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation)

DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation)

DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation)

DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation)

DRV:64bit: - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation)

DRV:64bit: - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.)

DRV:64bit: - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.)

DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation)

DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation)

DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company)

DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation)

DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation)

DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.)

DRV:64bit: - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI)

DRV:64bit: - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices)

DRV:64bit: - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices)

DRV:64bit: - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation)

DRV:64bit: - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation)

DRV:64bit: - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation)

DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\Drivers\WSDPrint.sys (Microsoft Corporation)

DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation)

DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation)

DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation)

DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation)

DRV:64bit: - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation)

DRV:64bit: - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation)

DRV:64bit: - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation)

DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation)

DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation)

DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation)

DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation)

DRV:64bit: - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation)

DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation)

DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation)

DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation)

DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation)

DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation)

DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation)

DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\Drivers\BthLEEnum.sys (Microsoft Corporation)

DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation)

DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation)

DRV:64bit: - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation)

DRV:64bit: - (TVALZ) -- C:\Windows\SysNative\Drivers\TVALZ_O.SYS (TOSHIBA Corporation)

DRV:64bit: - (tdcmdpst) -- C:\Windows\SysNative\Drivers\tdcmdpst.sys (TOSHIBA Corporation.)

DRV:64bit: - (TVALZFL) -- C:\Windows\SysNative\Drivers\TVALZFL.sys (TOSHIBA Corporation)

DRV:64bit: - (LPCFilter) -- C:\Windows\SysNative\Drivers\LPCFilter.sys (COMPAL ELECTRONIC INC.)

DRV:64bit: - (RtkBtFilter) -- C:\Windows\SysNative\Drivers\RtkBtfilter.sys (Realtek Microelectronics)

DRV:64bit: - (RSP2STOR) -- C:\Windows\SysNative\Drivers\RtsP2Stor.sys (Realtek Semiconductor Corp.)

DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\Drivers\HECIx64.sys (Intel Corporation)

DRV:64bit: - (Thpevm) -- C:\Windows\SysNative\Drivers\Thpevm.sys (TOSHIBA Corporation)

DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\Drivers\IntcDAud.sys (Intel® Corporation)

DRV:64bit: - (tos_sps64) -- C:\Windows\SysNative\Drivers\tos_sps64.sys (TOSHIBA Corporation)

DRV:64bit: - (athr) -- C:\Windows\SysNative\Drivers\athrx.sys (Qualcomm Atheros Communications, Inc.)

DRV:64bit: - (MotioninJoyXFilter) -- C:\Windows\SysNative\Drivers\MijXfilt.sys (MotioninJoy)

DRV:64bit: - (xusb21) -- C:\Windows\SysNative\Drivers\xusb21.sys (Microsoft Corporation)

DRV:64bit: - (tap0901t) -- C:\Windows\SysNative\Drivers\tap0901t.sys (Tunngle.net)

DRV - (TrueSight) -- C:\Windows\SysWOW64\drivers\TrueSight.sys ()

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp&ts=1404738382&from=ild&uid=TOSHIBAXMQ01ABD100_2372F9B5SXX2372F9B5S



IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hp&ts=1404738382&from=ild&uid=TOSHIBAXMQ01ABD100_2372F9B5SXX2372F9B5S

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}


IE:64bit: - HKLM\..\SearchScopes\{C62BF5D9-086A-4A9E-854B-70C0EF781786}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATMJS

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp&ts=1404738382&from=ild&uid=TOSHIBAXMQ01ABD100_2372F9B5SXX2372F9B5S


IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm



IE - HKLM\..\URLSearchHook: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player_ControlBar\prxtbBS_P.dll (Conduit Ltd.)

IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}


IE - HKLM\..\SearchScopes\{C62BF5D9-086A-4A9E-854B-70C0EF781786}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATMJS

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp&ts=1404738382&from=ild&uid=TOSHIBAXMQ01ABD100_2372F9B5SXX2372F9B5S


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 



IE - HKCU\..\URLSearchHook: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player_ControlBar\prxtbBS_P.dll (Conduit Ltd.)

IE - HKCU\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}



IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

 

 

========== FireFox ==========

 

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()

FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=3: C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll File not found

FF - HKLM\Software\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=9: C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll File not found

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

 

 

[2014/03/03 02:48:58 | 000,034,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll

 

========== Chrome  ==========

 

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},


CHR - plugin: Error reading preferences file

CHR - Extension: wareztuga.tv streamer = C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajnommifabkikkfaponcacapkfaghkcj\4.4_0\

CHR - Extension: AdBlock = C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.7.5_0\

CHR - Extension: Into The Mist = C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgihmkgobaljfehcadcckdggpeojaadh\1_0\

CHR - Extension: Google Wallet = C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\

CHR - Extension: Quick start = C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.9_0\

 

O1 HOSTS File: ([2012/07/26 06:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts

O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL (Microsoft Corporation)

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (DealPly Shopping) - {ae48ed75-5a56-4c5f-bbce-6f1ac3875f66} - C:\Program Files (x86)\DealPly\DealPlyIE.dll File not found

O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL (Microsoft Corporation)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O2 - BHO: (BS Player ControlBar Toolbar) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player_ControlBar\prxtbBS_P.dll (Conduit Ltd.)

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (BS Player ControlBar Toolbar) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player_ControlBar\prxtbBS_P.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (BS Player ControlBar Toolbar) - {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - C:\Program Files (x86)\BS_Player_ControlBar\prxtbBS_P.dll (Conduit Ltd.)

O4:64bit: - HKLM..\Run: []  File not found

O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)

O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4:64bit: - HKLM..\Run: [shadowPlay] C:\windows\SysNative\nvspcap64.dll (NVIDIA Corporation)

O4:64bit: - HKLM..\Run: [sRS Premium Sound 3D] C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe (SRS Labs, Inc.)

O4:64bit: - HKLM..\Run: [TCrdMain] C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe ()

O4:64bit: - HKLM..\Run: [TecoResident] C:\Program Files\TOSHIBA\Teco\TecoResident.exe (TOSHIBA Corporation)

O4:64bit: - HKLM..\Run: [ThpSrv] C:\windows\SysNative\thpsrv.exe (TOSHIBA Corporation)

O4:64bit: - HKLM..\Run: [TODDMain] C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe ()

O4:64bit: - HKLM..\Run: [TosPU] C:\Program Files\TOSHIBA\PasswordUtility\TosPU.exe (Copyright © TOSHIBA Corp. 2012)

O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)

O4:64bit: - HKLM..\Run: [TSleepSrv] C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe (TOSHIBA Corporation)

O4 - HKLM..\Run: [Aeria Ignite] C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe (Aeria Games & Entertainment)

O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)

O4 - HKLM..\Run: [intel AppUp® center] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Intel Corporation)

O4 - HKLM..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)

O4 - HKLM..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey File not found

O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (Power Software Ltd)

O4 - HKLM..\Run: [tuto4pc_pt_18]  File not found

O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\daniel\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)

O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)

O4 - HKCU..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent File not found

O4 - HKCU..\Run: [Optimizer Pro] C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe File not found

O4 - HKCU..\Run: [spotify Web Helper] C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)

O4 - HKCU..\Run: [steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)

O4 - HKCU..\Run: [uTorrent] C:\Users\daniel\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000 File not found

O8:64bit: - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105 File not found

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000 File not found

O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105 File not found

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O15 - HKCU\..Trusted Domains: aeriagames.com ([]http in Trusted sites)

O15 - HKCU\..Trusted Domains: aeriagames.com ([]https in Trusted sites)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5927A958-F97B-4459-BFB8-2BD578CA6667}: DhcpNameServer = 192.168.1.254

O18:64bit: - Protocol\Handler\ms-help - No CLSID value found

O18:64bit: - Protocol\Handler\osf - No CLSID value found

O18:64bit: - Protocol\Handler\skype4com - No CLSID value found

O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

O20:64bit: - AppInit_DLLs: (C:\windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)

O20 - AppInit_DLLs: (c:\windows\syswow64\nvinit.dll) - c:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)

O20 - AppInit_DLLs: (c:\progra~2\optimi~1\optpro~1.dll) -  File not found

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)

O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O30 - LSA: Security Packages - (livessp) -  File not found

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 

========== Files/Folders - Created Within 30 Days ==========

 

[2014/07/07 15:33:18 | 000,000,000 | ---D | C] -- C:\ProgramData\RogueKiller

[2014/07/07 14:31:53 | 000,000,000 | ---D | C] -- C:\windows\SoftwareDistribution

[2014/07/07 14:07:24 | 000,000,000 | ---D | C] -- C:\Users\daniel\AppData\Local\PriceMeter

[2014/07/07 14:07:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SupTab

[2014/07/07 14:07:14 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsMangerProtect

[2014/07/07 14:05:42 | 000,000,000 | ---D | C] -- C:\Users\daniel\AppData\Local\globalUpdate

[2014/07/07 14:05:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\globalUpdate

[2014/07/03 16:25:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Age of Mythology Extended Edition

[2014/06/29 21:13:30 | 000,000,000 | ---D | C] -- C:\Users\daniel\Documents\JD GUI

[2014/06/18 22:38:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECache

[2014/06/17 16:21:34 | 000,235,800 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgldx64.sys

[2014/06/17 16:07:12 | 000,328,984 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgloga.sys

[2014/06/17 16:06:24 | 000,190,744 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgidsha.sys

[2014/06/17 16:06:22 | 000,242,968 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgidsdrivera.sys

[2014/06/17 16:06:22 | 000,153,368 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgdiska.sys

[2014/06/17 16:06:20 | 000,123,672 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgmfx64.sys

[2014/06/17 16:06:06 | 000,031,512 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgrkx64.sys

[2014/06/11 19:32:57 | 001,715,176 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvspbridge64.dll

[2014/06/11 19:32:57 | 001,279,480 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvspcap64.dll

[2014/06/11 19:32:56 | 001,291,232 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvspbridge.dll

[2014/06/11 19:32:56 | 001,122,312 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvspcap.dll

[2014/06/11 19:32:55 | 000,000,000 | ---D | C] -- C:\Users\daniel\AppData\Local\NVIDIA Corporation

[2014/06/11 19:32:55 | 000,000,000 | ---D | C] -- C:\Users\daniel\AppData\Local\NVIDIA

[2014/06/11 19:32:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation

[2014/06/11 19:32:30 | 000,040,392 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\drivers\nvvad64v.sys

[2014/06/11 19:32:30 | 000,037,320 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvaudcap64v.dll

[2014/06/11 19:32:30 | 000,034,760 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvaudcap32v.dll

[2014/06/11 18:51:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Tunngle

[2014/06/11 18:51:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle

[2014/06/11 18:51:11 | 000,031,232 | ---- | C] (Tunngle.net) -- C:\windows\SysNative\drivers\tap0901t.sys

[2014/06/11 18:51:11 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Tunngle

[2014/06/11 18:51:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tunngle

[2014/06/11 18:44:57 | 000,000,000 | ---D | C] -- C:\Users\daniel\Documents\Tunngle

[2014/06/11 18:44:57 | 000,000,000 | ---D | C] -- C:\Users\daniel\AppData\Roaming\Tunngle

[2014/06/11 10:08:23 | 001,301,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gdi32.dll

[2014/06/11 10:08:22 | 003,246,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcorets.dll

[2014/06/11 10:08:22 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpudd.dll

[2014/06/11 10:08:19 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll

[2014/06/11 10:08:19 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll

[2014/06/11 10:08:19 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll

[2014/06/11 10:08:19 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\UXInit.dll

[2014/06/11 10:08:19 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll

[2014/06/11 10:08:19 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll

[2014/06/11 10:08:18 | 001,440,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl

[2014/06/11 10:08:18 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll

[2014/06/11 10:08:18 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll

[2014/06/11 10:08:18 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\UXInit.dll

[2014/06/11 10:08:18 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe

[2014/06/11 10:08:16 | 001,508,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl

[2014/06/11 10:08:15 | 000,915,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\uxtheme.dll

[2014/06/11 10:08:15 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll

[2014/06/11 10:08:14 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll

[2014/06/11 10:08:13 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll

[2014/06/11 10:08:09 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll

[2014/06/11 10:08:09 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll

[2014/06/11 10:08:07 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll

[2014/06/11 10:07:45 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll

[2014/06/11 10:07:45 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll

[2014/06/11 10:07:43 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll

[2014/06/11 10:07:25 | 000,328,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\Classpnp.sys

[2014/06/11 10:07:25 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wusa.exe

[2014/06/11 10:07:25 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wusa.exe

[2014/06/10 16:00:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Outlast Whistleblower

[2013/08/11 10:27:51 | 000,051,992 | ---- | C] (cake bake) -- C:\Program Files (x86)\WBDesktop.Updater.exe

[2 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2014/07/07 15:33:19 | 000,029,696 | ---- | M] () -- C:\windows\SysWow64\drivers\TrueSight.sys

[2014/07/07 15:31:49 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat

[2014/07/07 15:30:32 | 000,001,018 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job

[2014/07/07 15:30:23 | 000,000,916 | ---- | M] () -- C:\windows\tasks\DealPlyLiveUpdateTaskMachineCore.job

[2014/07/07 15:29:45 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys

[2014/07/07 15:29:44 | 2484,436,991 | -HS- | M] () -- C:\hiberfil.sys

[2014/07/07 15:22:00 | 000,000,920 | ---- | M] () -- C:\windows\tasks\DealPlyLiveUpdateTaskMachineUA.job

[2014/07/07 15:17:02 | 000,000,308 | ---- | M] () -- C:\windows\tasks\Dealply.job

[2014/07/07 14:58:01 | 000,001,022 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job

[2014/07/03 18:58:19 | 001,784,926 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI

[2014/07/03 18:58:19 | 000,776,694 | ---- | M] () -- C:\windows\SysNative\prfh0816.dat

[2014/07/03 18:58:19 | 000,710,244 | ---- | M] () -- C:\windows\SysNative\perfh009.dat

[2014/07/03 18:58:19 | 000,159,974 | ---- | M] () -- C:\windows\SysNative\prfc0816.dat

[2014/07/03 18:58:19 | 000,132,614 | ---- | M] () -- C:\windows\SysNative\perfc009.dat

[2014/06/24 11:52:10 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_Kernel_SynTP_01011.Wdf

[2014/06/17 16:21:34 | 000,235,800 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgldx64.sys

[2014/06/17 16:07:12 | 000,328,984 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgloga.sys

[2014/06/17 16:06:24 | 000,190,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgidsha.sys

[2014/06/17 16:06:22 | 000,242,968 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgidsdrivera.sys

[2014/06/17 16:06:22 | 000,153,368 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgdiska.sys

[2014/06/17 16:06:20 | 000,123,672 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgmfx64.sys

[2014/06/17 16:06:06 | 000,031,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgrkx64.sys

[2014/06/13 16:56:29 | 005,198,640 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT

[2014/06/11 18:52:57 | 000,000,000 | ---- | M] () -- C:\windows\SysWow64\Access.dat

[2 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2014/07/07 15:33:19 | 000,029,696 | ---- | C] () -- C:\windows\SysWow64\drivers\TrueSight.sys

[2014/06/24 11:52:10 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_Kernel_SynTP_01011.Wdf

[2014/06/11 18:45:54 | 000,000,000 | ---- | C] () -- C:\windows\SysWow64\Access.dat

[2014/06/11 10:07:24 | 000,387,268 | ---- | C] () -- C:\windows\SysNative\ApnDatabase.xml

[2013/12/19 11:17:02 | 000,000,174 | ---- | C] () -- C:\Users\daniel\AppData\Roaming\WB.CFG

[2013/09/18 13:24:26 | 000,491,520 | ---- | C] () -- C:\windows\SysWow64\granny.dll

[2013/09/13 22:02:30 | 000,083,968 | ---- | C] () -- C:\windows\SysWow64\OEMLicense.dll

[2013/08/12 17:18:26 | 000,004,510 | ---- | C] () -- C:\Users\daniel\AppData\Roaming\CamStudio.cfg

[2013/08/12 17:18:26 | 000,000,408 | ---- | C] () -- C:\Users\daniel\AppData\Roaming\CamShapes.ini

[2013/08/12 17:18:26 | 000,000,408 | ---- | C] () -- C:\Users\daniel\AppData\Roaming\CamLayout.ini

[2013/08/12 17:18:26 | 000,000,046 | ---- | C] () -- C:\Users\daniel\AppData\Roaming\Camdata.ini

[2013/08/12 15:24:54 | 000,008,192 | ---- | C] () -- C:\Users\daniel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2013/07/19 12:47:31 | 000,000,110 | ---- | C] () -- C:\windows\wininit.ini

[2013/04/10 16:11:26 | 000,037,820 | ---- | C] () -- C:\windows\rlt8723a_chip_bt40_fw_asic_rom_patch.dll

[2013/04/10 16:10:45 | 000,451,072 | ---- | C] () -- C:\windows\SysWow64\ISSRemoveSP.exe

[2013/01/31 23:49:49 | 000,598,780 | ---- | C] () -- C:\windows\SysWow64\igvpkrng700.bin

[2013/01/31 23:49:47 | 000,064,512 | ---- | C] () -- C:\windows\SysWow64\igdde32.dll

[2013/01/31 23:49:46 | 000,755,048 | ---- | C] () -- C:\windows\SysWow64\igcodeckrng700.bin

[2012/07/26 09:13:10 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat

[2012/07/26 09:13:09 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT

[2012/07/26 08:21:26 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat

[2012/07/26 02:17:42 | 000,043,520 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll

[2012/07/25 21:37:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin

[2012/07/25 21:28:31 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll

[2012/07/25 21:22:56 | 000,267,284 | ---- | C] () -- C:\windows\SysWow64\igvpkrng600.bin

[2012/07/25 21:22:54 | 000,963,376 | ---- | C] () -- C:\windows\SysWow64\igcodeckrng600.bin

 

========== ZeroAccess Check ==========

 

[2013/07/19 18:02:32 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2014/03/28 09:23:06 | 019,759,104 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2014/03/28 07:18:26 | 017,562,112 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/26 04:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/26 04:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/26 04:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

 

========== LOP Check ==========

 

[2013/07/28 16:41:51 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\Aeria Games & Entertainment

[2013/10/22 18:01:42 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\AVG2014

[2013/07/28 23:16:52 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\Awesomium

[2014/05/13 15:06:58 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\BalsamiqMockupsForDesktop

[2014/05/13 15:06:59 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\BalsamiqMockupsForDesktop.EDE15CF69E11F7F7D45B5430C7D37CC6C3545E3C.1

[2014/03/18 15:40:37 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\Bizagi Ltd

[2014/02/06 18:32:20 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\BSplayer

[2013/07/26 20:47:07 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\BSplayer Pro

[2014/05/27 18:16:50 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\DAEMON Tools Lite

[2013/07/25 13:17:04 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\Dealply

[2013/09/16 00:52:27 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\fltk.org

[2014/02/10 17:14:40 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\GameRanger

[2013/07/31 13:36:30 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\GetRightToGo

[2014/03/18 15:40:40 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\IsolatedStorage

[2014/01/17 22:45:00 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\MotioninJoy

[2013/08/18 12:38:19 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\Movdap

[2013/10/22 16:49:32 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\NetBeans

[2013/08/17 13:45:26 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\OBS

[2014/01/09 00:00:19 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\OpenOffice

[2013/07/25 13:23:59 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\Optimizer Pro

[2013/07/19 12:16:19 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\PowerISO

[2013/08/10 17:48:45 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\Pro Cycling Manager 2013

[2013/08/01 22:48:05 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\sMedio

[2013/07/19 18:03:22 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\Sports Interactive

[2013/10/22 13:46:27 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\Spotify

[2014/03/21 01:00:35 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\Thinstall

[2013/10/22 18:00:34 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\TuneUp Software

[2014/06/11 19:32:18 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\Tunngle

[2014/07/07 02:14:34 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\uTorrent

[2014/02/10 17:13:29 | 000,000,000 | ---D | M] -- C:\Users\daniel\AppData\Roaming\WildTangent

 

========== Purity Check ==========

 

 

 

< End of report >
Link to post
Share on other sites

Hello and Welcome to Malwarebytes

Being that you are probably infected, feel free to follow the instructions below to receive free, one-on-one expert assistance in checking your system and clearing out any infections and correcting any damage done by the malware.

Please see the following pinned topic which has information on how to get help with this: Available Assistance for Possibly Infected Computers

Thank you

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.