OTL logfile created on: 9/13/2013 1:17:55 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Peyrot's Desktop\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.00 Gb Total Physical Memory | 1.07 Gb Available Physical Memory | 35.75% Memory free 6.20 Gb Paging File | 3.85 Gb Available in Paging File | 62.13% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 580.67 Gb Total Space | 509.70 Gb Free Space | 87.78% Space Free | Partition Type: NTFS Drive D: | 15.50 Gb Total Space | 8.00 Gb Free Space | 51.63% Space Free | Partition Type: NTFS Computer Name: PEYROTSDESKT-PC | User Name: Peyrot's Desktop | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013/09/13 13:17:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Peyrot's Desktop\Downloads\OTL.exe PRC - [2013/09/02 13:35:59 | 000,829,392 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe PRC - [2013/08/29 20:12:45 | 001,918,976 | ---- | M] (Curse) -- C:\Users\Peyrot's Desktop\AppData\Local\Apps\2.0\NPX35XRC.QAH\0VQDJBAC.G9M\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\CurseClient.exe PRC - [2013/05/20 21:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\20.4.0.40\ccSvcHst.exe PRC - [2013/05/11 03:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2013/05/09 01:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2013/05/09 01:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2013/03/20 03:48:59 | 000,407,736 | ---- | M] (ActivIdentity) -- C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe PRC - [2013/03/20 03:48:59 | 000,209,168 | ---- | M] (ActivIdentity) -- C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe PRC - [2013/03/20 03:48:59 | 000,154,264 | ---- | M] (ActivIdentity) -- C:\Program Files\ActivIdentity\ActivClient\acevents.exe PRC - [2013/03/20 03:48:59 | 000,131,224 | ---- | M] (ActivIdentity) -- C:\Program Files\ActivIdentity\ActivClient\acsagent.exe PRC - [2012/12/04 18:40:03 | 000,143,928 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Management\Engine\3.2.2.12\ccsvchst.exe PRC - [2012/11/16 15:26:10 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe PRC - [2012/11/16 13:44:46 | 000,217,088 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2009/11/13 11:29:42 | 009,117,504 | ---- | M] (Western Digital) -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe PRC - [2009/11/13 11:29:40 | 002,057,536 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe PRC - [2009/11/13 11:28:04 | 000,110,592 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe PRC - [2009/10/14 13:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe PRC - [2009/10/14 13:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe PRC - [2009/10/07 01:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe PRC - [2009/06/16 08:58:08 | 000,020,480 | ---- | M] (Memeo) -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe PRC - [2009/04/10 23:28:11 | 000,217,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WerFault.exe PRC - [2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2013/09/02 13:35:56 | 000,410,576 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\29.0.1547.66\ppgooglenaclpluginchrome.dll MOD - [2013/09/02 13:35:55 | 013,599,184 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll MOD - [2013/09/02 13:35:54 | 004,053,456 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\29.0.1547.66\pdf.dll MOD - [2013/09/02 13:35:01 | 001,604,560 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\29.0.1547.66\ffmpegsumo.dll MOD - [2013/08/29 20:12:56 | 000,014,848 | ---- | M] () -- C:\Users\Peyrot's Desktop\AppData\Local\Apps\2.0\NPX35XRC.QAH\0VQDJBAC.G9M\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\Curse.CurseClient.WowDb.dll MOD - [2013/08/29 20:12:51 | 000,035,840 | ---- | M] () -- C:\Users\Peyrot's Desktop\AppData\Local\Apps\2.0\NPX35XRC.QAH\0VQDJBAC.G9M\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\Curse.Advertising.dll MOD - [2013/08/29 20:12:50 | 000,099,840 | ---- | M] () -- C:\Users\Peyrot's Desktop\AppData\Local\Apps\2.0\NPX35XRC.QAH\0VQDJBAC.G9M\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\Curse.CurseClient.CMOD2.dll MOD - [2013/08/22 03:33:12 | 000,400,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\ab5b3f8bfbed3aee5b65e52366178d0e\System.Xml.Linq.ni.dll MOD - [2013/08/22 03:31:00 | 001,711,616 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\c0cc4069b1d17f3f7e9d9ec857d797d4\Microsoft.VisualBasic.ni.dll MOD - [2013/08/22 03:30:26 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\e77e7cdf3072d5a658832b8863ff439e\System.Management.ni.dll MOD - [2013/08/22 03:29:05 | 002,346,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\1bf91944c0a39048bb079c5d81f90529\System.Runtime.Serialization.ni.dll MOD - [2013/08/22 03:29:03 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\c86efd126bd83993f31d65119f48a3fc\SMDiagnostics.ni.dll MOD - [2013/08/22 03:29:02 | 017,403,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\1041480aa254b15cf3d688552510b1fa\System.ServiceModel.ni.dll MOD - [2013/08/22 03:28:42 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\5974034f0f53755b11bde4c9698261cb\System.ServiceProcess.ni.dll MOD - [2013/08/22 03:28:39 | 001,801,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\b34381a8dcbadef473a7c4e5b0b698c6\System.Deployment.ni.dll MOD - [2013/08/22 03:28:35 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\59eba2680c01c33b2b3f5385979e32c6\System.Web.ni.dll MOD - [2013/08/22 03:28:27 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b167ef6967ad27503c6ac6aabcef1aff\System.Runtime.Remoting.ni.dll MOD - [2013/08/22 03:28:05 | 000,687,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\471e356605ecc4fc88e528ab12cdb901\System.Security.ni.dll MOD - [2013/08/22 03:28:02 | 000,978,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\b8e424ef545f262fd6cb9f35b97fc8b9\System.Configuration.ni.dll MOD - [2013/08/22 03:26:36 | 005,462,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09f5b3f7a363b742a73937e818595597\System.Xml.ni.dll MOD - [2013/08/22 03:26:19 | 012,434,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f575e4c534a93294c72fea670ca73492\System.Windows.Forms.ni.dll MOD - [2013/08/22 03:26:08 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\c0df7e124d8d5e2821fd7d3921d404f7\System.Drawing.ni.dll MOD - [2013/08/22 03:25:51 | 006,622,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\1eff630f4194c74287d1dd4a859693f7\System.Data.ni.dll MOD - [2013/08/22 03:25:35 | 002,295,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\cfc7b22d4a9add9030b771860f86abba\System.Core.ni.dll MOD - [2013/08/22 03:25:21 | 014,329,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1907eca427f3b8a0b672d7582427bace\PresentationFramework.ni.dll MOD - [2013/08/22 03:25:00 | 012,218,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\a42ae90abfc074ec34aac50353324f66\PresentationCore.ni.dll MOD - [2013/08/22 03:24:41 | 003,325,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\e887556e2e663db3f545345d634e125b\WindowsBase.ni.dll MOD - [2013/08/22 03:24:31 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\d7153acb7b6ccb5a6a886d6f0ab732b1\System.ni.dll MOD - [2013/07/10 03:36:54 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\af7b745f6a06b800c73f1556553fe331\PresentationFramework.Aero.ni.dll MOD - [2013/07/10 03:36:08 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\6a938df70a8b7996a3890b4f34c83906\mscorlib.ni.dll MOD - [2012/05/30 07:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files\Norton 360\Engine\20.4.0.40\wincfi39.dll MOD - [2009/10/14 13:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe MOD - [2009/10/14 13:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe MOD - [2009/08/19 15:49:08 | 000,049,152 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Memeo.API.dll MOD - [2009/07/29 15:24:14 | 000,504,293 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\sqlite3.dll MOD - [2009/03/29 21:42:17 | 002,933,760 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll MOD - [2008/08/30 04:59:02 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - [2013/09/13 04:01:11 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013/05/20 21:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton 360\Engine\20.4.0.40\ccSvcHst.exe -- (N360) SRV - [2013/05/11 03:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013/05/09 01:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2013/03/20 03:48:59 | 000,209,168 | ---- | M] (ActivIdentity) [Auto | Running] -- C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe -- (ac.sharedstore) SRV - [2012/12/04 18:40:03 | 000,143,928 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Management\Engine\3.2.2.12\ccSvcHst.exe -- (MCLIENT) SRV - [2012/11/16 15:26:10 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service) SRV - [2012/11/16 13:44:46 | 000,217,088 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2009/11/13 11:28:04 | 000,110,592 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService) SRV - [2009/10/07 01:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv) SRV - [2009/06/16 08:58:08 | 000,020,480 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe -- (WDSmartWareBackgroundService) SRV - [2008/01/20 19:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - [2013/09/03 15:26:28 | 001,097,816 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\Definitions\BASHDefs\20130903.002\BHDrvx86.sys -- (BHDrvx86) DRV - [2013/08/28 23:35:45 | 001,612,376 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\Definitions\VirusDefs\20130912.032\NAVEX15.SYS -- (NAVEX15) DRV - [2013/08/28 23:35:45 | 000,093,272 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\Definitions\VirusDefs\20130912.032\NAVENG.SYS -- (NAVENG) DRV - [2013/08/26 18:14:27 | 000,376,920 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl) DRV - [2013/08/26 18:14:27 | 000,108,120 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2013/08/21 21:29:02 | 000,770,344 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2013/08/21 21:29:02 | 000,369,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2013/08/21 21:29:02 | 000,175,176 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm) DRV - [2013/08/21 17:03:22 | 000,392,792 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\Definitions\IPSDefs\20130912.001\IDSvix86.sys -- (IDSVix86) DRV - [2013/07/22 20:35:04 | 000,142,496 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent) DRV - [2013/05/22 22:25:28 | 000,934,488 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\N360\1404000.028\SymEFA.sys -- (SymEFA) DRV - [2013/05/20 22:02:00 | 000,367,704 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\N360\1404000.028\SymDS.sys -- (SymDS) DRV - [2013/05/15 22:02:14 | 000,603,224 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\N360\1404000.028\srtsp.sys -- (SRTSP) DRV - [2013/05/09 01:59:10 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2013/05/09 01:59:10 | 000,049,376 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt) DRV - [2013/05/09 01:59:09 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2013/05/09 01:59:09 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (AswRdr) DRV - [2013/05/09 01:59:08 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2013/04/24 17:43:56 | 000,352,344 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1404000.028\symtdiv.sys -- (SYMTDIv) DRV - [2013/04/15 19:41:14 | 000,134,744 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1404000.028\ccSetx86.sys -- (ccSet_N360) DRV - [2013/03/04 18:39:19 | 000,175,264 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1404000.028\Ironx86.sys -- (SymIRON) DRV - [2013/03/04 18:21:35 | 000,032,344 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1404000.028\srtspx.sys -- (SRTSPX) DRV - [2012/11/16 12:38:48 | 000,290,304 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap) DRV - [2012/10/03 10:19:14 | 000,134,304 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\MCLIENT\0302020.00C\ccsetx86.sys -- (ccSet_MCLIENT) DRV - [2012/03/05 15:04:30 | 000,045,184 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\aoddriver2.sys -- (AODDriver4.1) DRV - [2012/02/23 05:31:36 | 000,083,984 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdLH3.sys -- (AtiHDAudioService) DRV - [2010/02/18 09:18:22 | 000,037,944 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdiox86.sys -- (amdiox86) DRV - [2009/10/07 08:49:40 | 006,756,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) DRV - [2009/10/07 08:47:56 | 000,266,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS) DRV - [2009/10/07 08:46:14 | 000,114,712 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvpopflt.sys -- (lvpopflt) DRV - [2009/10/07 01:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon) DRV - [2009/04/10 21:38:59 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbccid.sys -- (USBCCID) DRV - [2009/02/13 11:02:52 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM) DRV - [2008/08/30 06:58:16 | 003,929,600 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2008/08/30 06:58:16 | 003,929,600 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag) DRV - [2007/12/19 14:45:00 | 000,170,000 | ---- | M] (AMD Technologies Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ahcix86s.sys -- (ahcix86s) DRV - [2007/12/08 07:28:10 | 000,140,320 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32) DRV - [2007/12/08 07:28:10 | 000,131,616 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvrd32.sys -- (nvrd32) DRV - [2006/11/08 15:54:02 | 000,258,048 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2) DRV - [2006/08/04 17:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = {0D8E6652-59BE-4E02-90E4-245C57A65CFD} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 00 BE DD CB D3 4E CE 01 [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\SearchScopes,DefaultScope = {0D8E6652-59BE-4E02-90E4-245C57A65CFD} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{0D8E6652-59BE-4E02-90E4-245C57A65CFD}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3289847&CUI=UN32852387602070879&UM=2 IE - HKCU\..\SearchScopes\{542B171D-0C8C-47A3-A907-0731298D5469}: "URL" = http://searchou.com/?q={searchTerms}&id=ae2785bd000000000000001fe206282a&r=503 IE - HKCU\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=360&chn=retail&geo=US&ver=20&locale=en_US&gct=sb&qsrc=2869 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013/05/05 21:58:42 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\IPSFFPlgn\ [2013/07/22 20:35:40 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\coFFPlgn\ [2013/09/13 13:03:59 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013/05/05 21:58:42 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mlyrics@pnyj.net: C:\Program Files\M-Lyrics\FF\ [2013/08/21 22:03:16 | 000,000,000 | ---D | M] [2013/05/12 15:42:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Norton Safe Search (Enabled) CHR - default_search_provider: search_url = http://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN10506&l=dis&prt=360&chn=retail&geo=US&ver=20&locale=en_US&gct=sb&qsrc=2869 CHR - default_search_provider: suggest_url = CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.66\pdf.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 7 U25 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll CHR - plugin: Java Deployment Toolkit 7.0.250.16 (Enabled) = C:\Windows\system32\npDeployJava1.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - Extension: Google Docs = C:\Users\Peyrot's Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\ CHR - Extension: Google Drive = C:\Users\Peyrot's Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Users\Peyrot's Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Google Search = C:\Users\Peyrot's Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: Norton Identity Protection = C:\Users\Peyrot's Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.4.0.10_1\ CHR - Extension: Chrome In-App Payments service = C:\Users\Peyrot's Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\ CHR - Extension: Gmail = C:\Users\Peyrot's Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2006/09/18 14:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (IBM Forms Viewer Helper) - {0941C58F-E461-4E03-BD7D-44C27392ADE1} - C:\Program Files\IBM\Forms Viewer\4.0\PEhelper.dll (IBM Corporation) O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\20.4.0.40\CoIEPlg.dll (Symantec Corporation) O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\20.4.0.40\IPS\IPSBHO.dll (Symantec Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\20.4.0.40\CoIEPlg.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\20.4.0.40\CoIEPlg.dll (Symantec Corporation) O4 - HKLM..\Run: [accrdsub] C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe (ActivIdentity) O4 - HKLM..\Run: [acevents] C:\Program Files\ActivIdentity\ActivClient\acevents.exe (ActivIdentity) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [KeePass 2 PreLoad] C:\Program Files\KeePass Password Safe 2\KeePass.exe (Dominik Reichl) O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe () O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [SearchProtect] C:\Users\Peyrot's Desktop\AppData\Roaming\SearchProtect\bin\cltmng.exe File not found O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - Startup: C:\Users\Peyrot's Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{834BB4BB-9F7B-4C3B-9725-B4E4A4AD1505}: DhcpNameServer = 75.75.75.75 75.75.76.76 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2008/03/16 07:49:12 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ NTFS ] O33 - MountPoints2\{89faf288-15f7-11e3-87db-001fe206282a}\Shell - "" = AutoRun O33 - MountPoints2\{89faf288-15f7-11e3-87db-001fe206282a}\Shell\AutoRun\command - "" = L:\MotoCastSetup.exe -a O33 - MountPoints2\{b99eddf2-b9ed-11e2-8ffd-001fe206282a}\Shell - "" = AutoRun O33 - MountPoints2\{b99eddf2-b9ed-11e2-8ffd-001fe206282a}\Shell\AutoRun\command - "" = "K:\WD SmartWare.exe" autoplay=true O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013/09/13 12:04:14 | 000,000,000 | ---D | C] -- C:\Windows\Microsoft Antimalware [2013/09/12 03:07:46 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2013/09/11 01:27:14 | 000,000,000 | ---D | C] -- C:\Users\Peyrot's Desktop\AppData\Local\Blizzard Entertainment [2013/09/06 09:53:12 | 000,000,000 | ---D | C] -- C:\Users\Peyrot's Desktop\Documents\My Scans [2013/09/06 09:40:00 | 000,000,000 | ---D | C] -- C:\Users\Peyrot's Desktop\AppData\Roaming\PureEdge [2013/09/06 09:39:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM Forms Viewer 4.0 [2013/09/06 09:39:15 | 000,000,000 | ---D | C] -- C:\ProgramData\PureEdge [2013/09/06 09:39:14 | 000,000,000 | ---D | C] -- C:\Program Files\IBM [2013/08/26 09:15:14 | 000,000,000 | ---D | C] -- C:\Users\Peyrot's Desktop\Documents\Diablo III [2013/08/26 01:23:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III [2013/08/26 01:23:34 | 000,000,000 | ---D | C] -- C:\Program Files\Diablo III [2013/08/21 21:28:46 | 000,029,816 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys [2013/08/21 21:28:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus [2013/08/21 21:28:45 | 000,369,584 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys [2013/08/21 21:28:43 | 000,770,344 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys [2013/08/21 21:28:43 | 000,056,080 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys [2013/08/21 21:28:43 | 000,049,760 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys [2013/08/21 21:28:38 | 000,066,336 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys [2013/08/21 21:28:35 | 000,229,648 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe [2013/08/21 21:27:46 | 000,041,664 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2013/08/21 21:27:27 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2013/08/21 21:26:53 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2013/08/21 03:06:31 | 000,000,000 | ---D | C] -- C:\Windows\System32\MRT [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013/09/13 13:19:02 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013/09/13 13:19:01 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013/09/13 13:02:32 | 000,000,400 | ---- | M] () -- C:\Windows\tasks\AmiUpdXp.job [2013/09/13 13:02:31 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2013/09/13 13:02:31 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2013/09/13 13:02:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013/09/13 13:01:49 | 3220,365,312 | -HS- | M] () -- C:\hiberfil.sys [2013/09/13 13:01:46 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\lvuvc.hs [2013/09/13 10:01:15 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013/09/12 03:34:44 | 000,371,184 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013/09/12 01:16:22 | 327,547,948 | ---- | M] () -- C:\Windows\MEMORY.DMP [2013/09/10 08:30:33 | 000,643,350 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013/09/10 08:30:33 | 000,119,542 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013/09/04 05:26:25 | 000,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013/08/26 01:24:07 | 000,000,937 | ---- | M] () -- C:\Users\Public\Desktop\Diablo III.lnk [2013/08/21 21:29:02 | 000,770,344 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys [2013/08/21 21:29:02 | 000,369,584 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys [2013/08/21 21:29:02 | 000,175,176 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys [2013/08/21 21:29:02 | 000,000,175 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys.sum [2013/08/21 21:29:02 | 000,000,175 | ---- | M] () -- C:\Windows\System32\drivers\aswSP.sys.sum [2013/08/21 21:29:02 | 000,000,175 | ---- | M] () -- C:\Windows\System32\drivers\aswSnx.sys.sum [2013/08/21 21:28:47 | 000,001,829 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2013/08/21 21:28:37 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013/08/26 01:23:34 | 000,000,937 | ---- | C] () -- C:\Users\Public\Desktop\Diablo III.lnk [2013/08/21 21:29:02 | 000,000,175 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys.sum [2013/08/21 21:29:02 | 000,000,175 | ---- | C] () -- C:\Windows\System32\drivers\aswSP.sys.sum [2013/08/21 21:29:02 | 000,000,175 | ---- | C] () -- C:\Windows\System32\drivers\aswSnx.sys.sum [2013/08/21 21:28:47 | 000,001,829 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2013/08/21 21:28:42 | 000,175,176 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys [2013/08/21 21:28:41 | 000,049,376 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys [2013/05/12 10:30:43 | 000,000,680 | ---- | C] () -- C:\Users\Peyrot's Desktop\AppData\Local\d3d9caps.dat [2013/05/06 20:17:03 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2013/05/06 20:17:03 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2013/05/05 21:51:26 | 000,207,080 | ---- | C] () -- C:\Windows\hpoins46.dat [2013/05/05 16:04:18 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2013/05/05 15:51:26 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2013/05/05 15:50:04 | 000,000,129 | ---- | C] () -- C:\Windows\System32\MRT.INI [2012/11/16 16:01:04 | 000,159,232 | ---- | C] () -- C:\Windows\System32\clinfo.exe [2012/11/16 12:37:32 | 000,037,376 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll [color=#E56717]========== ZeroAccess Check ==========[/color] [2006/11/02 05:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 10:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/10 23:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/10 23:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2013/05/12 12:05:54 | 000,000,000 | ---D | M] -- C:\Users\Peyrot's Desktop\AppData\Roaming\Azureus [2013/05/05 22:12:07 | 000,000,000 | ---D | M] -- C:\Users\Peyrot's Desktop\AppData\Roaming\Curse Advertising [2013/05/17 13:18:57 | 000,000,000 | ---D | M] -- C:\Users\Peyrot's Desktop\AppData\Roaming\KeePass [2013/05/05 19:15:42 | 000,000,000 | ---D | M] -- C:\Users\Peyrot's Desktop\AppData\Roaming\Leadertech [2013/05/12 16:00:26 | 000,000,000 | ---D | M] -- C:\Users\Peyrot's Desktop\AppData\Roaming\player [2013/09/06 09:40:05 | 000,000,000 | ---D | M] -- C:\Users\Peyrot's Desktop\AppData\Roaming\PureEdge [2013/05/12 12:55:44 | 000,000,000 | ---D | M] -- C:\Users\Peyrot's Desktop\AppData\Roaming\SearchProtect [2013/05/11 08:34:50 | 000,000,000 | ---D | M] -- C:\Users\Peyrot's Desktop\AppData\Roaming\Western Digital [color=#E56717]========== Purity Check ==========[/color] < End of report >