Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Complete Slowdown [Closed]

Started by cpu1006 , Jun 17 2013 01:06 AM

  • This topic is locked This topic is locked

#1
cpu1006
Posted 17 June 2013 - 01:06 AM

cpu1006

    New Member

  • Member
  • Pip
  • 8 posts
Dear Geeks To Go Forums. As you may have seen by the title, I am in trouble. My entire computer Is slower than it should EVER be. I encountered this problem a week ago, and I have No idea of what caused it. Loading files, browsing in Google Chrome, Playing games, are all un-enjoyable, because it takes ten minutes to load each thing, with lag in the process. here is my OTL log


OTL logfile created on: 6/16/2013 11:06:24 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Owner\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16599)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.46 Gb Total Physical Memory | 1.40 Gb Available Physical Memory | 40.55% Memory free
5.03 Gb Paging File | 2.20 Gb Available in Paging File | 43.82% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 442.53 Gb Total Space | 382.78 Gb Free Space | 86.50% Space Free | Partition Type: NTFS

Computer Name: SAMSUNGLAPTOP | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/06/16 22:53:53 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Downloads\OTL.exe
PRC - [2013/06/12 17:41:43 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013/06/06 15:06:24 | 001,641,896 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2013/06/06 15:06:24 | 000,543,656 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2013/05/28 22:27:40 | 000,825,808 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/05/15 14:23:06 | 002,956,336 | ---- | M] (Samsung Electronics CO., LTD.) -- C:\ProgramData\SAMSUNG\SW Update Service\SWMAgent.exe
PRC - [2013/05/15 12:08:46 | 002,255,184 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2013/05/14 13:26:12 | 003,289,208 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013/05/13 00:49:50 | 001,268,472 | ---- | M] (Bogdan Sharkov) -- C:\Program Files (x86)\Clownfish\Clownfish.exe
PRC - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/05/07 23:18:34 | 002,852,640 | ---- | M] (Conduit) -- C:\Users\Owner\AppData\Roaming\SearchProtect\bin\cltmng.exe
PRC - [2013/04/25 16:22:36 | 001,648,264 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
PRC - [2013/04/23 00:48:17 | 010,244,448 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
PRC - [2013/04/23 00:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013/04/23 00:40:59 | 000,193,888 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
PRC - [2013/04/11 07:28:08 | 000,093,984 | ---- | M] (Conduit) -- C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013/01/18 12:52:36 | 000,295,072 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2013/01/06 14:20:00 | 000,107,520 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
PRC - [2012/12/23 20:33:29 | 000,144,520 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\ccsvchst.exe
PRC - [2012/12/05 19:57:52 | 000,323,584 | R--- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2012/11/29 21:31:04 | 000,038,608 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2012/10/18 06:27:06 | 004,386,816 | ---- | M] () -- C:\Program Files (x86)\OtShot\otshot.exe
PRC - [2012/09/05 00:50:26 | 001,593,976 | ---- | M] (Samsung Electronics CO., LTD.) -- C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
PRC - [2012/09/05 00:50:24 | 000,085,112 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
PRC - [2012/09/05 00:50:16 | 002,623,096 | ---- | M] (Samsung Electronics CO., LTD.) -- C:\Program Files (x86)\Samsung\Settings\sSettings.exe
PRC - [2012/08/15 04:41:26 | 000,097,392 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2012/07/03 10:04:58 | 000,507,312 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2012/06/07 20:34:06 | 000,111,120 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
PRC - [2012/01/23 15:25:14 | 000,097,696 | ---- | M] (TechSmith Corporation) -- C:\Program Files (x86)\TechSmith\Snagit 11\SnagPriv.exe
PRC - [2012/01/23 15:24:56 | 008,119,200 | ---- | M] (TechSmith Corporation) -- C:\Program Files (x86)\TechSmith\Snagit 11\SnagitEditor.exe
PRC - [2012/01/23 15:24:48 | 008,873,376 | ---- | M] (TechSmith Corporation) -- C:\Program Files (x86)\TechSmith\Snagit 11\Snagit32.exe
PRC - [2012/01/23 14:59:04 | 000,046,080 | ---- | M] (TechSmith Corporation) -- C:\Program Files (x86)\TechSmith\Snagit 11\TscHelp.exe
PRC - [2012/01/18 10:00:00 | 001,055,072 | ---- | M] (Cypherix Software (India) Pvt. Ltd.) -- C:\Windows\SysWOW64\cypxsrv10.exe
PRC - [2010/05/04 13:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe


========== Modules (No Company Name) ==========

MOD - [2013/06/12 17:15:23 | 013,140,872 | ---- | M] () -- C:\Users\Owner\AppData\Local\Google\Chrome\User Data\PepperFlash\11.7.700.225\pepflashplayer.dll
MOD - [2013/06/06 15:06:24 | 001,114,536 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2013/05/28 22:27:38 | 000,393,168 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ppgooglenaclpluginchrome.dll
MOD - [2013/05/28 22:27:35 | 004,051,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\pdf.dll
MOD - [2013/05/28 22:26:40 | 000,599,504 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\libglesv2.dll
MOD - [2013/05/28 22:26:39 | 000,124,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\libegl.dll
MOD - [2013/05/28 22:26:36 | 001,597,392 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ffmpegsumo.dll
MOD - [2013/05/15 15:09:57 | 012,700,160 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\6c54b85a401b0379a9b775a644fad1b7\System.Windows.Forms.ni.dll
MOD - [2013/05/15 15:05:09 | 003,910,144 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\1058660861056b038fbc9274994c8b75\WindowsBase.ni.dll
MOD - [2013/05/15 15:04:47 | 006,998,016 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\024a883cc8b0013f72a77d594c278f4d\System.Core.ni.dll
MOD - [2013/05/06 18:05:20 | 000,654,848 | ---- | M] () -- C:\Program Files (x86)\Steam\SDL2.dll
MOD - [2013/03/26 17:16:40 | 020,341,672 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2013/02/15 17:46:16 | 001,880,576 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\f641b786d36d1cc5a5531a746c96ce1b\System.Xaml.ni.dll
MOD - [2013/02/15 17:45:23 | 001,631,744 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\38638a559066bf7f2325a53ed53629bc\System.Drawing.ni.dll
MOD - [2013/02/15 17:45:00 | 000,467,456 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\6824c9f11ea82b4148780cd92c9d6745\PresentationFramework.Aero2.ni.dll
MOD - [2013/02/15 17:44:59 | 018,542,592 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\8347ac8367f91309fa888d79a54c7450\PresentationFramework.ni.dll
MOD - [2013/02/15 17:44:46 | 010,926,592 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\1c7f4533b2b24c10a628793a8b93e1a7\PresentationCore.ni.dll
MOD - [2013/02/15 17:44:27 | 009,937,408 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System\a7811936e59aaee26b1d9d467174d6d4\System.ni.dll
MOD - [2013/02/15 17:44:19 | 016,544,768 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\374a0cc6603f58864831897ef723bd4a\mscorlib.ni.dll
MOD - [2012/12/11 10:51:10 | 001,100,800 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012/12/11 10:51:10 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012/12/11 10:51:10 | 000,124,416 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2012/10/18 06:27:06 | 004,386,816 | ---- | M] () -- C:\Program Files (x86)\OtShot\otshot.exe
MOD - [2012/09/05 00:50:28 | 000,110,712 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
MOD - [2012/09/05 00:50:22 | 000,211,064 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
MOD - [2012/09/05 00:50:16 | 000,060,536 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
MOD - [2012/09/05 00:50:10 | 000,103,544 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
MOD - [2012/09/05 00:50:10 | 000,026,744 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
MOD - [2012/07/25 20:19:17 | 000,751,616 | ---- | M] () -- C:\Windows\SysWOW64\Speech\Engines\TTS\MSTTSEngine.dll
MOD - [2012/07/25 20:19:17 | 000,615,424 | ---- | M] () -- C:\Windows\SysWOW64\Speech\Engines\TTS\MSTTSLoc.dll
MOD - [2012/06/07 20:34:06 | 000,627,216 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
MOD - [2012/06/07 19:34:06 | 000,016,400 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
MOD - [2012/05/29 23:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\wincfi39.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/04/08 21:48:42 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013/03/01 19:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/03/01 19:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/02/02 01:21:45 | 000,467,456 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/01/28 18:57:14 | 000,014,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013/01/09 16:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/01/09 16:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2012/11/05 21:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012/09/20 02:10:47 | 002,367,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2012/09/19 23:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012/09/19 23:30:41 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2012/09/12 16:45:36 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012/07/25 20:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012/07/25 20:07:42 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2012/07/25 20:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012/07/25 20:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012/07/25 20:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012/07/25 20:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012/07/25 20:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/07/25 20:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012/07/25 20:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012/07/25 20:05:28 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2012/07/25 20:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012/07/25 20:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012/07/25 17:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012/07/25 17:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012/07/25 17:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012/07/25 17:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012/07/25 17:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012/07/25 17:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV - [2013/06/12 17:41:43 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013/06/07 21:59:52 | 000,226,640 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\ramaint.exe -- (LMIMaint)
SRV - [2013/06/07 21:59:44 | 000,376,144 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2013/06/06 15:06:24 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/05/21 10:34:27 | 000,032,808 | ---- | M] (Just Develop It) [Auto | Running] -- C:\Program Files (x86)\MyPC Backup\BackupStack.exe -- (BackupStack)
SRV - [2013/05/15 14:23:06 | 002,956,336 | ---- | M] (Samsung Electronics CO., LTD.) [Auto | Running] -- C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe -- (SWUpdateService)
SRV - [2013/05/15 12:08:44 | 002,467,664 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2013/05/14 13:26:12 | 003,289,208 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/23 00:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013/04/11 07:28:08 | 000,093,984 | ---- | M] (Conduit) [Auto | Running] -- C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe -- (CltMngSvc)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/03/20 18:45:14 | 000,746,392 | ---- | M] (Tunngle.net GmbH) [On_Demand | Stopped] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2013/02/28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/01/06 14:20:00 | 000,107,520 | ---- | M] () [Auto | Running] -- C:\Users\Owner\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe -- (DefaultTabUpdate)
SRV - [2012/12/23 20:33:29 | 000,144,520 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\ccSvcHst.exe -- (NIS)
SRV - [2012/12/05 20:44:14 | 000,231,552 | ---- | M] (Qualcomm Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2012/12/05 19:57:52 | 000,323,584 | R--- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt and Wlan Coex Agent)
SRV - [2012/11/29 21:31:04 | 000,038,608 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2012/11/29 11:56:50 | 000,407,424 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn)
SRV - [2012/11/05 21:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012/09/05 00:50:26 | 001,593,976 | ---- | M] (Samsung Electronics CO., LTD.) [Auto | Running] -- C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe -- (Easy Launcher)
SRV - [2012/07/25 20:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012/01/18 10:00:00 | 001,055,072 | ---- | M] (Cypherix Software (India) Pvt. Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\cypxsrv10.exe -- (cypherix10service)
SRV - [2010/05/04 13:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/06/07 21:59:44 | 000,107,368 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV:64bit: - [2013/05/21 12:29:36 | 000,177,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2013/04/08 22:27:43 | 000,284,424 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013/03/02 03:57:48 | 000,337,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013/03/02 03:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/03/02 03:45:20 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/03/02 03:45:19 | 000,194,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013/03/02 03:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/02/02 04:19:44 | 000,446,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013/02/02 00:25:23 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/01/30 20:18:18 | 000,432,800 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NISx64\1403010.016\symnets.sys -- (SymNetS)
DRV:64bit: - [2013/01/30 20:18:06 | 001,139,800 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NISx64\1403010.016\symefa64.sys -- (SymEFA)
DRV:64bit: - [2013/01/28 18:57:05 | 000,035,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013/01/28 18:45:19 | 000,796,248 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NISx64\1403010.016\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2013/01/28 18:45:19 | 000,036,952 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NISx64\1403010.016\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2013/01/28 16:08:22 | 000,230,904 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013/01/21 19:15:33 | 000,493,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NISx64\1403010.016\symds64.sys -- (SymDS)
DRV:64bit: - [2013/01/09 18:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2012/12/05 20:25:20 | 000,576,152 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2012/12/05 20:25:18 | 000,135,832 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2012/12/05 20:25:16 | 000,222,360 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_hid.sys -- (BTATH_HID)
DRV:64bit: - [2012/12/05 20:25:16 | 000,178,840 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2012/12/05 20:25:16 | 000,077,464 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2012/12/05 20:25:14 | 000,344,216 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2012/12/05 20:25:14 | 000,114,840 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2012/12/05 20:25:14 | 000,088,728 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2012/12/05 20:25:14 | 000,033,944 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2012/11/29 11:56:50 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\Drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV:64bit: - [2012/11/29 11:56:30 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\lmimirr.sys -- (lmimirr)
DRV:64bit: - [2012/11/26 20:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012/11/19 21:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012/11/15 19:22:01 | 000,224,416 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NISx64\1403010.016\ironx64.sys -- (SymIRON)
DRV:64bit: - [2012/11/15 19:18:04 | 000,168,096 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NISx64\1403010.016\ccsetx64.sys -- (ccSet_NIS)
DRV:64bit: - [2012/11/05 20:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012/10/16 19:02:04 | 000,457,016 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2012/10/12 01:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/10/11 00:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012/10/11 00:13:49 | 000,058,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2012/09/20 00:55:33 | 000,212,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2012/09/20 00:55:30 | 000,120,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2012/09/20 00:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012/09/20 00:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012/09/19 00:15:20 | 003,653,632 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\athw8x.sys -- (athr)
DRV:64bit: - [2012/09/12 18:21:24 | 010,315,264 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/09/12 16:22:04 | 000,370,688 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/09/02 21:16:38 | 000,026,280 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2012/09/02 21:16:36 | 000,079,528 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2012/08/21 12:56:38 | 000,091,648 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AtihdW86.sys -- (AtiHDAudioService)
DRV:64bit: - [2012/07/31 11:45:10 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)
DRV:64bit: - [2012/07/31 00:04:12 | 000,690,832 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2012/07/27 05:00:03 | 000,023,408 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\RadioHIDMini.sys -- (RadioHIDMini)
DRV:64bit: - [2012/07/25 22:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/07/25 22:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012/07/25 22:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012/07/25 22:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012/07/25 22:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012/07/25 22:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012/07/25 22:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012/07/25 22:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012/07/25 22:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012/07/25 22:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012/07/25 22:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012/07/25 22:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012/07/25 22:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012/07/25 22:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012/07/25 22:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012/07/25 22:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/07/25 22:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/07/25 21:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012/07/25 21:54:34 | 000,096,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2012/07/25 21:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012/07/25 20:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/07/25 19:29:47 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2012/07/25 19:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012/07/25 19:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012/07/25 19:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012/07/25 19:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012/07/25 19:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012/07/25 19:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012/07/25 19:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012/07/25 19:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012/07/25 19:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012/07/25 19:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012/07/25 19:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012/07/25 19:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012/07/25 19:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012/07/25 19:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/07/25 19:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012/07/25 19:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012/07/25 19:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/07/25 19:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012/07/25 19:25:02 | 000,202,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2012/07/25 19:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012/07/25 19:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012/07/25 19:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012/07/09 05:19:26 | 000,035,496 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\amdkmpfd.sys -- (amdkmpfd)
DRV:64bit: - [2012/06/24 18:24:50 | 000,092,536 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:64bit: - [2012/06/23 06:23:38 | 000,199,008 | ---- | M] (AppEx Networks Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\appexDrv.sys -- (APXACC)
DRV:64bit: - [2012/06/20 11:45:12 | 000,023,448 | R--- | M] (Symantec Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\Drivers\NISx64\1403010.016\symelam.sys -- (SymELAM)
DRV:64bit: - [2012/06/18 03:07:50 | 000,057,000 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2012/06/14 22:50:46 | 000,315,536 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\RtsUVStor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2012/01/18 10:00:00 | 000,102,656 | ---- | M] (Cypherix Software (India) Pvt. Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\cypxdv10.sys -- (cypxdv10)
DRV:64bit: - [2009/09/16 07:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\tap0901t.sys -- (tap0901t)
DRV:64bit: - [2009/03/18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\hamachi.sys -- (hamachi)
DRV - [2013/06/06 19:39:34 | 000,016,056 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys -- (LMIInfo)
DRV - [2012/08/17 18:00:00 | 002,084,000 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20120818.001\EX64.SYS -- (NAVEX15)
DRV - [2012/08/17 18:00:00 | 000,125,600 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20120818.001\ENG64.SYS -- (NAVENG)
DRV - [2012/08/10 10:34:04 | 000,512,672 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\IPSDefs\20120811.001\IDSVia64.sys -- (IDSVia64)
DRV - [2012/08/10 10:28:34 | 001,385,120 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\BASHDefs\20120815.002\BHDrvx64.sys -- (BHDrvx64)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {19A1DE7B-74BD-4E0D-AFC2-D48CA564CD2B}
IE:64bit: - HKLM\..\SearchScopes\{19A1DE7B-74BD-4E0D-AFC2-D48CA564CD2B}: "URL" = http://www.bing.com/...E10TR&pc=MASMJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {65f9f6b7-2dae-46fc-bfaf-f88e4af1beca} - C:\Program Files (x86)\KeyBar_1.6\prxtbKeyB.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {19A1DE7B-74BD-4E0D-AFC2-D48CA564CD2B}
IE - HKLM\..\SearchScopes\{19A1DE7B-74BD-4E0D-AFC2-D48CA564CD2B}: "URL" = http://www.bing.com/...E10TR&pc=MASMJS

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung13.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...&ctid=CT3227981
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {65f9f6b7-2dae-46fc-bfaf-f88e4af1beca} - C:\Program Files (x86)\KeyBar_1.6\prxtbKeyB.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{059D85AB-FAFC-4F81-902D-061282C5CF18}: "URL" = http://search.yahoo....02,17118,0,25,0
IE - HKCU\..\SearchScopes\{3F575F21-7961-489B-8B07-74F7F7B70C4B}: "URL" = http://www.mysearchr...q={searchTerms}
IE - HKCU\..\SearchScopes\{6F481A34-79B4-4D48-8440-4660B0687EBB}: "URL" = http://search.condui...4432875821&UM=2
IE - HKCU\..\SearchScopes\{EB030F0E-2D97-4C69-A723-EC9684CA6BBA}: "URL" = http://websearch.ask...3D-710CABEAA990
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{34712C68-7391-4c47-94F3-8F88D49AD632}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/01/18 12:54:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/01/18 12:54:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Owner\AppData\Roaming\Mozilla\Extensions\[email protected] [2013/04/08 14:57:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\IPSFFPlgn\ [2013/05/21 14:39:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\coFFPlgn\ [2013/06/16 22:26:50 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Owner\AppData\Roaming\Mozilla\Extensions\[email protected] [2013/04/08 14:57:05 | 000,000,000 | ---D | M]

[2013/04/08 14:57:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Extensions
[2013/04/08 14:57:05 | 000,000,000 | ---D | M] (SpeedAnalysis.com) -- C:\Users\Owner\AppData\Roaming\Mozilla\Extensions\[email protected]

========== Chrome ==========

CHR - default_search_provider: Ask (Enabled)
CHR - default_search_provider: search_url = http://websearch.ask...q={searchTerms}
CHR - default_search_provider: suggest_url = http://ss.websearch....q={searchTerms}
CHR - homepage: http://www.search.as...N10111cr&gct=hp
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\pdf.dll
CHR - plugin: Wajam (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\plugins/PriamNPAPI.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U10 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: RealNetworks™ RealDownloader Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
CHR - plugin: RealNetworks™ RealDownloader HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
CHR - plugin: RealNetworks™ RealDownloader PepperFlashVideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
CHR - plugin: RealDownloader Plugin (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
CHR - plugin: Java Deployment Toolkit 7.0.100.18 (Enabled) = C:\windows\SysWOW64\npDeployJava1.dll
CHR - Extension: Ask Toolbar = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaancpgahgbfdfppkbiflhbfhfbeoeh\7.15.25.45611_0\
CHR - Extension: YouTube = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: LessTabs = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekmkdkefndbeciggfanobcemjnppbbb\1.7.1.0_0\
CHR - Extension: SpeedAnalysis.com = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfcbmgbfdbijmjgjihagbomfbjfjmgon\1.0.0.1\
CHR - Extension: Google Search = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: AdBlock = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.63_0\
CHR - Extension: RealDownloader = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.0_0\
CHR - Extension: Skype Click to Call = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.9.0.12585_0\
CHR - Extension: KeyBar 1.6 = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lonndllmbldmmoefheenkmgkencnkdkh\10.16.1.521_0\
CHR - Extension: Norton Identity Protection = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.3.3.19_0\
CHR - Extension: appbario7 = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmlkabjddkpgkgfhdhpimhcbonapngoh\10.15.2.523_0\
CHR - Extension: Gmail = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2012/07/25 22:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {2F7B9D4C-DE5F-4003-6076-0EBC120ACA7F} - No CLSID value found.
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (LessTabs) - {3178A392-8963-471E-B7A2-969CB58D6496} - C:\Program Files (x86)\LessTabs\IE32\LessTabsClientIE.dll (LessTabs)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\coieplg.dll (Symantec Corporation)
O2 - BHO: (KeyBar 1.6 Toolbar) - {65f9f6b7-2dae-46fc-bfaf-f88e4af1beca} - C:\Program Files (x86)\KeyBar_1.6\prxtbKeyB.dll (Conduit Ltd.)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Wajam) - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll File not found
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (WeCareReminder Class) - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll (We-Care.com)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (KeyBar 1.6 Toolbar) - {65f9f6b7-2dae-46fc-bfaf-f88e4af1beca} - C:\Program Files (x86)\KeyBar_1.6\prxtbKeyB.dll萀 File not found
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (KeyBar 1.6 Toolbar) - {65F9F6B7-2DAE-46FC-BFAF-F88E4AF1BECA} - C:\Program Files (x86)\KeyBar_1.6\prxtbKeyB.dll萀 File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [BtTray] C:\Program Files (x86)\Bluetooth Suite\BtTray.exe (Qualcomm Atheros)
O4:64bit: - HKLM..\Run: [BtvStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Qualcomm Atheros Commnucations)
O4:64bit: - HKLM..\Run: [EKIJ5000StatusMonitor] C:\Windows\SysNative\spool\drivers\x64\3\EKIJ5000MUI.exe (Eastman Kodak Company)
O4:64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [CLMLServer_For_P2G8] C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink)
O4 - HKLM..\Run: [CLVirtualDrive] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [OtShot] C:\Program Files (x86)\OtShot\otshot.exe ()
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SearchProtectAll] C:\Program Files (x86)\SearchProtect\bin\cltmng.exe (Conduit)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [AppEx Accelerator UI] C:\Program Files\AMD Quick Stream\AppexAcceleratorUI.exe (AppEx Networks Corporation)
O4 - HKCU..\Run: [Clownfish] C:\Program Files (x86)\Clownfish\Clownfish.exe (Bogdan Sharkov)
O4 - HKCU..\Run: [SearchProtect] C:\Users\Owner\AppData\Roaming\SearchProtect\bin\cltmng.exe (Conduit)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk = C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{26CB76FA-6D03-4545-8CD0-F5CEC635BECE}: DhcpNameServer = 7.254.254.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8334FFF6-FF92-49CE-98B5-740C1C246F26}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{29b40f64-4ebe-11e2-be8c-50b7c353c805}\Shell - "" = AutoRun
O33 - MountPoints2\{29b40f64-4ebe-11e2-be8c-50b7c353c805}\Shell\AutoRun\command - "" = "F:\MotorolaDeviceManagerSetup.exe" -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/12/25 08:37:04 | 000,000,000 | ---D | C] -- C:\windows\pss
[2013/12/25 03:20:54 | 001,139,800 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1404000.028\symefa64.sys
[2013/12/25 03:20:54 | 000,796,760 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1404000.028\srtsp64.sys
[2013/12/25 03:20:54 | 000,493,656 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1404000.028\symds64.sys
[2013/12/25 03:20:54 | 000,433,752 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1404000.028\symnets.sys
[2013/12/25 03:20:54 | 000,036,952 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1404000.028\srtspx64.sys
[2013/12/25 03:20:54 | 000,023,448 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1404000.028\symelam.sys
[2013/12/25 03:20:53 | 000,224,416 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1404000.028\ironx64.sys
[2013/12/25 03:20:53 | 000,169,048 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1404000.028\ccsetx64.sys
[2013/12/25 03:20:29 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\NISx64\1404000.028
[2013/06/16 22:26:01 | 000,000,000 | R--D | C] -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2013/06/15 00:38:36 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/06/12 16:03:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2013/06/12 15:42:01 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\GAMES
[2013/06/10 00:27:47 | 000,000,000 | ---D | C] -- C:\Users\Owner\beyboo2
[2013/06/10 00:21:12 | 000,102,656 | ---- | C] (Cypherix Software (India) Pvt. Ltd.) -- C:\windows\SysNative\drivers\cypxdv10.sys
[2013/06/10 00:21:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cypherix 10
[2013/06/10 00:21:11 | 001,055,072 | ---- | C] (Cypherix Software (India) Pvt. Ltd.) -- C:\windows\SysWow64\cypxsrv10.exe
[2013/06/10 00:21:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cypherix LE 10
[2013/06/09 22:28:59 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\2010-11-26 001
[2013/06/07 22:01:22 | 000,107,368 | ---- | C] (LogMeIn, Inc.) -- C:\windows\SysNative\LMIRfsClientNP.dll
[2013/06/06 19:41:24 | 000,107,368 | ---- | C] (LogMeIn, Inc.) -- C:\windows\SysNative\LMIRfsClientNP.dll.000.bak
[2013/06/06 19:41:23 | 000,100,680 | ---- | C] (LogMeIn, Inc.) -- C:\windows\SysNative\LMIinit.dll
[2013/05/27 12:41:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2013/05/27 12:41:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip
[2013/05/27 12:37:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LessTabs
[2013/05/26 13:48:18 | 000,033,856 | -H-- | C] (LogMeIn, Inc.) -- C:\windows\SysNative\hamachi.sys
[2013/05/26 13:48:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2013/05/26 13:47:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2013/05/24 02:08:41 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2
[2013/05/22 22:58:01 | 001,139,800 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1403010.016\symefa64.sys
[2013/05/22 22:58:01 | 000,796,248 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1403010.016\srtsp64.sys
[2013/05/22 22:58:01 | 000,493,656 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1403010.016\symds64.sys
[2013/05/22 22:58:01 | 000,432,800 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1403010.016\symnets.sys
[2013/05/22 22:58:01 | 000,224,416 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1403010.016\ironx64.sys
[2013/05/22 22:58:01 | 000,168,096 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1403010.016\ccsetx64.sys
[2013/05/22 22:58:01 | 000,036,952 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1403010.016\srtspx64.sys
[2013/05/22 22:58:01 | 000,023,448 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1403010.016\symelam.sys
[2013/05/22 22:57:37 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\NISx64\1403010.016
[2013/05/21 14:44:28 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\update [bleep]
[2013/05/21 14:42:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros
[2013/05/21 14:41:57 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Atheros
[2013/05/21 12:32:49 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Samsung
[2013/05/21 12:29:36 | 000,177,312 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\SYMEVENT64x86.SYS
[2013/05/21 12:29:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2013/05/21 12:29:36 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2013/05/21 12:28:01 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\NISx64
[2013/05/21 12:27:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Internet Security
[2013/05/21 12:27:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2013/05/21 12:27:40 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
[2013/05/21 12:23:53 | 003,653,632 | ---- | C] (Qualcomm Atheros Communications, Inc.) -- C:\windows\SysNative\drivers\athw8x.sys
[2013/05/21 12:23:53 | 003,653,632 | ---- | C] (Qualcomm Atheros Communications, Inc.) -- C:\windows\SysNative\athw8x.sys
[2013/05/21 12:20:37 | 000,135,832 | ---- | C] (Qualcomm Atheros) -- C:\windows\SysNative\drivers\btath_rcp.sys
[2013/05/21 12:20:36 | 000,077,464 | ---- | C] (Qualcomm Atheros) -- C:\windows\SysNative\drivers\btath_lwflt.sys
[2013/05/21 12:20:35 | 000,222,360 | ---- | C] (Qualcomm Atheros) -- C:\windows\SysNative\drivers\btath_hid.sys
[2013/05/21 12:20:35 | 000,178,840 | ---- | C] (Qualcomm Atheros) -- C:\windows\SysNative\drivers\btath_hcrp.sys
[2013/05/21 12:20:33 | 000,344,216 | ---- | C] (Qualcomm Atheros) -- C:\windows\SysNative\drivers\btath_a2dp.sys
[2013/05/21 12:20:33 | 000,114,840 | ---- | C] (Qualcomm Atheros) -- C:\windows\SysNative\drivers\btath_avdt.sys
[2013/05/21 12:20:33 | 000,088,728 | ---- | C] (Qualcomm Atheros) -- C:\windows\SysNative\drivers\btath_flt.sys
[2013/05/21 12:20:32 | 000,576,152 | ---- | C] (Qualcomm Atheros) -- C:\windows\SysNative\drivers\btfilter.sys
[2013/05/21 12:20:29 | 000,033,944 | ---- | C] (Qualcomm Atheros) -- C:\windows\SysNative\drivers\btath_bus.sys
[2013/05/21 12:19:40 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Program
[2013/05/21 12:19:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\QCA_Bluetooth
[2013/05/21 12:19:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bluetooth Suite
[2013/05/21 12:14:13 | 000,690,832 | ---- | C] (Realtek ) -- C:\windows\SysNative\drivers\Rt630x64.sys
[2013/05/21 11:10:06 | 002,063,240 | ---- | C] (Samsung Electronics) -- C:\ProgramData\MakeMarkerFile.exe
[2013/05/21 11:00:30 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013/05/21 10:57:35 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\AppEx Networks
[2013/05/21 10:47:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\UEFI WinFlash
[2013/05/21 10:45:52 | 000,199,008 | ---- | C] (AppEx Networks Corporation) -- C:\windows\SysNative\drivers\appexDrv.sys
[2013/05/21 10:45:52 | 000,000,000 | ---D | C] -- C:\Program Files\AMD Quick Stream
[2013/05/21 10:45:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2013/05/21 10:45:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2013/05/21 10:45:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2013/05/21 10:40:23 | 000,534,528 | ---- | C] (AMD) -- C:\windows\SysNative\atieclxx.exe
[2013/05/21 10:40:23 | 000,239,616 | ---- | C] (AMD) -- C:\windows\SysNative\atiesrxx.exe
[2013/05/21 10:40:23 | 000,120,320 | ---- | C] (AMD) -- C:\windows\SysNative\atitmm64.dll
[2013/05/21 10:40:23 | 000,070,144 | ---- | C] (AMD) -- C:\windows\SysNative\coinst_8.982.10.5.dll
[2013/05/21 10:40:23 | 000,021,504 | ---- | C] (AMD) -- C:\windows\SysNative\atimuixx.dll
[2013/05/21 10:40:23 | 000,000,000 | ---D | C] -- C:\CIMTEMP
[2013/01/18 12:42:09 | 000,846,256 | ---- | C] (PrivitizeVPN) -- C:\Program Files (x86)\ScribbleNautsUnlimitedTorrent.exe
[1 C:\Users\Owner\*.tmp files -> C:\Users\Owner\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/06/16 23:19:09 | 000,000,222 | ---- | M] () -- C:\Users\Owner\Desktop\APB Reloaded.url
[2013/06/16 23:18:17 | 000,000,924 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/06/16 22:36:54 | 004,162,090 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013/06/16 22:36:54 | 001,243,868 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013/06/16 22:36:54 | 000,005,388 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013/06/16 22:27:01 | 002,296,471 | ---- | M] () -- C:\windows\SysNative\drivers\NISx64\1403010.016\Cat.DB
[2013/06/16 22:26:19 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/06/16 22:25:20 | 000,000,920 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/06/16 22:24:14 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013/06/16 22:24:11 | 2975,514,624 | -HS- | M] () -- C:\hiberfil.sys
[2013/06/12 17:41:50 | 000,281,872 | ---- | M] () -- C:\windows\SysWow64\PnkBstrB.exe
[2013/06/12 17:41:45 | 000,281,872 | ---- | M] () -- C:\windows\SysWow64\PnkBstrB.ex0
[2013/06/12 17:41:43 | 000,076,888 | ---- | M] () -- C:\windows\SysWow64\PnkBstrA.exe
[2013/06/12 16:08:05 | 000,281,288 | ---- | M] () -- C:\windows\SysWow64\PnkBstrB.xtr
[2013/06/10 00:23:29 | 104,857,600 | ---- | M] () -- C:\Users\Owner\Documents\cxl1705
[2013/06/07 21:59:44 | 000,107,368 | ---- | M] (LogMeIn, Inc.) -- C:\windows\SysNative\LMIRfsClientNP.dll
[2013/06/07 21:59:44 | 000,100,680 | ---- | M] (LogMeIn, Inc.) -- C:\windows\SysNative\LMIinit.dll
[2013/06/07 21:59:44 | 000,035,656 | ---- | M] (LogMeIn, Inc.) -- C:\windows\SysNative\LMIport.dll
[2013/06/06 19:39:17 | 000,107,368 | ---- | M] (LogMeIn, Inc.) -- C:\windows\SysNative\LMIRfsClientNP.dll.000.bak
[2013/06/03 23:34:29 | 000,000,172 | ---- | M] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\isolate.ini
[2013/05/26 19:01:53 | 000,006,509 | ---- | M] () -- C:\Users\Owner\AppData\Local\recently-used.xbel
[2013/05/24 02:37:09 | 000,000,044 | ---- | M] () -- C:\Users\Owner\.gtk-bookmarks
[2013/05/23 19:09:47 | 000,008,063 | ---- | M] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\symds64.cat
[2013/05/22 22:25:28 | 001,139,800 | ---- | M] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1404000.028\symefa64.sys
[2013/05/22 22:25:28 | 000,007,587 | ---- | M] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\symefa64.cat
[2013/05/22 22:25:28 | 000,003,434 | ---- | M] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\symefa.inf
[2013/05/21 14:36:00 | 000,427,272 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013/05/21 12:29:36 | 000,177,312 | ---- | M] (Symantec Corporation) -- C:\windows\SysNative\drivers\SYMEVENT64x86.SYS
[2013/05/21 12:29:36 | 000,007,466 | ---- | M] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.CAT
[2013/05/21 12:29:36 | 000,000,855 | ---- | M] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.INF
[2013/05/21 11:01:50 | 000,001,915 | ---- | M] () -- C:\Users\Owner\Desktop\Clownfish.lnk
[2013/05/21 10:56:22 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\drivers\144D_SAMSUNG_na_355V4_P06A.mrk
[2013/05/21 10:45:52 | 000,000,964 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\AMD Quick Stream.lnk
[2013/05/20 22:02:00 | 000,493,656 | ---- | M] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1404000.028\symds64.sys
[2013/05/20 22:02:00 | 000,002,852 | ---- | M] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\symds.inf
[2013/05/20 21:40:20 | 000,008,067 | ---- | M] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\srtsp64.cat
[1 C:\Users\Owner\*.tmp files -> C:\Users\Owner\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/12/25 03:20:54 | 000,009,670 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\symelam64.cat
[2013/12/25 03:20:54 | 000,008,067 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\symnet64.cat
[2013/12/25 03:20:54 | 000,007,589 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\srtspx64.cat
[2013/12/25 03:20:54 | 000,007,587 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\symefa64.cat
[2013/12/25 03:20:54 | 000,003,434 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\symefa.inf
[2013/12/25 03:20:54 | 000,002,852 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\symds.inf
[2013/12/25 03:20:54 | 000,001,440 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\symnet.inf
[2013/12/25 03:20:54 | 000,001,437 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\srtsp64.inf
[2013/12/25 03:20:54 | 000,001,420 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\srtspx64.inf
[2013/12/25 03:20:54 | 000,000,996 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\symelam.inf
[2013/12/25 03:20:53 | 000,007,667 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\ccsetx64.cat
[2013/12/25 03:20:53 | 000,007,593 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\iron.cat
[2013/12/25 03:20:53 | 000,000,853 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\ccsetx64.inf
[2013/12/25 03:20:53 | 000,000,767 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\iron.inf
[2013/12/25 03:20:29 | 000,014,818 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\symvtcer.dat
[2013/12/25 03:20:29 | 000,008,067 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\srtsp64.cat
[2013/12/25 03:20:29 | 000,008,063 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\symds64.cat
[2013/12/25 03:20:29 | 000,000,172 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\isolate.ini
[2013/06/16 23:19:08 | 000,000,222 | ---- | C] () -- C:\Users\Owner\Desktop\APB Reloaded.url
[2013/06/12 17:41:56 | 000,281,872 | ---- | C] () -- C:\windows\SysWow64\PnkBstrB.exe
[2013/06/12 16:08:09 | 000,281,872 | ---- | C] () -- C:\windows\SysWow64\PnkBstrB.ex0
[2013/06/12 16:03:36 | 000,076,888 | ---- | C] () -- C:\windows\SysWow64\PnkBstrA.exe
[2013/06/10 00:23:23 | 104,857,600 | ---- | C] () -- C:\Users\Owner\Documents\cxl1705
[2013/05/26 19:01:53 | 000,006,509 | ---- | C] () -- C:\Users\Owner\AppData\Local\recently-used.xbel
[2013/05/26 18:56:12 | 000,001,180 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Express Burn.lnk
[2013/05/26 18:43:34 | 000,001,188 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Doxillion Document Converter.lnk
[2013/05/26 13:44:28 | 002,296,471 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1403010.016\Cat.DB
[2013/05/24 02:37:09 | 000,000,044 | ---- | C] () -- C:\Users\Owner\.gtk-bookmarks
[2013/05/24 02:09:46 | 000,000,896 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
[2013/05/22 22:58:01 | 000,009,670 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1403010.016\symelam64.cat
[2013/05/22 22:58:01 | 000,007,611 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1403010.016\ccsetx64.cat
[2013/05/22 22:58:01 | 000,007,601 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1403010.016\symnet64.cat
[2013/05/22 22:58:01 | 000,007,593 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1403010.016\iron.cat
[2013/05/22 22:58:01 | 000,007,589 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1403010.016\srtspx64.cat
[2013/05/22 22:58:01 | 000,007,587 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1403010.016\symefa64.cat
[2013/05/22 22:58:01 | 000,007,585 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1403010.016\srtsp64.cat
[2013/05/22 22:58:01 | 000,007,581 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1403010.016\symds64.cat
[2013/05/22 22:58:01 | 000,003,434 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1403010.016\symefa.inf
[2013/05/22 22:58:01 | 000,002,852 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1403010.016\symds.inf
[2013/05/22 22:58:01 | 000,001,440 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1403010.016\symnet.inf
[2013/05/22 22:58:01 | 000,001,438 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1403010.016\srtsp64.inf
[2013/05/22 22:58:01 | 000,001,420 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1403010.016\srtspx64.inf
[2013/05/22 22:58:01 | 000,000,996 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1403010.016\symelam.inf
[2013/05/22 22:58:01 | 000,000,853 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1403010.016\ccsetx64.inf
[2013/05/22 22:58:01 | 000,000,767 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1403010.016\iron.inf
[2013/05/22 22:57:37 | 000,014,818 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1403010.016\symvtcer.dat
[2013/05/22 22:57:37 | 000,000,172 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1403010.016\isolate.ini
[2013/05/21 14:43:13 | 000,001,206 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\S Agent.lnk
[2013/05/21 14:35:40 | 000,427,272 | ---- | C] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013/05/21 12:29:36 | 000,007,466 | ---- | C] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.CAT
[2013/05/21 12:29:36 | 000,000,855 | ---- | C] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.INF
[2013/05/21 12:23:53 | 000,331,272 | ---- | C] () -- C:\windows\SysNative\athw8x.inf
[2013/05/21 12:23:53 | 000,080,062 | ---- | C] () -- C:\windows\SysNative\athw8x.cat
[2013/05/21 11:10:06 | 000,003,004 | ---- | C] () -- C:\ProgramData\MakeMarkerFile.xml
[2013/05/21 10:56:22 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\drivers\144D_SAMSUNG_na_355V4_P06A.mrk
[2013/05/21 10:45:52 | 000,000,964 | ---- | C] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\AMD Quick Stream.lnk
[2013/05/21 10:40:23 | 000,270,536 | ---- | C] () -- C:\windows\SysWow64\atiapfxx.blb
[2013/05/21 10:40:23 | 000,270,536 | ---- | C] () -- C:\windows\SysNative\atiapfxx.blb
[2013/05/21 10:40:23 | 000,038,316 | ---- | C] () -- C:\windows\atiogl.xml
[2013/05/21 10:38:22 | 000,002,471 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2013/03/02 09:06:15 | 000,000,355 | ---- | C] () -- C:\Users\Owner\Computer - Shortcut (2).lnk
[2013/03/02 09:05:55 | 000,000,355 | ---- | C] () -- C:\Users\Owner\Computer - Shortcut.lnk
[2013/01/10 15:24:50 | 000,083,968 | ---- | C] () -- C:\windows\SysWow64\OEMLicense.dll
[2012/12/14 14:18:44 | 000,002,987 | ---- | C] () -- C:\Users\Owner\Nero Burning ROM 10.lnk
[2012/09/20 00:25:52 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2012/08/07 19:10:24 | 000,204,952 | ---- | C] () -- C:\windows\SysWow64\ativvsvl.dat
[2012/08/07 19:10:24 | 000,157,144 | ---- | C] () -- C:\windows\SysWow64\ativvsva.dat
[2012/07/26 01:13:10 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat
[2012/07/26 01:13:09 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT
[2012/07/26 00:21:26 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2012/07/25 18:17:42 | 000,043,520 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2012/07/25 13:37:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2012/07/25 13:28:31 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
[2012/06/02 07:31:19 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat
[2012/05/10 16:35:16 | 000,029,184 | ---- | C] () -- C:\windows\SysWow64\kdbsdk32.dll
[2011/09/12 03:06:18 | 000,003,917 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat

========== ZeroAccess Check ==========

[2012/12/27 14:38:07 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/03/05 23:31:28 | 019,758,592 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/03/05 22:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/25 20:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/25 20:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/25 20:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/05/17 09:28:51 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\.minecraft
[2013/03/20 19:04:16 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\.spoutcraft
[2012/12/14 18:00:18 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\AVG2013
[2013/01/18 12:51:42 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\DAEMON Tools Pro
[2013/01/06 14:20:00 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\DefaultTab
[2013/03/21 09:32:17 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\File Scout
[2013/03/23 12:28:25 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Minecraft Version Changer
[2013/01/18 12:47:44 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\OpenCandy
[2013/04/12 19:13:58 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\PerformerSoft
[2013/02/02 15:31:10 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Raptr
[2013/05/21 12:32:49 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Samsung
[2013/02/13 18:02:31 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Screaming Bee
[2013/04/12 19:08:13 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\SearchProtect
[2013/04/08 14:57:04 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\SpeedanAlysis
[2012/12/14 13:41:37 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Synaptics
[2013/05/03 19:21:34 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\TeamViewer
[2013/05/03 19:01:22 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\TS3Client
[2012/12/14 17:56:22 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\TuneUp Software
[2013/05/03 20:56:25 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Tunngle

========== Purity Check ==========



< End of report >


Please respond ASAP I would Highly respect and appreciate it - Phil
  • 0

Advertisements

#2
Phel
Posted 17 June 2013 - 12:37 PM

Phel

    Trusted Helper

  • Malware Removal
  • 1,386 posts
Hello, cpu1006 and welcome to GeeksToGo!

You can call me Phel and today I will try to help you with your trouble.

Please, read these instructions carefully, because they contain some very useful information.

Please, let me know, if you don't understand something. It is really important to understand any instruction. Also, please read all instructions carefully before performing them. Feel free to ask questions, if you aren't sure.

Please, be patient. You should stay here until your computer will become really clean. Malware Removal isn't very fast procedure, it usually has multiple steps, but result should be glad.;)

Please, wait for a while now, currently I'm analyzing your logs. Please note, that my answers could come with a slight delay, because they are checked by my teacher.
  • 0

#3
Phel
Posted 18 June 2013 - 01:14 AM

Phel

    Trusted Helper

  • Malware Removal
  • 1,386 posts
Hey,

Please, follow these steps:

Step 1. Uninstall Chrome extensions.

  • Launch your Google Chrome browser.
  • In the address bar type the following:

    chrome:extensions
  • Extension list will appear.
  • Find there Wajam, LessTabs, Ask Toolbar, KeyBar 1.6, appbario7 extensions.
  • Click on the recycle bin icon near them (uninstall them).
  • Restart your browser.

Step 2. Changing Chrome Search provider and Homepage.

Your current Chrome Search provider and Homepage are malicious.

Please, follow this instruction and set your Search provider to www.google.com or to something else, what you you want. For Home page, please, follow this instruction.

Step 3. AdwCleaner scan.

  • Please, download AdwCleaner from here to your Desktop.
  • Right click on adwcleaner.exe file on your Desktop->Run as Administrator.
  • Adwcleaner window should appear.
  • Click on the Delete button.
  • Click on OK.
  • Computer will be rebooted automatically, when program will finish it's job.
  • After fix Notepad window with report should appear. Post the contents of the report in your next message.

Step 4. OTL fix.

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
SRV - [2013/04/11 07:28:08 | 000,093,984 | ---- | M] (Conduit) [Auto | Running] -- C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe -- (CltMngSvc)
SRV - [2013/01/06 14:20:00 | 000,107,520 | ---- | M] () [Auto | Running] -- C:\Users\Owner\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe -- (DefaultTabUpdate)
IE - HKLM\..\URLSearchHook: {65f9f6b7-2dae-46fc-bfaf-f88e4af1beca} - C:\Program Files (x86)\KeyBar_1.6\prxtbKeyB.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...&ctid=CT3227981
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {65f9f6b7-2dae-46fc-bfaf-f88e4af1beca} - C:\Program Files (x86)\KeyBar_1.6\prxtbKeyB.dll (Conduit Ltd.)
O2 - BHO: (no name) - {2F7B9D4C-DE5F-4003-6076-0EBC120ACA7F} - No CLSID value found.
O2 - BHO: (LessTabs) - {3178A392-8963-471E-B7A2-969CB58D6496} - C:\Program Files (x86)\LessTabs\IE32\LessTabsClientIE.dll (LessTabs)
O2 - BHO: (KeyBar 1.6 Toolbar) - {65f9f6b7-2dae-46fc-bfaf-f88e4af1beca} - C:\Program Files (x86)\KeyBar_1.6\prxtbKeyB.dll (Conduit Ltd.)
O2 - BHO: (Wajam) - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll File not found
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (WeCareReminder Class) - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll (We-Care.com)
O3 - HKLM\..\Toolbar: (KeyBar 1.6 Toolbar) - {65f9f6b7-2dae-46fc-bfaf-f88e4af1beca} - C:\Program Files (x86)\KeyBar_1.6\prxtbKeyB.dll萀 File not found
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (KeyBar 1.6 Toolbar) - {65F9F6B7-2DAE-46FC-BFAF-F88E4AF1BECA} - C:\Program Files (x86)\KeyBar_1.6\prxtbKeyB.dll萀 File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [OtShot] C:\Program Files (x86)\OtShot\otshot.exe ()
O4 - HKLM..\Run: [SearchProtectAll] C:\Program Files (x86)\SearchProtect\bin\cltmng.exe (Conduit)
O4 - HKCU..\Run: [SearchProtect] C:\Users\Owner\AppData\Roaming\SearchProtect\bin\cltmng.exe (Conduit)
[2013/05/27 12:37:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LessTabs
[2013/01/06 14:20:00 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\DefaultTab
[2013/04/12 19:08:13 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\SearchProtect
[2013/01/18 12:47:44 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\OpenCandy
[2013/04/12 19:13:58 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\PerformerSoft
[2013/03/21 09:32:17 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\File Scout

:Files
C:\Program Files (x86)\Ask.com
C:\Program Files (x86)\KeyBar_1.6
C:\Program Files (x86)\OtShot
C:\Program Files (x86)\SearchProtect
C:\ProgramData\WeCareReminder
C:\Program Files (x86)\Wajam

:Commands
[EMPTYTEMP]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

How your computer is running now?

So, please, don't forget to post in your next message:

  • AdwCleaner log
  • OTL log

  • 0

#4
cpu1006
Posted 19 June 2013 - 03:58 AM

cpu1006

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
My performance has increased slightly, and thank you for your time and efforts. Here is my OTL log

OTL logfile created on: 6/18/2013 1:21:46 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Owner\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16599)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.46 Gb Total Physical Memory | 2.29 Gb Available Physical Memory | 65.98% Memory free
5.03 Gb Paging File | 3.74 Gb Available in Paging File | 74.41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 442.53 Gb Total Space | 377.54 Gb Free Space | 85.31% Space Free | Partition Type: NTFS

Computer Name: SAMSUNGLAPTOP | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/06/18 13:03:40 | 000,648,201 | ---- | M] () -- C:\Users\Owner\Desktop\AdwCleaner.exe
PRC - [2013/06/16 22:53:53 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Downloads\OTL.exe
PRC - [2013/06/12 17:41:43 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013/06/06 15:06:24 | 001,641,896 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2013/05/15 14:23:06 | 002,956,336 | ---- | M] (Samsung Electronics CO., LTD.) -- C:\ProgramData\SAMSUNG\SW Update Service\SWMAgent.exe
PRC - [2013/05/15 12:08:46 | 002,255,184 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2013/05/14 13:26:12 | 003,289,208 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013/05/13 00:49:50 | 001,268,472 | ---- | M] (Bogdan Sharkov) -- C:\Program Files (x86)\Clownfish\Clownfish.exe
PRC - [2013/05/10 00:57:32 | 000,037,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe
PRC - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/23 00:48:17 | 010,244,448 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
PRC - [2013/04/23 00:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013/04/23 00:40:59 | 000,193,888 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013/01/18 12:52:36 | 000,295,072 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2012/12/05 19:57:52 | 000,323,584 | R--- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2012/11/29 21:31:04 | 000,038,608 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2012/09/12 18:22:22 | 000,642,216 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
PRC - [2012/09/05 00:50:26 | 001,593,976 | ---- | M] (Samsung Electronics CO., LTD.) -- C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
PRC - [2012/09/05 00:50:24 | 000,085,112 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
PRC - [2012/09/05 00:50:16 | 002,623,096 | ---- | M] (Samsung Electronics CO., LTD.) -- C:\Program Files (x86)\Samsung\Settings\sSettings.exe
PRC - [2012/08/15 04:41:26 | 000,097,392 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2012/06/07 20:34:06 | 000,111,120 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
PRC - [2012/01/23 15:25:14 | 000,097,696 | ---- | M] (TechSmith Corporation) -- C:\Program Files (x86)\TechSmith\Snagit 11\SnagPriv.exe
PRC - [2012/01/23 15:24:48 | 008,873,376 | ---- | M] (TechSmith Corporation) -- C:\Program Files (x86)\TechSmith\Snagit 11\Snagit32.exe
PRC - [2012/01/23 14:59:04 | 000,046,080 | ---- | M] (TechSmith Corporation) -- C:\Program Files (x86)\TechSmith\Snagit 11\TscHelp.exe
PRC - [2012/01/18 10:00:00 | 001,055,072 | ---- | M] (Cypherix Software (India) Pvt. Ltd.) -- C:\Windows\SysWOW64\cypxsrv10.exe
PRC - [2010/05/04 13:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe


========== Modules (No Company Name) ==========

MOD - [2013/06/18 13:03:40 | 000,648,201 | ---- | M] () -- C:\Users\Owner\Desktop\AdwCleaner.exe
MOD - [2013/06/06 15:06:24 | 001,114,536 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2013/05/06 18:05:20 | 000,654,848 | ---- | M] () -- C:\Program Files (x86)\Steam\SDL2.dll
MOD - [2013/03/26 17:16:40 | 020,341,672 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2012/12/11 10:51:10 | 001,100,800 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012/12/11 10:51:10 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012/12/11 10:51:10 | 000,124,416 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2012/09/05 00:50:28 | 000,110,712 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
MOD - [2012/09/05 00:50:10 | 000,026,744 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
MOD - [2012/07/25 20:19:17 | 000,751,616 | ---- | M] () -- C:\Windows\SysWOW64\Speech\Engines\TTS\MSTTSEngine.dll
MOD - [2012/07/25 20:19:17 | 000,615,424 | ---- | M] () -- C:\Windows\SysWOW64\Speech\Engines\TTS\MSTTSLoc.dll
MOD - [2012/06/07 20:34:06 | 000,627,216 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
MOD - [2012/06/07 19:34:06 | 000,016,400 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/04/08 21:48:42 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013/03/01 19:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/03/01 19:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/02/02 01:21:45 | 000,467,456 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/01/28 18:57:14 | 000,014,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013/01/09 16:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/01/09 16:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2012/11/05 21:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012/09/20 02:10:47 | 002,367,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2012/09/19 23:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012/09/19 23:30:41 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2012/09/12 16:45:36 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012/07/25 20:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012/07/25 20:07:42 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2012/07/25 20:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012/07/25 20:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012/07/25 20:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012/07/25 20:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012/07/25 20:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/07/25 20:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012/07/25 20:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012/07/25 20:05:28 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2012/07/25 20:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012/07/25 20:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012/07/25 17:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012/07/25 17:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012/07/25 17:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012/07/25 17:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012/07/25 17:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012/07/25 17:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV - [2013/06/12 17:41:43 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013/06/07 21:59:52 | 000,226,640 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\ramaint.exe -- (LMIMaint)
SRV - [2013/06/07 21:59:44 | 000,376,144 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2013/06/06 15:06:24 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/05/21 10:34:27 | 000,032,808 | ---- | M] (Just Develop It) [Auto | Running] -- C:\Program Files (x86)\MyPC Backup\BackupStack.exe -- (BackupStack)
SRV - [2013/05/15 14:23:06 | 002,956,336 | ---- | M] (Samsung Electronics CO., LTD.) [Auto | Running] -- C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe -- (SWUpdateService)
SRV - [2013/05/15 12:08:44 | 002,467,664 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2013/05/14 13:26:12 | 003,289,208 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/23 00:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/03/20 18:45:14 | 000,746,392 | ---- | M] (Tunngle.net GmbH) [On_Demand | Stopped] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2013/02/28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/12/23 20:33:29 | 000,144,520 | R--- | M] (Symantec Corporation) [Auto | Start_Pending] -- C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\ccSvcHst.exe -- (NIS)
SRV - [2012/12/05 20:44:14 | 000,231,552 | ---- | M] (Qualcomm Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2012/12/05 19:57:52 | 000,323,584 | R--- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt and Wlan Coex Agent)
SRV - [2012/11/29 21:31:04 | 000,038,608 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2012/11/29 11:56:50 | 000,407,424 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn)
SRV - [2012/11/05 21:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012/09/05 00:50:26 | 001,593,976 | ---- | M] (Samsung Electronics CO., LTD.) [Auto | Running] -- C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe -- (Easy Launcher)
SRV - [2012/07/25 20:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012/01/18 10:00:00 | 001,055,072 | ---- | M] (Cypherix Software (India) Pvt. Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\cypxsrv10.exe -- (cypherix10service)
SRV - [2010/05/04 13:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/06/07 21:59:44 | 000,107,368 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV:64bit: - [2013/05/21 12:29:36 | 000,177,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2013/04/08 22:27:43 | 000,284,424 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013/03/02 03:57:48 | 000,337,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013/03/02 03:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/03/02 03:45:20 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/03/02 03:45:19 | 000,194,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013/03/02 03:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/02/02 04:19:44 | 000,446,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013/02/02 00:25:23 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/01/30 20:18:18 | 000,432,800 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NISx64\1403010.016\symnets.sys -- (SymNetS)
DRV:64bit: - [2013/01/30 20:18:06 | 001,139,800 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NISx64\1403010.016\symefa64.sys -- (SymEFA)
DRV:64bit: - [2013/01/28 18:57:05 | 000,035,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013/01/28 18:45:19 | 000,796,248 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NISx64\1403010.016\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2013/01/28 18:45:19 | 000,036,952 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NISx64\1403010.016\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2013/01/28 16:08:22 | 000,230,904 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013/01/21 19:15:33 | 000,493,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NISx64\1403010.016\symds64.sys -- (SymDS)
DRV:64bit: - [2013/01/09 18:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2012/12/05 20:25:20 | 000,576,152 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2012/12/05 20:25:18 | 000,135,832 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2012/12/05 20:25:16 | 000,222,360 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_hid.sys -- (BTATH_HID)
DRV:64bit: - [2012/12/05 20:25:16 | 000,178,840 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2012/12/05 20:25:16 | 000,077,464 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2012/12/05 20:25:14 | 000,344,216 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2012/12/05 20:25:14 | 000,114,840 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2012/12/05 20:25:14 | 000,088,728 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2012/12/05 20:25:14 | 000,033,944 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2012/11/29 11:56:50 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\Drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV:64bit: - [2012/11/29 11:56:30 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\lmimirr.sys -- (lmimirr)
DRV:64bit: - [2012/11/26 20:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012/11/19 21:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012/11/15 19:22:01 | 000,224,416 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NISx64\1403010.016\ironx64.sys -- (SymIRON)
DRV:64bit: - [2012/11/15 19:18:04 | 000,168,096 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NISx64\1403010.016\ccsetx64.sys -- (ccSet_NIS)
DRV:64bit: - [2012/11/05 20:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012/10/16 19:02:04 | 000,457,016 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2012/10/12 01:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/10/11 00:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012/10/11 00:13:49 | 000,058,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2012/09/20 00:55:33 | 000,212,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2012/09/20 00:55:30 | 000,120,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2012/09/20 00:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012/09/20 00:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012/09/19 00:15:20 | 003,653,632 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\athw8x.sys -- (athr)
DRV:64bit: - [2012/09/12 18:21:24 | 010,315,264 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/09/12 16:22:04 | 000,370,688 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/09/02 21:16:38 | 000,026,280 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2012/09/02 21:16:36 | 000,079,528 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2012/08/21 12:56:38 | 000,091,648 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AtihdW86.sys -- (AtiHDAudioService)
DRV:64bit: - [2012/07/31 11:45:10 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)
DRV:64bit: - [2012/07/31 00:04:12 | 000,690,832 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2012/07/27 05:00:03 | 000,023,408 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\RadioHIDMini.sys -- (RadioHIDMini)
DRV:64bit: - [2012/07/25 22:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/07/25 22:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012/07/25 22:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012/07/25 22:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012/07/25 22:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012/07/25 22:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012/07/25 22:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012/07/25 22:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012/07/25 22:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012/07/25 22:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012/07/25 22:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012/07/25 22:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012/07/25 22:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012/07/25 22:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012/07/25 22:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012/07/25 22:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/07/25 22:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/07/25 21:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012/07/25 21:54:34 | 000,096,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2012/07/25 21:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012/07/25 20:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/07/25 19:29:47 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2012/07/25 19:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012/07/25 19:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012/07/25 19:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012/07/25 19:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012/07/25 19:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012/07/25 19:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012/07/25 19:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012/07/25 19:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012/07/25 19:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012/07/25 19:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012/07/25 19:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012/07/25 19:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012/07/25 19:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012/07/25 19:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/07/25 19:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012/07/25 19:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012/07/25 19:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/07/25 19:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012/07/25 19:25:02 | 000,202,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2012/07/25 19:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012/07/25 19:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012/07/25 19:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012/07/09 05:19:26 | 000,035,496 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\amdkmpfd.sys -- (amdkmpfd)
DRV:64bit: - [2012/06/24 18:24:50 | 000,092,536 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:64bit: - [2012/06/23 06:23:38 | 000,199,008 | ---- | M] (AppEx Networks Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\appexDrv.sys -- (APXACC)
DRV:64bit: - [2012/06/20 11:45:12 | 000,023,448 | R--- | M] (Symantec Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\Drivers\NISx64\1403010.016\symelam.sys -- (SymELAM)
DRV:64bit: - [2012/06/18 03:07:50 | 000,057,000 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2012/06/14 22:50:46 | 000,315,536 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\RtsUVStor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2012/01/18 10:00:00 | 000,102,656 | ---- | M] (Cypherix Software (India) Pvt. Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\cypxdv10.sys -- (cypxdv10)
DRV:64bit: - [2009/09/16 07:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\tap0901t.sys -- (tap0901t)
DRV:64bit: - [2009/03/18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\hamachi.sys -- (hamachi)
DRV - [2013/06/06 19:39:34 | 000,016,056 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys -- (LMIInfo)
DRV - [2012/08/17 18:00:00 | 002,084,000 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20120818.001\EX64.SYS -- (NAVEX15)
DRV - [2012/08/17 18:00:00 | 000,125,600 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20120818.001\ENG64.SYS -- (NAVENG)
DRV - [2012/08/10 10:34:04 | 000,512,672 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\IPSDefs\20120811.001\IDSVia64.sys -- (IDSVia64)
DRV - [2012/08/10 10:28:34 | 001,385,120 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\BASHDefs\20120815.002\BHDrvx64.sys -- (BHDrvx64)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{19A1DE7B-74BD-4E0D-AFC2-D48CA564CD2B}: "URL" = http://www.bing.com/...E10TR&pc=MASMJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{19A1DE7B-74BD-4E0D-AFC2-D48CA564CD2B}: "URL" = http://www.bing.com/...E10TR&pc=MASMJS

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung13.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{059D85AB-FAFC-4F81-902D-061282C5CF18}: "URL" = http://search.yahoo....02,17118,0,25,0
IE - HKCU\..\SearchScopes\{3F575F21-7961-489B-8B07-74F7F7B70C4B}: "URL" = http://www.mysearchr...q={searchTerms}
IE - HKCU\..\SearchScopes\{6F481A34-79B4-4D48-8440-4660B0687EBB}: "URL" = http://search.condui...4432875821&UM=2
IE - HKCU\..\SearchScopes\{EB030F0E-2D97-4C69-A723-EC9684CA6BBA}: "URL" = http://websearch.ask...3D-710CABEAA990
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{34712C68-7391-4c47-94F3-8F88D49AD632}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/01/18 12:54:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/01/18 12:54:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\IPSFFPlgn\ [2013/05/21 14:39:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\coFFPlgn\ [2013/06/16 22:26:50 | 000,000,000 | ---D | M]

[2013/04/08 14:57:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Extensions
[2013/04/08 14:57:05 | 000,000,000 | ---D | M] (SpeedAnalysis.com) -- C:\Users\Owner\AppData\Roaming\Mozilla\Extensions\[email protected]

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\PepperFlash\11.7.700.225\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U10 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: RealNetworks™ RealDownloader Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
CHR - plugin: RealNetworks™ RealDownloader HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
CHR - plugin: RealNetworks™ RealDownloader PepperFlashVideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
CHR - plugin: RealDownloader Plugin (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
CHR - plugin: Java Deployment Toolkit 7.0.100.18 (Enabled) = C:\windows\SysWOW64\npDeployJava1.dll
CHR - Extension: RealDownloader = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.0_0\
CHR - Extension: Skype Click to Call = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.9.0.12585_0\
CHR - Extension: KeyBar 1.6 = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lonndllmbldmmoefheenkmgkencnkdkh\10.15.2.23_0\
CHR - Extension: Norton Identity Protection = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.3.3.19_0\
CHR - Extension: appbario7 = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmlkabjddkpgkgfhdhpimhcbonapngoh\10.14.40.128_0\

O1 HOSTS File: ([2012/07/25 22:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [BtTray] C:\Program Files (x86)\Bluetooth Suite\BtTray.exe (Qualcomm Atheros)
O4:64bit: - HKLM..\Run: [BtvStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Qualcomm Atheros Commnucations)
O4:64bit: - HKLM..\Run: [EKIJ5000StatusMonitor] C:\Windows\SysNative\spool\drivers\x64\3\EKIJ5000MUI.exe (Eastman Kodak Company)
O4:64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [CLMLServer_For_P2G8] C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink)
O4 - HKLM..\Run: [CLVirtualDrive] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [AppEx Accelerator UI] C:\Program Files\AMD Quick Stream\AppexAcceleratorUI.exe (AppEx Networks Corporation)
O4 - HKCU..\Run: [Clownfish] C:\Program Files (x86)\Clownfish\Clownfish.exe (Bogdan Sharkov)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk = C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{26CB76FA-6D03-4545-8CD0-F5CEC635BECE}: DhcpNameServer = 7.254.254.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8334FFF6-FF92-49CE-98B5-740C1C246F26}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{29b40f64-4ebe-11e2-be8c-50b7c353c805}\Shell - "" = AutoRun
O33 - MountPoints2\{29b40f64-4ebe-11e2-be8c-50b7c353c805}\Shell\AutoRun\command - "" = "F:\MotorolaDeviceManagerSetup.exe" -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/12/25 08:37:04 | 000,000,000 | ---D | C] -- C:\windows\pss
[2013/12/25 03:20:54 | 001,139,800 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1404000.028\symefa64.sys
[2013/12/25 03:20:54 | 000,796,760 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1404000.028\srtsp64.sys
[2013/12/25 03:20:54 | 000,493,656 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1404000.028\symds64.sys
[2013/12/25 03:20:54 | 000,433,752 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1404000.028\symnets.sys
[2013/12/25 03:20:54 | 000,036,952 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1404000.028\srtspx64.sys
[2013/12/25 03:20:54 | 000,023,448 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1404000.028\symelam.sys
[2013/12/25 03:20:53 | 000,224,416 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1404000.028\ironx64.sys
[2013/12/25 03:20:53 | 000,169,048 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1404000.028\ccsetx64.sys
[2013/12/25 03:20:29 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\NISx64\1404000.028
[2013/06/18 13:23:15 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\gtg
[2013/06/18 13:21:35 | 000,000,000 | R--D | C] -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2013/06/18 13:16:15 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/06/17 01:16:51 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\Skyrim
[2013/06/15 00:38:36 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/06/12 16:03:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2013/06/12 15:42:01 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\GAMES
[2013/06/10 00:27:47 | 000,000,000 | ---D | C] -- C:\Users\Owner\beyboo2
[2013/06/10 00:21:12 | 000,102,656 | ---- | C] (Cypherix Software (India) Pvt. Ltd.) -- C:\windows\SysNative\drivers\cypxdv10.sys
[2013/06/10 00:21:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cypherix 10
[2013/06/10 00:21:11 | 001,055,072 | ---- | C] (Cypherix Software (India) Pvt. Ltd.) -- C:\windows\SysWow64\cypxsrv10.exe
[2013/06/10 00:21:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cypherix LE 10
[2013/06/09 22:28:59 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\2010-11-26 001
[2013/06/07 22:01:22 | 000,107,368 | ---- | C] (LogMeIn, Inc.) -- C:\windows\SysNative\LMIRfsClientNP.dll
[2013/06/06 19:41:24 | 000,107,368 | ---- | C] (LogMeIn, Inc.) -- C:\windows\SysNative\LMIRfsClientNP.dll.000.bak
[2013/06/06 19:41:23 | 000,100,680 | ---- | C] (LogMeIn, Inc.) -- C:\windows\SysNative\LMIinit.dll
[2013/05/27 12:41:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2013/05/27 12:41:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip
[2013/05/26 13:48:18 | 000,033,856 | -H-- | C] (LogMeIn, Inc.) -- C:\windows\SysNative\hamachi.sys
[2013/05/26 13:48:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2013/05/26 13:47:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2013/05/24 02:08:41 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2
[2013/05/22 22:58:01 | 001,139,800 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1403010.016\symefa64.sys
[2013/05/22 22:58:01 | 000,796,248 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1403010.016\srtsp64.sys
[2013/05/22 22:58:01 | 000,493,656 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1403010.016\symds64.sys
[2013/05/22 22:58:01 | 000,432,800 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1403010.016\symnets.sys
[2013/05/22 22:58:01 | 000,224,416 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1403010.016\ironx64.sys
[2013/05/22 22:58:01 | 000,168,096 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1403010.016\ccsetx64.sys
[2013/05/22 22:58:01 | 000,036,952 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1403010.016\srtspx64.sys
[2013/05/22 22:58:01 | 000,023,448 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1403010.016\symelam.sys
[2013/05/22 22:57:37 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\NISx64\1403010.016
[2013/05/21 14:44:28 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\update [bleep]
[2013/05/21 14:42:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros
[2013/05/21 14:41:57 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Atheros
[2013/05/21 12:32:49 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Samsung
[2013/05/21 12:29:36 | 000,177,312 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\SYMEVENT64x86.SYS
[2013/05/21 12:29:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2013/05/21 12:29:36 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2013/05/21 12:28:01 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\NISx64
[2013/05/21 12:27:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Internet Security
[2013/05/21 12:27:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2013/05/21 12:27:40 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
[2013/05/21 12:23:53 | 003,653,632 | ---- | C] (Qualcomm Atheros Communications, Inc.) -- C:\windows\SysNative\drivers\athw8x.sys
[2013/05/21 12:23:53 | 003,653,632 | ---- | C] (Qualcomm Atheros Communications, Inc.) -- C:\windows\SysNative\athw8x.sys
[2013/05/21 12:20:37 | 000,135,832 | ---- | C] (Qualcomm Atheros) -- C:\windows\SysNative\drivers\btath_rcp.sys
[2013/05/21 12:20:36 | 000,077,464 | ---- | C] (Qualcomm Atheros) -- C:\windows\SysNative\drivers\btath_lwflt.sys
[2013/05/21 12:20:35 | 000,222,360 | ---- | C] (Qualcomm Atheros) -- C:\windows\SysNative\drivers\btath_hid.sys
[2013/05/21 12:20:35 | 000,178,840 | ---- | C] (Qualcomm Atheros) -- C:\windows\SysNative\drivers\btath_hcrp.sys
[2013/05/21 12:20:33 | 000,344,216 | ---- | C] (Qualcomm Atheros) -- C:\windows\SysNative\drivers\btath_a2dp.sys
[2013/05/21 12:20:33 | 000,114,840 | ---- | C] (Qualcomm Atheros) -- C:\windows\SysNative\drivers\btath_avdt.sys
[2013/05/21 12:20:33 | 000,088,728 | ---- | C] (Qualcomm Atheros) -- C:\windows\SysNative\drivers\btath_flt.sys
[2013/05/21 12:20:32 | 000,576,152 | ---- | C] (Qualcomm Atheros) -- C:\windows\SysNative\drivers\btfilter.sys
[2013/05/21 12:20:29 | 000,033,944 | ---- | C] (Qualcomm Atheros) -- C:\windows\SysNative\drivers\btath_bus.sys
[2013/05/21 12:19:40 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Program
[2013/05/21 12:19:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\QCA_Bluetooth
[2013/05/21 12:19:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bluetooth Suite
[2013/05/21 12:14:13 | 000,690,832 | ---- | C] (Realtek ) -- C:\windows\SysNative\drivers\Rt630x64.sys
[2013/05/21 11:10:06 | 002,063,240 | ---- | C] (Samsung Electronics) -- C:\ProgramData\MakeMarkerFile.exe
[2013/05/21 11:00:30 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013/05/21 10:57:35 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\AppEx Networks
[2013/05/21 10:47:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\UEFI WinFlash
[2013/05/21 10:45:52 | 000,199,008 | ---- | C] (AppEx Networks Corporation) -- C:\windows\SysNative\drivers\appexDrv.sys
[2013/05/21 10:45:52 | 000,000,000 | ---D | C] -- C:\Program Files\AMD Quick Stream
[2013/05/21 10:45:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2013/05/21 10:45:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2013/05/21 10:45:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2013/05/21 10:40:23 | 000,534,528 | ---- | C] (AMD) -- C:\windows\SysNative\atieclxx.exe
[2013/05/21 10:40:23 | 000,239,616 | ---- | C] (AMD) -- C:\windows\SysNative\atiesrxx.exe
[2013/05/21 10:40:23 | 000,120,320 | ---- | C] (AMD) -- C:\windows\SysNative\atitmm64.dll
[2013/05/21 10:40:23 | 000,070,144 | ---- | C] (AMD) -- C:\windows\SysNative\coinst_8.982.10.5.dll
[2013/05/21 10:40:23 | 000,021,504 | ---- | C] (AMD) -- C:\windows\SysNative\atimuixx.dll
[2013/05/21 10:40:23 | 000,000,000 | ---D | C] -- C:\CIMTEMP
[1 C:\Users\Owner\*.tmp files -> C:\Users\Owner\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/06/18 13:25:53 | 004,257,542 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013/06/18 13:25:53 | 001,274,696 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013/06/18 13:25:53 | 000,005,388 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013/06/18 13:24:43 | 002,308,669 | ---- | M] () -- C:\windows\SysNative\drivers\NISx64\1403010.016\Cat.DB
[2013/06/18 13:21:03 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/06/18 13:20:54 | 000,000,920 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/06/18 13:18:58 | 2975,514,624 | -HS- | M] () -- C:\hiberfil.sys
[2013/06/18 13:18:58 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013/06/18 13:17:08 | 000,000,924 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/06/18 13:03:40 | 000,648,201 | ---- | M] () -- C:\Users\Owner\Desktop\AdwCleaner.exe
[2013/06/17 17:59:34 | 000,290,776 | ---- | M] () -- C:\windows\SysWow64\PnkBstrB.xtr
[2013/06/17 17:59:34 | 000,290,776 | ---- | M] () -- C:\windows\SysWow64\PnkBstrB.exe
[2013/06/16 23:19:09 | 000,000,222 | ---- | M] () -- C:\Users\Owner\Desktop\APB Reloaded.url
[2013/06/12 17:41:50 | 000,281,872 | ---- | M] () -- C:\windows\SysWow64\PnkBstrB.ex0
[2013/06/12 17:41:43 | 000,076,888 | ---- | M] () -- C:\windows\SysWow64\PnkBstrA.exe
[2013/06/10 00:23:29 | 104,857,600 | ---- | M] () -- C:\Users\Owner\Documents\cxl1705
[2013/06/07 21:59:44 | 000,107,368 | ---- | M] (LogMeIn, Inc.) -- C:\windows\SysNative\LMIRfsClientNP.dll
[2013/06/07 21:59:44 | 000,100,680 | ---- | M] (LogMeIn, Inc.) -- C:\windows\SysNative\LMIinit.dll
[2013/06/07 21:59:44 | 000,035,656 | ---- | M] (LogMeIn, Inc.) -- C:\windows\SysNative\LMIport.dll
[2013/06/06 19:39:17 | 000,107,368 | ---- | M] (LogMeIn, Inc.) -- C:\windows\SysNative\LMIRfsClientNP.dll.000.bak
[2013/06/03 23:34:29 | 000,000,172 | ---- | M] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\isolate.ini
[2013/05/26 19:01:53 | 000,006,509 | ---- | M] () -- C:\Users\Owner\AppData\Local\recently-used.xbel
[2013/05/24 02:37:09 | 000,000,044 | ---- | M] () -- C:\Users\Owner\.gtk-bookmarks
[2013/05/23 19:09:47 | 000,008,063 | ---- | M] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\symds64.cat
[2013/05/22 22:25:28 | 001,139,800 | ---- | M] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1404000.028\symefa64.sys
[2013/05/22 22:25:28 | 000,007,587 | ---- | M] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\symefa64.cat
[2013/05/22 22:25:28 | 000,003,434 | ---- | M] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\symefa.inf
[2013/05/21 14:36:00 | 000,427,272 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013/05/21 12:29:36 | 000,177,312 | ---- | M] (Symantec Corporation) -- C:\windows\SysNative\drivers\SYMEVENT64x86.SYS
[2013/05/21 12:29:36 | 000,007,466 | ---- | M] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.CAT
[2013/05/21 12:29:36 | 000,000,855 | ---- | M] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.INF
[2013/05/21 11:01:50 | 000,001,915 | ---- | M] () -- C:\Users\Owner\Desktop\Clownfish.lnk
[2013/05/21 10:56:22 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\drivers\144D_SAMSUNG_na_355V4_P06A.mrk
[2013/05/21 10:45:52 | 000,000,964 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\AMD Quick Stream.lnk
[2013/05/20 22:02:00 | 000,493,656 | ---- | M] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1404000.028\symds64.sys
[2013/05/20 22:02:00 | 000,002,852 | ---- | M] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\symds.inf
[2013/05/20 21:40:20 | 000,008,067 | ---- | M] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\srtsp64.cat
[1 C:\Users\Owner\*.tmp files -> C:\Users\Owner\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/12/25 03:20:54 | 000,009,670 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\symelam64.cat
[2013/12/25 03:20:54 | 000,008,067 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\symnet64.cat
[2013/12/25 03:20:54 | 000,007,589 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\srtspx64.cat
[2013/12/25 03:20:54 | 000,007,587 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\symefa64.cat
[2013/12/25 03:20:54 | 000,003,434 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\symefa.inf
[2013/12/25 03:20:54 | 000,002,852 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\symds.inf
[2013/12/25 03:20:54 | 000,001,440 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\symnet.inf
[2013/12/25 03:20:54 | 000,001,437 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\srtsp64.inf
[2013/12/25 03:20:54 | 000,001,420 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\srtspx64.inf
[2013/12/25 03:20:54 | 000,000,996 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\symelam.inf
[2013/12/25 03:20:53 | 000,007,667 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\ccsetx64.cat
[2013/12/25 03:20:53 | 000,007,593 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\iron.cat
[2013/12/25 03:20:53 | 000,000,853 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\ccsetx64.inf
[2013/12/25 03:20:53 | 000,000,767 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\iron.inf
[2013/12/25 03:20:29 | 000,014,818 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\symvtcer.dat
[2013/12/25 03:20:29 | 000,008,067 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\srtsp64.cat
[2013/12/25 03:20:29 | 000,008,063 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\symds64.cat
[2013/12/25 03:20:29 | 000,000,172 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\isolate.ini
[2013/06/18 13:03:37 | 000,648,201 | ---- | C] () -- C:\Users\Owner\Desktop\AdwCleaner.exe
[2013/06/17 17:59:40 | 000,290,776 | ---- | C] () -- C:\windows\SysWow64\PnkBstrB.exe
[2013/06/16 23:19:08 | 000,000,222 | ---- | C] () -- C:\Users\Owner\Desktop\APB Reloaded.url
[2013/06/12 17:41:56 | 000,281,872 | ---- | C] () -- C:\windows\SysWow64\PnkBstrB.ex0
[2013/06/12 16:03:36 | 000,076,888 | ---- | C] () -- C:\windows\SysWow64\PnkBstrA.exe
[2013/06/10 00:23:23 | 104,857,600 | ---- | C] () -- C:\Users\Owner\Documents\cxl1705
[2013/05/26 19:01:53 | 000,006,509 | ---- | C] () -- C:\Users\Owner\AppData\Local\recently-used.xbel
[2013/05/26 18:56:12 | 000,001,180 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Express Burn.lnk
[2013/05/26 18:43:34 | 000,001,188 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Doxillion Document Converter.lnk
[2013/05/26 13:44:28 | 002,308,669 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1403010.016\Cat.DB
[2013/05/24 02:37:09 | 000,000,044 | ---- | C] () -- C:\Users\Owner\.gtk-bookmarks
[2013/05/24 02:09:46 | 000,000,896 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
[2013/05/22 22:58:01 | 000,009,670 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1403010.016\symelam64.cat
[2013/05/22 22:58:01 | 000,007,611 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1403010.016\ccsetx64.cat
[2013/05/22 22:58:01 | 000,007,601 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1403010.016\symnet64.cat
[2013/05/22 22:58:01 | 000,007,593 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1403010.016\iron.cat
[2013/05/22 22:58:01 | 000,007,589 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1403010.016\srtspx64.cat
[2013/05/22 22:58:01 | 000,007,587 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1403010.016\symefa64.cat
[2013/05/22 22:58:01 | 000,007,585 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1403010.016\srtsp64.cat
[2013/05/22 22:58:01 | 000,007,581 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1403010.016\symds64.cat
[2013/05/22 22:58:01 | 000,003,434 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1403010.016\symefa.inf
[2013/05/22 22:58:01 | 000,002,852 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1403010.016\symds.inf
[2013/05/22 22:58:01 | 000,001,440 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1403010.016\symnet.inf
[2013/05/22 22:58:01 | 000,001,438 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1403010.016\srtsp64.inf
[2013/05/22 22:58:01 | 000,001,420 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1403010.016\srtspx64.inf
[2013/05/22 22:58:01 | 000,000,996 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1403010.016\symelam.inf
[2013/05/22 22:58:01 | 000,000,853 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1403010.016\ccsetx64.inf
[2013/05/22 22:58:01 | 000,000,767 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1403010.016\iron.inf
[2013/05/22 22:57:37 | 000,014,818 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1403010.016\symvtcer.dat
[2013/05/22 22:57:37 | 000,000,172 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1403010.016\isolate.ini
[2013/05/21 14:43:13 | 000,001,206 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\S Agent.lnk
[2013/05/21 14:35:40 | 000,427,272 | ---- | C] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013/05/21 12:29:36 | 000,007,466 | ---- | C] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.CAT
[2013/05/21 12:29:36 | 000,000,855 | ---- | C] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.INF
[2013/05/21 12:23:53 | 000,331,272 | ---- | C] () -- C:\windows\SysNative\athw8x.inf
[2013/05/21 12:23:53 | 000,080,062 | ---- | C] () -- C:\windows\SysNative\athw8x.cat
[2013/05/21 11:10:06 | 000,003,004 | ---- | C] () -- C:\ProgramData\MakeMarkerFile.xml
[2013/05/21 10:56:22 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\drivers\144D_SAMSUNG_na_355V4_P06A.mrk
[2013/05/21 10:45:52 | 000,000,964 | ---- | C] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\AMD Quick Stream.lnk
[2013/05/21 10:40:23 | 000,270,536 | ---- | C] () -- C:\windows\SysWow64\atiapfxx.blb
[2013/05/21 10:40:23 | 000,270,536 | ---- | C] () -- C:\windows\SysNative\atiapfxx.blb
[2013/05/21 10:40:23 | 000,038,316 | ---- | C] () -- C:\windows\atiogl.xml
[2013/05/21 10:38:22 | 000,002,471 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2013/03/02 09:06:15 | 000,000,355 | ---- | C] () -- C:\Users\Owner\Computer - Shortcut (2).lnk
[2013/03/02 09:05:55 | 000,000,355 | ---- | C] () -- C:\Users\Owner\Computer - Shortcut.lnk
[2013/01/10 15:24:50 | 000,083,968 | ---- | C] () -- C:\windows\SysWow64\OEMLicense.dll
[2012/12/14 14:18:44 | 000,002,987 | ---- | C] () -- C:\Users\Owner\Nero Burning ROM 10.lnk
[2012/09/20 00:25:52 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2012/08/07 19:10:24 | 000,204,952 | ---- | C] () -- C:\windows\SysWow64\ativvsvl.dat
[2012/08/07 19:10:24 | 000,157,144 | ---- | C] () -- C:\windows\SysWow64\ativvsva.dat
[2012/07/26 01:13:10 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat
[2012/07/26 01:13:09 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT
[2012/07/26 00:21:26 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2012/07/25 18:17:42 | 000,043,520 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2012/07/25 13:37:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2012/07/25 13:28:31 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
[2012/06/02 07:31:19 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat
[2012/05/10 16:35:16 | 000,029,184 | ---- | C] () -- C:\windows\SysWow64\kdbsdk32.dll
[2011/09/12 03:06:18 | 000,003,917 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat

========== ZeroAccess Check ==========

[2012/12/27 14:38:07 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/03/05 23:31:28 | 019,758,592 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/03/05 22:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/25 20:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/25 20:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/25 20:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/05/17 09:28:51 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\.minecraft
[2013/03/20 19:04:16 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\.spoutcraft
[2012/12/14 18:00:18 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\AVG2013
[2013/01/18 12:51:42 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\DAEMON Tools Pro
[2013/03/23 12:28:25 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Minecraft Version Changer
[2013/02/02 15:31:10 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Raptr
[2013/05/21 12:32:49 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Samsung
[2013/02/13 18:02:31 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Screaming Bee
[2012/12/14 13:41:37 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Synaptics
[2013/05/03 19:21:34 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\TeamViewer
[2013/05/03 19:01:22 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\TS3Client
[2012/12/14 17:56:22 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\TuneUp Software
[2013/05/03 20:56:25 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Tunngle

========== Purity Check ==========



< End of report >


here is my ADW log

# AdwCleaner v2.303 - Logfile created 06/18/2013 at 13:21:18
# Updated 08/06/2013 by Xplode
# Operating system : Windows 8 (64 bits)
# User : Owner - SAMSUNGLAPTOP
# Boot Mode : Normal
# Running from : C:\Users\Owner\Desktop\AdwCleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lonndllmbldmmoefheenkmgkencnkdkh
Folder Found : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lonndllmbldmmoefheenkmgkencnkdkh
Folder Found : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmlkabjddkpgkgfhdhpimhcbonapngoh

***** [Registry] *****

Key Found : HKCU\Software\Google\Chrome\Extensions\lonndllmbldmmoefheenkmgkencnkdkh
Key Found : HKCU\Software\Google\Chrome\Extensions\lonndllmbldmmoefheenkmgkencnkdkh
Key Found : HKCU\Software\Google\Chrome\Extensions\mmlkabjddkpgkgfhdhpimhcbonapngoh
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lonndllmbldmmoefheenkmgkencnkdkh
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lonndllmbldmmoefheenkmgkencnkdkh
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mmlkabjddkpgkgfhdhpimhcbonapngoh

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16537

[OK] Registry is clean.

-\\ Google Chrome v27.0.1453.110

File : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1545 octets] - [18/06/2013 13:21:19]
AdwCleaner[S1].txt - [14573 octets] - [18/06/2013 13:06:22]

########## EOF - C:\AdwCleaner[R1].txt - [1666 octets] ##########






By the way, If possible, could you tell me how I got this/these virus'. Pm me if necessary ;P
  • 0

#5
Phel
Posted 19 June 2013 - 09:32 AM

Phel

    Trusted Helper

  • Malware Removal
  • 1,386 posts
Hey,

By the way, If possible, could you tell me how I got this/these virus'.


I'm not sure, that I can answer on this question precisely, but I can assume that you've downloaded legit sofware, which is bundeled with these infections. So, you should always be careful when you're installing software. If installer requests to install suspicious toolbars and/or programs it is better to re-download sotware from trusted sources or find alternatives to installable software.

Please, follow these steps:

Step 1. AdwCleaner scan.

  • Right click on adwcleaner.exe file on your Desktop->Run as Administrator.
  • Adwcleaner window should appear.
  • Click on the Delete button.
  • Click on OK.
  • Computer will be rebooted automatically, when program will finish it's job.

After reboot:

  • Right click on adwcleaner.exe file on your Desktop->Run as Administrator.
  • AdwCleaner window should appear.
  • Click on the Search button.
  • After scan Notepad window with report should appear. Post the contents of the report in your next message.

Step 2. Uninstall Chrome extensions.

  • Launch your Google Chrome browser.
  • In the address bar type the following:

    chrome:extensions
  • Extension list will appear.
  • Find there KeyBar 1.6 and appbario7 extensions.
  • Click on the recycle bin icon near them (uninstall them).
  • Restart your browser.

Step 3. OTL fix.

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
IE - HKCU\..\SearchScopes\{3F575F21-7961-489B-8B07-74F7F7B70C4B}: "URL" = http://www.mysearchr...q={searchTerms}
IE - HKCU\..\SearchScopes\{6F481A34-79B4-4D48-8440-4660B0687EBB}: "URL" = http://search.condui...4432875821&UM=2
IE - HKCU\..\SearchScopes\{EB030F0E-2D97-4C69-A723-EC9684CA6BBA}: "URL" = http://websearch.ask...3D-710CABEAA990
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

:Commands
[REBOOT]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

Any changes after performing these steps?

So, please, don't forget to post in your next message:

  • AdwCleaner log
  • OTL log

  • 0

#6
cpu1006
Posted 20 June 2013 - 05:47 PM

cpu1006

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
ADW

# AdwCleaner v2.303 - Logfile created 06/19/2013 at 23:15:42
# Updated 08/06/2013 by Xplode
# Operating system : Windows 8 (64 bits)
# User : Owner - SAMSUNGLAPTOP
# Boot Mode : Normal
# Running from : C:\Users\Owner\Desktop\AdwCleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16537

[OK] Registry is clean.

-\\ Google Chrome v27.0.1453.116

File : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1735 octets] - [18/06/2013 13:22:00]
AdwCleaner[R2].txt - [696 octets] - [19/06/2013 23:15:42]
AdwCleaner[S1].txt - [14573 octets] - [18/06/2013 13:06:22]
AdwCleaner[S2].txt - [1630 octets] - [19/06/2013 12:08:02]

########## EOF - C:\AdwCleaner[R2].txt - [876 octets] ##########


OTL

OTL logfile created on: 6/19/2013 11:15:15 PM - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Owner\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16599)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.46 Gb Total Physical Memory | 1.74 Gb Available Physical Memory | 50.20% Memory free
5.03 Gb Paging File | 2.94 Gb Available in Paging File | 58.40% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 442.53 Gb Total Space | 377.99 Gb Free Space | 85.41% Space Free | Partition Type: NTFS

Computer Name: SAMSUNGLAPTOP | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/06/16 22:53:53 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Downloads\OTL.exe
PRC - [2013/06/14 18:28:44 | 000,825,808 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/06/12 17:41:43 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013/06/06 15:06:24 | 001,641,896 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2013/06/06 15:06:24 | 000,543,656 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2013/05/20 21:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccsvchst.exe
PRC - [2013/05/15 14:23:06 | 002,956,336 | ---- | M] (Samsung Electronics CO., LTD.) -- C:\ProgramData\SAMSUNG\SW Update Service\SWMAgent.exe
PRC - [2013/05/15 12:08:46 | 002,255,184 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2013/05/14 13:26:12 | 003,289,208 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013/05/13 00:49:50 | 001,268,472 | ---- | M] (Bogdan Sharkov) -- C:\Program Files (x86)\Clownfish\Clownfish.exe
PRC - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/23 00:48:17 | 010,244,448 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
PRC - [2013/04/23 00:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013/04/23 00:40:59 | 000,193,888 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013/01/18 12:52:36 | 000,295,072 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2012/12/05 19:57:52 | 000,323,584 | R--- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2012/11/29 21:31:04 | 000,038,608 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2012/09/05 00:50:26 | 001,593,976 | ---- | M] (Samsung Electronics CO., LTD.) -- C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
PRC - [2012/09/05 00:50:24 | 000,085,112 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
PRC - [2012/09/05 00:50:16 | 002,623,096 | ---- | M] (Samsung Electronics CO., LTD.) -- C:\Program Files (x86)\Samsung\Settings\sSettings.exe
PRC - [2012/08/15 04:41:26 | 000,097,392 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2012/07/03 10:04:58 | 000,507,312 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2012/06/07 20:34:06 | 000,111,120 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
PRC - [2012/01/23 15:24:56 | 008,119,200 | ---- | M] (TechSmith Corporation) -- C:\Program Files (x86)\TechSmith\Snagit 11\SnagitEditor.exe
PRC - [2012/01/23 14:59:04 | 000,046,080 | ---- | M] (TechSmith Corporation) -- C:\Program Files (x86)\TechSmith\Snagit 11\TscHelp.exe
PRC - [2012/01/18 10:00:00 | 001,055,072 | ---- | M] (Cypherix Software (India) Pvt. Ltd.) -- C:\Windows\SysWOW64\cypxsrv10.exe
PRC - [2010/05/04 13:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe


========== Modules (No Company Name) ==========

MOD - [2013/06/14 18:28:42 | 000,393,168 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ppgooglenaclpluginchrome.dll
MOD - [2013/06/14 18:28:40 | 004,051,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\pdf.dll
MOD - [2013/06/14 18:27:51 | 000,599,504 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\libglesv2.dll
MOD - [2013/06/14 18:27:50 | 000,124,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\libegl.dll
MOD - [2013/06/14 18:27:48 | 001,597,392 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ffmpegsumo.dll
MOD - [2013/06/06 15:06:24 | 001,114,536 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2013/05/06 18:05:20 | 000,654,848 | ---- | M] () -- C:\Program Files (x86)\Steam\SDL2.dll
MOD - [2013/03/26 17:16:40 | 020,341,672 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2012/12/11 10:51:10 | 001,100,800 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012/12/11 10:51:10 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012/12/11 10:51:10 | 000,124,416 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2012/09/05 00:50:28 | 000,110,712 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
MOD - [2012/09/05 00:50:22 | 000,211,064 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
MOD - [2012/09/05 00:50:16 | 000,060,536 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
MOD - [2012/09/05 00:50:10 | 000,103,544 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
MOD - [2012/09/05 00:50:10 | 000,026,744 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
MOD - [2012/07/25 20:19:17 | 000,751,616 | ---- | M] () -- C:\Windows\SysWOW64\Speech\Engines\TTS\MSTTSEngine.dll
MOD - [2012/07/25 20:19:17 | 000,615,424 | ---- | M] () -- C:\Windows\SysWOW64\Speech\Engines\TTS\MSTTSLoc.dll
MOD - [2012/06/07 20:34:06 | 000,627,216 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
MOD - [2012/06/07 19:34:06 | 000,016,400 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
MOD - [2012/05/29 23:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\wincfi39.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/04/08 21:48:42 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013/03/01 19:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/03/01 19:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/02/02 01:21:45 | 000,467,456 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/01/28 18:57:14 | 000,014,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013/01/09 16:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/01/09 16:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2012/11/05 21:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012/09/20 02:10:47 | 002,367,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2012/09/19 23:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012/09/19 23:30:41 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2012/09/12 16:45:36 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012/07/25 20:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012/07/25 20:07:42 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2012/07/25 20:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012/07/25 20:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012/07/25 20:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012/07/25 20:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012/07/25 20:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/07/25 20:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012/07/25 20:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012/07/25 20:05:28 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2012/07/25 20:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012/07/25 20:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012/07/25 17:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012/07/25 17:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012/07/25 17:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012/07/25 17:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012/07/25 17:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012/07/25 17:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV - [2013/06/12 17:41:43 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013/06/07 21:59:52 | 000,226,640 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\ramaint.exe -- (LMIMaint)
SRV - [2013/06/07 21:59:44 | 000,376,144 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2013/06/06 15:06:24 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/05/21 10:34:27 | 000,032,808 | ---- | M] (Just Develop It) [Auto | Stopped] -- C:\Program Files (x86)\MyPC Backup\BackupStack.exe -- (BackupStack)
SRV - [2013/05/20 21:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe -- (NIS)
SRV - [2013/05/15 14:23:06 | 002,956,336 | ---- | M] (Samsung Electronics CO., LTD.) [Auto | Running] -- C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe -- (SWUpdateService)
SRV - [2013/05/15 12:08:44 | 002,467,664 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2013/05/14 13:26:12 | 003,289,208 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/23 00:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/03/20 18:45:14 | 000,746,392 | ---- | M] (Tunngle.net GmbH) [On_Demand | Stopped] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2013/02/28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/12/05 20:44:14 | 000,231,552 | ---- | M] (Qualcomm Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2012/12/05 19:57:52 | 000,323,584 | R--- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt and Wlan Coex Agent)
SRV - [2012/11/29 21:31:04 | 000,038,608 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2012/11/29 11:56:50 | 000,407,424 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn)
SRV - [2012/11/05 21:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012/09/05 00:50:26 | 001,593,976 | ---- | M] (Samsung Electronics CO., LTD.) [Auto | Running] -- C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe -- (Easy Launcher)
SRV - [2012/07/25 20:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012/01/18 10:00:00 | 001,055,072 | ---- | M] (Cypherix Software (India) Pvt. Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\cypxsrv10.exe -- (cypherix10service)
SRV - [2010/05/04 13:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/06/18 17:09:25 | 000,177,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2013/06/07 21:59:44 | 000,107,368 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV:64bit: - [2013/05/22 22:25:28 | 001,139,800 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NISx64\1404000.028\symefa64.sys -- (SymEFA)
DRV:64bit: - [2013/05/20 22:02:00 | 000,493,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NISx64\1404000.028\symds64.sys -- (SymDS)
DRV:64bit: - [2013/05/15 22:02:14 | 000,796,760 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NISx64\1404000.028\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2013/04/24 17:43:56 | 000,433,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NISx64\1404000.028\symnets.sys -- (SymNetS)
DRV:64bit: - [2013/04/15 19:41:14 | 000,169,048 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NISx64\1404000.028\ccsetx64.sys -- (ccSet_NIS)
DRV:64bit: - [2013/04/08 22:27:43 | 000,284,424 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013/03/04 18:40:08 | 000,224,416 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NISx64\1404000.028\ironx64.sys -- (SymIRON)
DRV:64bit: - [2013/03/04 18:21:35 | 000,036,952 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NISx64\1404000.028\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2013/03/02 03:57:48 | 000,337,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013/03/02 03:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/03/02 03:45:20 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/03/02 03:45:19 | 000,194,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013/03/02 03:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/02/02 04:19:44 | 000,446,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013/02/02 00:25:23 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/01/28 18:57:05 | 000,035,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013/01/28 16:08:22 | 000,230,904 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013/01/09 18:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2012/12/05 20:25:20 | 000,576,152 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2012/12/05 20:25:18 | 000,135,832 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2012/12/05 20:25:16 | 000,222,360 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_hid.sys -- (BTATH_HID)
DRV:64bit: - [2012/12/05 20:25:16 | 000,178,840 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2012/12/05 20:25:16 | 000,077,464 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2012/12/05 20:25:14 | 000,344,216 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2012/12/05 20:25:14 | 000,114,840 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2012/12/05 20:25:14 | 000,088,728 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2012/12/05 20:25:14 | 000,033,944 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2012/11/29 11:56:50 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\Drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV:64bit: - [2012/11/29 11:56:30 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\lmimirr.sys -- (lmimirr)
DRV:64bit: - [2012/11/26 20:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012/11/19 21:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012/11/05 20:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012/10/16 19:02:04 | 000,457,016 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2012/10/12 01:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/10/11 00:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012/10/11 00:13:49 | 000,058,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2012/09/20 00:55:33 | 000,212,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2012/09/20 00:55:30 | 000,120,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2012/09/20 00:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012/09/20 00:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012/09/19 00:15:20 | 003,653,632 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\athw8x.sys -- (athr)
DRV:64bit: - [2012/09/12 18:21:24 | 010,315,264 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/09/12 16:22:04 | 000,370,688 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/09/02 21:16:38 | 000,026,280 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2012/09/02 21:16:36 | 000,079,528 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2012/08/21 12:56:38 | 000,091,648 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AtihdW86.sys -- (AtiHDAudioService)
DRV:64bit: - [2012/07/31 11:45:10 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)
DRV:64bit: - [2012/07/31 00:04:12 | 000,690,832 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2012/07/27 05:00:03 | 000,023,408 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\RadioHIDMini.sys -- (RadioHIDMini)
DRV:64bit: - [2012/07/25 22:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/07/25 22:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012/07/25 22:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012/07/25 22:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012/07/25 22:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012/07/25 22:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012/07/25 22:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012/07/25 22:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012/07/25 22:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012/07/25 22:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012/07/25 22:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012/07/25 22:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012/07/25 22:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012/07/25 22:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012/07/25 22:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012/07/25 22:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/07/25 22:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/07/25 21:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012/07/25 21:54:34 | 000,096,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2012/07/25 21:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012/07/25 20:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/07/25 19:29:47 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2012/07/25 19:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012/07/25 19:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012/07/25 19:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012/07/25 19:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012/07/25 19:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012/07/25 19:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012/07/25 19:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012/07/25 19:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012/07/25 19:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012/07/25 19:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012/07/25 19:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012/07/25 19:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012/07/25 19:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012/07/25 19:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/07/25 19:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012/07/25 19:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012/07/25 19:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/07/25 19:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012/07/25 19:25:02 | 000,202,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2012/07/25 19:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012/07/25 19:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012/07/25 19:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012/07/09 05:19:26 | 000,035,496 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\amdkmpfd.sys -- (amdkmpfd)
DRV:64bit: - [2012/06/24 18:24:50 | 000,092,536 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:64bit: - [2012/06/23 06:23:38 | 000,199,008 | ---- | M] (AppEx Networks Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\appexDrv.sys -- (APXACC)
DRV:64bit: - [2012/06/20 11:45:12 | 000,023,448 | R--- | M] (Symantec Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\Drivers\NISx64\1404000.028\symelam.sys -- (SymELAM)
DRV:64bit: - [2012/06/18 03:07:50 | 000,057,000 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2012/06/14 22:50:46 | 000,315,536 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\RtsUVStor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2012/01/18 10:00:00 | 000,102,656 | ---- | M] (Cypherix Software (India) Pvt. Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\cypxdv10.sys -- (cypxdv10)
DRV:64bit: - [2009/09/16 07:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\tap0901t.sys -- (tap0901t)
DRV:64bit: - [2009/03/18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\hamachi.sys -- (hamachi)
DRV - [2013/06/06 19:39:34 | 000,016,056 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys -- (LMIInfo)
DRV - [2012/08/17 18:00:00 | 002,084,000 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20120818.001\EX64.SYS -- (NAVEX15)
DRV - [2012/08/17 18:00:00 | 000,125,600 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20120818.001\ENG64.SYS -- (NAVENG)
DRV - [2012/08/10 10:34:04 | 000,512,672 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\IPSDefs\20120811.001\IDSVia64.sys -- (IDSVia64)
DRV - [2012/08/10 10:28:34 | 001,385,120 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\BASHDefs\20120815.002\BHDrvx64.sys -- (BHDrvx64)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{19A1DE7B-74BD-4E0D-AFC2-D48CA564CD2B}: "URL" = http://www.bing.com/...E10TR&pc=MASMJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{19A1DE7B-74BD-4E0D-AFC2-D48CA564CD2B}: "URL" = http://www.bing.com/...E10TR&pc=MASMJS

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung13.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{059D85AB-FAFC-4F81-902D-061282C5CF18}: "URL" = http://search.yahoo....02,17118,0,25,0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{34712C68-7391-4c47-94F3-8F88D49AD632}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/01/18 12:54:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/01/18 12:54:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\coFFPlgn\ [2013/06/16 22:26:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\IPSFFPlgn\ [2013/05/21 14:39:10 | 000,000,000 | ---D | M]

[2013/04/08 14:57:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Extensions
[2013/04/08 14:57:05 | 000,000,000 | ---D | M] (SpeedAnalysis.com) -- C:\Users\Owner\AppData\Roaming\Mozilla\Extensions\[email protected]

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\PepperFlash\11.7.700.225\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U10 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: RealNetworks™ RealDownloader Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
CHR - plugin: RealNetworks™ RealDownloader HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
CHR - plugin: RealNetworks™ RealDownloader PepperFlashVideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
CHR - plugin: RealDownloader Plugin (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
CHR - plugin: Java Deployment Toolkit 7.0.100.18 (Enabled) = C:\windows\SysWOW64\npDeployJava1.dll
CHR - Extension: RealDownloader = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.0_0\
CHR - Extension: Skype Click to Call = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.9.0.12585_0\
CHR - Extension: Norton Identity Protection = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.4.0.10_0\

O1 HOSTS File: ([2012/07/25 22:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [BtTray] C:\Program Files (x86)\Bluetooth Suite\BtTray.exe (Qualcomm Atheros)
O4:64bit: - HKLM..\Run: [BtvStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Qualcomm Atheros Commnucations)
O4:64bit: - HKLM..\Run: [EKIJ5000StatusMonitor] C:\Windows\SysNative\spool\drivers\x64\3\EKIJ5000MUI.exe (Eastman Kodak Company)
O4:64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [CLMLServer_For_P2G8] C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink)
O4 - HKLM..\Run: [CLVirtualDrive] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [AppEx Accelerator UI] C:\Program Files\AMD Quick Stream\AppexAcceleratorUI.exe (AppEx Networks Corporation)
O4 - HKCU..\Run: [Clownfish] C:\Program Files (x86)\Clownfish\Clownfish.exe (Bogdan Sharkov)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk = C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{26CB76FA-6D03-4545-8CD0-F5CEC635BECE}: DhcpNameServer = 7.254.254.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8334FFF6-FF92-49CE-98B5-740C1C246F26}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{29b40f64-4ebe-11e2-be8c-50b7c353c805}\Shell - "" = AutoRun
O33 - MountPoints2\{29b40f64-4ebe-11e2-be8c-50b7c353c805}\Shell\AutoRun\command - "" = "F:\MotorolaDeviceManagerSetup.exe" -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/12/25 08:37:04 | 000,000,000 | ---D | C] -- C:\windows\pss
[2013/12/25 03:20:54 | 001,139,800 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1404000.028\symefa64.sys
[2013/12/25 03:20:54 | 000,796,760 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1404000.028\srtsp64.sys
[2013/12/25 03:20:54 | 000,493,656 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1404000.028\symds64.sys
[2013/12/25 03:20:54 | 000,433,752 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1404000.028\symnets.sys
[2013/12/25 03:20:54 | 000,036,952 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1404000.028\srtspx64.sys
[2013/12/25 03:20:54 | 000,023,448 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1404000.028\symelam.sys
[2013/12/25 03:20:53 | 000,224,416 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1404000.028\ironx64.sys
[2013/12/25 03:20:53 | 000,169,048 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1404000.028\ccsetx64.sys
[2013/12/25 03:20:29 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\NISx64\1404000.028
[2013/06/19 13:34:58 | 000,000,000 | R--D | C] -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2013/06/18 13:16:15 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/06/12 16:03:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2013/06/12 15:42:01 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\GAMES
[2013/06/10 00:27:47 | 000,000,000 | ---D | C] -- C:\Users\Owner\beyboo2
[2013/06/10 00:21:12 | 000,102,656 | ---- | C] (Cypherix Software (India) Pvt. Ltd.) -- C:\windows\SysNative\drivers\cypxdv10.sys
[2013/06/10 00:21:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cypherix 10
[2013/06/10 00:21:11 | 001,055,072 | ---- | C] (Cypherix Software (India) Pvt. Ltd.) -- C:\windows\SysWow64\cypxsrv10.exe
[2013/06/10 00:21:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cypherix LE 10
[2013/06/09 22:28:59 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\2010-11-26 001
[2013/06/07 22:01:22 | 000,107,368 | ---- | C] (LogMeIn, Inc.) -- C:\windows\SysNative\LMIRfsClientNP.dll
[2013/06/06 19:41:24 | 000,107,368 | ---- | C] (LogMeIn, Inc.) -- C:\windows\SysNative\LMIRfsClientNP.dll.000.bak
[2013/06/06 19:41:23 | 000,100,680 | ---- | C] (LogMeIn, Inc.) -- C:\windows\SysNative\LMIinit.dll
[2013/05/27 12:41:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2013/05/27 12:41:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip
[2013/05/26 13:48:18 | 000,033,856 | -H-- | C] (LogMeIn, Inc.) -- C:\windows\SysNative\hamachi.sys
[2013/05/26 13:48:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2013/05/26 13:47:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2013/05/24 02:08:41 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2
[2013/05/21 14:44:28 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\update [bleep]
[2013/05/21 14:42:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros
[2013/05/21 14:41:57 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Atheros
[2013/05/21 12:32:49 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Samsung
[2013/05/21 12:29:36 | 000,177,312 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\SYMEVENT64x86.SYS
[2013/05/21 12:29:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2013/05/21 12:29:36 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2013/05/21 12:28:01 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\NISx64
[2013/05/21 12:27:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Internet Security
[2013/05/21 12:27:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2013/05/21 12:27:40 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
[2013/05/21 12:23:53 | 003,653,632 | ---- | C] (Qualcomm Atheros Communications, Inc.) -- C:\windows\SysNative\drivers\athw8x.sys
[2013/05/21 12:23:53 | 003,653,632 | ---- | C] (Qualcomm Atheros Communications, Inc.) -- C:\windows\SysNative\athw8x.sys
[2013/05/21 12:20:37 | 000,135,832 | ---- | C] (Qualcomm Atheros) -- C:\windows\SysNative\drivers\btath_rcp.sys
[2013/05/21 12:20:36 | 000,077,464 | ---- | C] (Qualcomm Atheros) -- C:\windows\SysNative\drivers\btath_lwflt.sys
[2013/05/21 12:20:35 | 000,222,360 | ---- | C] (Qualcomm Atheros) -- C:\windows\SysNative\drivers\btath_hid.sys
[2013/05/21 12:20:35 | 000,178,840 | ---- | C] (Qualcomm Atheros) -- C:\windows\SysNative\drivers\btath_hcrp.sys
[2013/05/21 12:20:33 | 000,344,216 | ---- | C] (Qualcomm Atheros) -- C:\windows\SysNative\drivers\btath_a2dp.sys
[2013/05/21 12:20:33 | 000,114,840 | ---- | C] (Qualcomm Atheros) -- C:\windows\SysNative\drivers\btath_avdt.sys
[2013/05/21 12:20:33 | 000,088,728 | ---- | C] (Qualcomm Atheros) -- C:\windows\SysNative\drivers\btath_flt.sys
[2013/05/21 12:20:32 | 000,576,152 | ---- | C] (Qualcomm Atheros) -- C:\windows\SysNative\drivers\btfilter.sys
[2013/05/21 12:20:29 | 000,033,944 | ---- | C] (Qualcomm Atheros) -- C:\windows\SysNative\drivers\btath_bus.sys
[2013/05/21 12:19:40 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Program
[2013/05/21 12:19:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\QCA_Bluetooth
[2013/05/21 12:19:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bluetooth Suite
[2013/05/21 12:14:13 | 000,690,832 | ---- | C] (Realtek ) -- C:\windows\SysNative\drivers\Rt630x64.sys
[2013/05/21 11:10:06 | 002,063,240 | ---- | C] (Samsung Electronics) -- C:\ProgramData\MakeMarkerFile.exe
[2013/05/21 11:00:30 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013/05/21 10:57:35 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\AppEx Networks
[2013/05/21 10:47:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\UEFI WinFlash
[2013/05/21 10:45:52 | 000,199,008 | ---- | C] (AppEx Networks Corporation) -- C:\windows\SysNative\drivers\appexDrv.sys
[2013/05/21 10:45:52 | 000,000,000 | ---D | C] -- C:\Program Files\AMD Quick Stream
[2013/05/21 10:45:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2013/05/21 10:45:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2013/05/21 10:45:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2013/05/21 10:40:23 | 000,534,528 | ---- | C] (AMD) -- C:\windows\SysNative\atieclxx.exe
[2013/05/21 10:40:23 | 000,239,616 | ---- | C] (AMD) -- C:\windows\SysNative\atiesrxx.exe
[2013/05/21 10:40:23 | 000,120,320 | ---- | C] (AMD) -- C:\windows\SysNative\atitmm64.dll
[2013/05/21 10:40:23 | 000,070,144 | ---- | C] (AMD) -- C:\windows\SysNative\coinst_8.982.10.5.dll
[2013/05/21 10:40:23 | 000,021,504 | ---- | C] (AMD) -- C:\windows\SysNative\atimuixx.dll
[2013/05/21 10:40:23 | 000,000,000 | ---D | C] -- C:\CIMTEMP
[1 C:\Users\Owner\*.tmp files -> C:\Users\Owner\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/06/19 23:17:00 | 000,000,924 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/06/19 18:29:42 | 004,352,994 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013/06/19 18:29:42 | 001,305,524 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013/06/19 18:29:42 | 000,005,388 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013/06/19 18:24:46 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/06/19 15:17:01 | 000,000,920 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/06/19 13:06:57 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013/06/19 13:06:55 | 2975,514,624 | -HS- | M] () -- C:\hiberfil.sys
[2013/06/19 12:10:49 | 002,308,669 | ---- | M] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\Cat.DB
[2013/06/19 12:08:02 | 000,000,172 | ---- | M] () -- C:\windows\DeleteOnReboot.bat
[2013/06/18 17:09:25 | 000,177,312 | ---- | M] (Symantec Corporation) -- C:\windows\SysNative\drivers\SYMEVENT64x86.SYS
[2013/06/18 17:09:25 | 000,007,631 | ---- | M] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.CAT
[2013/06/18 17:09:25 | 000,000,854 | ---- | M] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.INF
[2013/06/18 13:44:05 | 000,290,776 | ---- | M] () -- C:\windows\SysWow64\PnkBstrB.xtr
[2013/06/18 13:44:05 | 000,290,776 | ---- | M] () -- C:\windows\SysWow64\PnkBstrB.exe
[2013/06/18 13:03:40 | 000,648,201 | ---- | M] () -- C:\Users\Owner\Desktop\AdwCleaner.exe
[2013/06/17 17:59:34 | 000,290,776 | ---- | M] () -- C:\windows\SysWow64\PnkBstrB.ex0
[2013/06/12 17:41:43 | 000,076,888 | ---- | M] () -- C:\windows\SysWow64\PnkBstrA.exe
[2013/06/10 00:23:29 | 104,857,600 | ---- | M] () -- C:\Users\Owner\Documents\cxl1705
[2013/06/07 21:59:44 | 000,107,368 | ---- | M] (LogMeIn, Inc.) -- C:\windows\SysNative\LMIRfsClientNP.dll
[2013/06/07 21:59:44 | 000,100,680 | ---- | M] (LogMeIn, Inc.) -- C:\windows\SysNative\LMIinit.dll
[2013/06/07 21:59:44 | 000,035,656 | ---- | M] (LogMeIn, Inc.) -- C:\windows\SysNative\LMIport.dll
[2013/06/06 19:39:17 | 000,107,368 | ---- | M] (LogMeIn, Inc.) -- C:\windows\SysNative\LMIRfsClientNP.dll.000.bak
[2013/06/03 23:34:29 | 000,000,172 | ---- | M] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\isolate.ini
[2013/05/26 19:01:53 | 000,006,509 | ---- | M] () -- C:\Users\Owner\AppData\Local\recently-used.xbel
[2013/05/24 02:37:09 | 000,000,044 | ---- | M] () -- C:\Users\Owner\.gtk-bookmarks
[2013/05/23 19:09:47 | 000,008,063 | ---- | M] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\symds64.cat
[2013/05/22 22:25:28 | 001,139,800 | ---- | M] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1404000.028\symefa64.sys
[2013/05/22 22:25:28 | 000,007,587 | ---- | M] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\symefa64.cat
[2013/05/22 22:25:28 | 000,003,434 | ---- | M] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\symefa.inf
[2013/05/21 14:36:00 | 000,427,272 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013/05/21 10:56:22 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\drivers\144D_SAMSUNG_na_355V4_P06A.mrk
[2013/05/21 10:45:52 | 000,000,964 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\AMD Quick Stream.lnk
[1 C:\Users\Owner\*.tmp files -> C:\Users\Owner\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/12/25 03:20:54 | 000,009,670 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\symelam64.cat
[2013/12/25 03:20:54 | 000,008,067 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\symnet64.cat
[2013/12/25 03:20:54 | 000,007,589 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\srtspx64.cat
[2013/12/25 03:20:54 | 000,007,587 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\symefa64.cat
[2013/12/25 03:20:54 | 000,003,434 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\symefa.inf
[2013/12/25 03:20:54 | 000,002,852 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\symds.inf
[2013/12/25 03:20:54 | 000,001,440 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\symnet.inf
[2013/12/25 03:20:54 | 000,001,437 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\srtsp64.inf
[2013/12/25 03:20:54 | 000,001,420 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\srtspx64.inf
[2013/12/25 03:20:54 | 000,000,996 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\symelam.inf
[2013/12/25 03:20:53 | 000,007,667 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\ccsetx64.cat
[2013/12/25 03:20:53 | 000,007,593 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\iron.cat
[2013/12/25 03:20:53 | 000,000,853 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\ccsetx64.inf
[2013/12/25 03:20:53 | 000,000,767 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\iron.inf
[2013/12/25 03:20:29 | 000,014,818 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\symvtcer.dat
[2013/12/25 03:20:29 | 000,008,067 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\srtsp64.cat
[2013/12/25 03:20:29 | 000,008,063 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\symds64.cat
[2013/12/25 03:20:29 | 000,000,172 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\isolate.ini
[2013/06/19 12:10:08 | 002,308,669 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1404000.028\Cat.DB
[2013/06/19 12:07:28 | 000,000,172 | ---- | C] () -- C:\windows\DeleteOnReboot.bat
[2013/06/18 13:44:08 | 000,290,776 | ---- | C] () -- C:\windows\SysWow64\PnkBstrB.exe
[2013/06/18 13:03:37 | 000,648,201 | ---- | C] () -- C:\Users\Owner\Desktop\AdwCleaner.exe
[2013/06/17 17:59:40 | 000,290,776 | ---- | C] () -- C:\windows\SysWow64\PnkBstrB.ex0
[2013/06/12 16:03:36 | 000,076,888 | ---- | C] () -- C:\windows\SysWow64\PnkBstrA.exe
[2013/06/10 00:23:23 | 104,857,600 | ---- | C] () -- C:\Users\Owner\Documents\cxl1705
[2013/05/26 19:01:53 | 000,006,509 | ---- | C] () -- C:\Users\Owner\AppData\Local\recently-used.xbel
[2013/05/26 18:56:12 | 000,001,180 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Express Burn.lnk
[2013/05/26 18:43:34 | 000,001,188 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Doxillion Document Converter.lnk
[2013/05/24 02:37:09 | 000,000,044 | ---- | C] () -- C:\Users\Owner\.gtk-bookmarks
[2013/05/24 02:09:46 | 000,000,896 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
[2013/05/21 14:43:13 | 000,001,206 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\S Agent.lnk
[2013/05/21 14:35:40 | 000,427,272 | ---- | C] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013/05/21 12:29:36 | 000,007,631 | ---- | C] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.CAT
[2013/05/21 12:29:36 | 000,000,854 | ---- | C] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.INF
[2013/05/21 12:23:53 | 000,331,272 | ---- | C] () -- C:\windows\SysNative\athw8x.inf
[2013/05/21 12:23:53 | 000,080,062 | ---- | C] () -- C:\windows\SysNative\athw8x.cat
[2013/05/21 11:10:06 | 000,003,004 | ---- | C] () -- C:\ProgramData\MakeMarkerFile.xml
[2013/05/21 10:56:22 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\drivers\144D_SAMSUNG_na_355V4_P06A.mrk
[2013/05/21 10:45:52 | 000,000,964 | ---- | C] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\AMD Quick Stream.lnk
[2013/05/21 10:40:23 | 000,270,536 | ---- | C] () -- C:\windows\SysWow64\atiapfxx.blb
[2013/05/21 10:40:23 | 000,270,536 | ---- | C] () -- C:\windows\SysNative\atiapfxx.blb
[2013/05/21 10:40:23 | 000,038,316 | ---- | C] () -- C:\windows\atiogl.xml
[2013/05/21 10:38:22 | 000,002,471 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2013/03/02 09:06:15 | 000,000,355 | ---- | C] () -- C:\Users\Owner\Computer - Shortcut (2).lnk
[2013/03/02 09:05:55 | 000,000,355 | ---- | C] () -- C:\Users\Owner\Computer - Shortcut.lnk
[2013/01/10 15:24:50 | 000,083,968 | ---- | C] () -- C:\windows\SysWow64\OEMLicense.dll
[2012/12/14 14:18:44 | 000,002,987 | ---- | C] () -- C:\Users\Owner\Nero Burning ROM 10.lnk
[2012/09/20 00:25:52 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2012/08/07 19:10:24 | 000,204,952 | ---- | C] () -- C:\windows\SysWow64\ativvsvl.dat
[2012/08/07 19:10:24 | 000,157,144 | ---- | C] () -- C:\windows\SysWow64\ativvsva.dat
[2012/07/26 01:13:10 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat
[2012/07/26 01:13:09 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT
[2012/07/26 00:21:26 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2012/07/25 18:17:42 | 000,043,520 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2012/07/25 13:37:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2012/07/25 13:28:31 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
[2012/06/02 07:31:19 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat
[2012/05/10 16:35:16 | 000,029,184 | ---- | C] () -- C:\windows\SysWow64\kdbsdk32.dll
[2011/09/12 03:06:18 | 000,003,917 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat

========== ZeroAccess Check ==========

[2012/12/27 14:38:07 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/03/05 23:31:28 | 019,758,592 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/03/05 22:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/25 20:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/25 20:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/25 20:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/05/17 09:28:51 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\.minecraft
[2013/03/20 19:04:16 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\.spoutcraft
[2012/12/14 18:00:18 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\AVG2013
[2013/01/18 12:51:42 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\DAEMON Tools Pro
[2013/03/23 12:28:25 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Minecraft Version Changer
[2013/02/02 15:31:10 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Raptr
[2013/05/21 12:32:49 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Samsung
[2013/02/13 18:02:31 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Screaming Bee
[2012/12/14 13:41:37 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Synaptics
[2013/05/03 19:21:34 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\TeamViewer
[2013/05/03 19:01:22 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\TS3Client
[2012/12/14 17:56:22 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\TuneUp Software
[2013/05/03 20:56:25 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Tunngle

========== Purity Check ==========



< End of report >


performance is okay on internet, but still below average on gaming, and viewing files
  • 0

#7
Phel
Posted 21 June 2013 - 12:52 PM

Phel

    Trusted Helper

  • Malware Removal
  • 1,386 posts
Please, follow these steps:

Step 1. MBAM scan.

Posted Image Please download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

Step 2. ESET Online Scanner scan.

Please run a free online scan with the ESET Online Scanner

Vista / Win7 users: Right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator.

Note: This scan works with Internet Explorer or Mozilla FireFox.

If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.

  • Click the green ESET Online Scanner box
  • Tick the box next to YES, I accept the Terms of Use
    then click on: Start
  • You may see a panel towards the top of the screen telling you the website wants to install an addon... click and allow it to install. If your firewall asks whether you want to allow installation, say yes.
  • Make sure that the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click on Start
  • The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close, make sure you copy the logfile first!
  • Then click on: Finish
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.

So, please, don't forget to post in your next message:

  • ESET Online Scanner's log
  • MBAM log

  • 0

#8
Essexboy
Posted 07 July 2013 - 03:20 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP