Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

MyPCbackup, linksr pop-up and Toparcadehits virus. Windows 8

Started by granty85 , Aug 09 2013 02:10 AM

Please log in to reply

#1
granty85

Posted 09 August 2013 - 02:10 AM

Member

Member
16 posts

Hi,
Have been reading through a few forum post on trying to rid my laptop of these problems but it gets a bit tricky for me when it comes to registry and stuff like that.

Brand new laptop running Windows 8. Have installed a few programs I always use and rely on, then noticed the MyPCbackup popups. I unistalled MyPCbackup through control panel (though I never installed it in the first place), and then started getting the pop-up window titled linksr as well as the small Toparcadehits pop-up in the bottom right hand cnr of my browser.

I only use Google chrome and I run AVG free, and have also run scans using SuperANTIspyware free and Malwarebytes anti-malware free, both of which found a few things which have been removed but I still get the pop-up windows on most sites I browse with.

Can anyone please help me with either direction to a step by step tutorial or other programs I should run or even some personalised help would be greatly appreciated.

cheers

#2
Phel

Posted 09 August 2013 - 04:11 AM

Trusted Helper

Malware Removal
1,386 posts

Hello, granty85 and welcome to GeeksToGo!

You can call me Phel and today I will help you with your trouble.

Please, read these instructions carefully, because they contain some very useful information.

Please, let me know, if you don't understand something. It is really important to understand any instruction. Also, please read all instructions carefully before performing them. Feel free to ask questions, if you aren't sure.

Please, be patient. You should stay here until your computer will become really clean. Malware Removal isn't very fast procedure, it usually has multiple steps, but result should be glad.

Please note, that my answers could come with a slight delay, because they are checked by my teacher.

To start with I need to get some logs. Please, follow these steps:

Download OTL to your Desktop

Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic

#3
granty85

Posted 10 August 2013 - 12:55 AM

Member

Topic Starter
Member
16 posts

Hi Phel,

Thanks a lot for your help.

OTL logfile created on: 10/08/2013 4:49:00 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\micha_000\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

7.63 Gb Total Physical Memory | 6.02 Gb Available Physical Memory | 78.90% Memory free
15.38 Gb Paging File | 12.91 Gb Available in Paging File | 83.95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 215.66 Gb Total Space | 61.79 Gb Free Space | 28.65% Space Free | Partition Type: NTFS

Computer Name: GRANTYSBABY | User Name: micha_000 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/08/10 16:48:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\micha_000\Downloads\OTL.exe
PRC - [2013/07/25 10:49:49 | 000,846,288 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/07/23 19:09:28 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
PRC - [2013/07/04 15:53:10 | 004,939,312 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
PRC - [2013/07/01 01:46:26 | 004,411,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgui.exe
PRC - [2013/03/19 15:11:24 | 001,594,416 | ---- | M] (Samsung Electronics CO., LTD.) -- C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
PRC - [2013/03/19 15:11:16 | 000,085,040 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
PRC - [2013/03/19 15:10:58 | 002,624,048 | ---- | M] (Samsung Electronics CO., LTD.) -- C:\Program Files (x86)\Samsung\Settings\sSettings.exe
PRC - [2013/03/15 17:14:16 | 003,303,984 | ---- | M] (Samsung Electronics CO., LTD.) -- C:\Program Files (x86)\Samsung\Side Sync\SideSync.exe
PRC - [2013/03/14 14:14:26 | 002,912,304 | ---- | M] (Samsung Electronics CO., LTD.) -- C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe
PRC - [2013/03/07 10:20:50 | 000,310,640 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2013/01/27 06:12:12 | 000,172,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
PRC - [2013/01/15 04:29:52 | 000,366,040 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2013/01/15 04:29:52 | 000,279,000 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2013/01/15 04:29:50 | 000,165,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2013/01/15 04:29:50 | 000,131,032 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2012/09/30 13:01:24 | 001,132,480 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2012/09/30 13:00:56 | 001,112,000 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2012/09/13 18:24:46 | 000,119,808 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\updateui.exe
PRC - [2012/09/13 17:22:20 | 000,649,056 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\ismagent.exe
PRC - [2012/04/24 15:37:56 | 000,169,752 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
PRC - [2012/04/03 23:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

========== Modules (No Company Name) ==========

MOD - [2013/07/25 10:49:46 | 000,396,240 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ppgooglenaclpluginchrome.dll
MOD - [2013/07/25 10:49:45 | 013,599,184 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll
MOD - [2013/07/25 10:49:44 | 004,052,944 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\pdf.dll
MOD - [2013/07/25 10:48:54 | 000,601,552 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\libglesv2.dll
MOD - [2013/07/25 10:48:53 | 000,123,344 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\libegl.dll
MOD - [2013/07/25 10:48:51 | 001,597,392 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ffmpegsumo.dll
MOD - [2013/04/21 21:44:32 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013/04/21 21:44:04 | 001,242,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2013/03/19 15:11:28 | 000,111,152 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
MOD - [2013/03/19 15:11:14 | 000,211,064 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
MOD - [2013/03/19 15:11:02 | 000,060,976 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
MOD - [2013/03/19 15:10:48 | 000,103,984 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
MOD - [2013/03/19 15:10:48 | 000,027,184 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
MOD - [2013/03/15 17:14:16 | 000,192,048 | ---- | M] () -- C:\Program Files (x86)\Samsung\Side Sync\SideSyncNetworkFramework.dll
MOD - [2012/09/13 18:24:46 | 000,119,808 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\updateui.exe
MOD - [2012/09/13 17:23:32 | 000,499,552 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\plugin\PServerPlugin.dll
MOD - [2012/09/13 17:14:24 | 000,015,872 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\featureController.dll
MOD - [2012/09/13 17:13:46 | 000,473,088 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\DeviceProfile.dll
MOD - [2012/09/13 17:12:22 | 000,013,824 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\eventsSender.dll
MOD - [2011/08/17 17:48:24 | 000,322,048 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\log4cplus.dll
MOD - [2011/08/17 17:48:22 | 000,195,584 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\libgsoap.dll
MOD - [2011/08/17 17:41:36 | 000,400,384 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\sqlite3.dll
MOD - [2011/08/15 21:17:30 | 009,224,704 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtGui4.dll
MOD - [2011/08/15 21:15:44 | 000,382,464 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtXml4.dll
MOD - [2011/08/15 21:12:04 | 002,603,520 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtCore4.dll
MOD - [2011/08/15 21:12:04 | 001,006,592 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtNetwork4.dll
MOD - [2011/08/15 20:23:00 | 000,062,464 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\zlib1.dll
MOD - [2011/07/19 17:05:40 | 014,978,048 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtWebKit4.dll
MOD - [2011/07/19 17:04:56 | 000,317,952 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\phonon4.dll

========== Services (SafeList) ==========

SRV:64bit: - [2013/06/01 19:19:58 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/05/24 06:12:02 | 000,143,120 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV:64bit: - [2013/05/04 16:58:02 | 000,470,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/05/04 16:57:05 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013/04/09 14:48:42 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013/03/02 12:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/03/02 12:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/02/17 22:14:38 | 000,099,664 | ---- | M] (ELAN Microelectronics Corp.) [Auto | Running] -- C:\Program Files\Elantech\ETDService.exe -- (ETDService)
SRV:64bit: - [2013/02/13 04:53:50 | 000,770,528 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:64bit: - [2013/02/08 18:40:34 | 003,386,608 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:64bit: - [2013/02/08 18:40:08 | 000,273,136 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2013/02/08 18:39:48 | 000,621,296 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2013/02/08 18:39:14 | 000,149,744 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2013/01/29 11:57:14 | 000,014,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013/01/10 09:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/01/10 09:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2012/12/21 10:15:50 | 000,055,720 | ---- | M] (Condusiv Technologies) [Auto | Running] -- C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe -- (IntelliMemory)
SRV:64bit: - [2012/12/10 15:31:44 | 000,803,872 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel®
SRV:64bit: - [2012/12/10 15:31:28 | 000,732,160 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2012/11/06 14:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012/09/20 19:10:47 | 002,367,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2012/09/20 16:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012/09/12 19:07:06 | 000,135,984 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV:64bit: - [2012/07/26 13:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012/07/26 13:07:42 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2012/07/26 13:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012/07/26 13:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012/07/26 13:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012/07/26 13:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012/07/26 13:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/07/26 13:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012/07/26 13:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012/07/26 13:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012/07/26 13:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012/07/26 10:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012/07/26 10:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012/07/26 10:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012/07/26 10:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012/07/26 10:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012/07/26 10:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV - [2013/07/23 19:09:28 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2013/07/04 15:53:10 | 004,939,312 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013/03/19 15:11:24 | 001,594,416 | ---- | M] (Samsung Electronics CO., LTD.) [Auto | Running] -- C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe -- (Easy Launcher)
SRV - [2013/03/14 14:14:26 | 002,912,304 | ---- | M] (Samsung Electronics CO., LTD.) [Auto | Running] -- C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe -- (SWUpdateService)
SRV - [2013/01/29 12:08:48 | 000,277,488 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013/01/27 06:12:12 | 000,172,104 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor11.0)
SRV - [2013/01/15 04:29:52 | 000,366,040 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2013/01/15 04:29:52 | 000,279,000 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2013/01/15 04:29:50 | 000,165,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2013/01/15 04:29:50 | 000,131,032 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe -- (Intel®
SRV - [2012/11/06 14:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012/09/30 13:01:24 | 001,132,480 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2012/09/30 13:00:56 | 001,112,000 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2012/07/26 13:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012/04/24 15:37:56 | 000,169,752 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2012/04/03 23:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/07/20 01:51:00 | 000,311,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2013/07/20 01:50:56 | 000,246,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2013/07/20 01:50:56 | 000,071,480 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2013/07/20 01:50:50 | 000,206,648 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2013/07/10 01:32:38 | 000,045,880 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2013/07/09 01:28:50 | 000,248,632 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avgwfpa.sys -- (Avgwfpa)
DRV:64bit: - [2013/07/01 01:45:28 | 000,116,536 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2013/06/01 21:54:16 | 000,194,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013/06/01 21:29:35 | 000,337,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013/06/01 21:29:35 | 000,213,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013/06/01 13:08:26 | 000,117,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\BthA2DP.sys -- (BthA2DP)
DRV:64bit: - [2013/05/04 17:34:17 | 000,446,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013/05/04 17:34:15 | 000,284,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013/03/02 20:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/03/02 20:45:20 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/03/02 20:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/02/22 19:07:16 | 003,311,072 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NETwew00.sys -- (NETwNe64)
DRV:64bit: - [2013/02/17 22:14:14 | 000,355,664 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\ETD.sys -- (ETD)
DRV:64bit: - [2013/02/17 21:58:40 | 000,020,336 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\ETDSMBus.sys -- (ETDSMBus)
DRV:64bit: - [2013/02/13 04:54:38 | 000,164,832 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2013/02/13 04:54:38 | 000,164,832 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2013/02/02 17:25:23 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/01/29 11:57:05 | 000,035,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013/01/29 09:08:22 | 000,230,904 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013/01/23 11:22:50 | 000,342,528 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2013/01/16 13:30:34 | 005,358,464 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2013/01/10 11:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2012/12/21 10:15:58 | 000,104,872 | ---- | M] (Condusiv Technologies) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\intmsd.sys -- (intmsd)
DRV:64bit: - [2012/12/21 10:15:58 | 000,029,096 | ---- | M] (Condusiv Technologies) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\intmfs.sys -- (intmfs)
DRV:64bit: - [2012/11/27 13:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012/11/20 14:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012/11/19 13:10:38 | 000,652,344 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012/11/06 13:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012/10/26 04:17:44 | 000,020,912 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\avgboota.sys -- (Avgboota)
DRV:64bit: - [2012/10/12 18:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/10/11 17:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012/10/11 17:13:49 | 000,058,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2012/10/09 19:48:50 | 000,035,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2012/10/09 19:48:50 | 000,025,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2012/10/09 19:48:48 | 000,188,896 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\xHCIPort.sys -- (XHCIPort)
DRV:64bit: - [2012/10/09 19:48:48 | 000,047,072 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\usb3Hub.sys -- (usb3Hub)
DRV:64bit: - [2012/10/01 15:41:40 | 001,337,216 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2012/10/01 15:41:38 | 000,132,480 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2012/09/20 17:55:30 | 000,120,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2012/09/20 17:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012/09/20 17:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012/09/07 02:25:26 | 000,719,504 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/08/10 04:01:00 | 000,056,336 | ---- | M] (Corel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2012/08/06 12:07:08 | 000,068,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\iBtFltCoex.sys -- (ibtfltcoex)
DRV:64bit: - [2012/07/27 22:00:03 | 000,023,408 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\RadioHIDMini.sys -- (RadioHIDMini)
DRV:64bit: - [2012/07/26 15:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/07/26 15:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012/07/26 15:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012/07/26 15:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012/07/26 15:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012/07/26 15:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012/07/26 15:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012/07/26 15:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012/07/26 15:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012/07/26 15:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012/07/26 15:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012/07/26 15:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012/07/26 15:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012/07/26 15:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012/07/26 15:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012/07/26 15:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/07/26 15:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/07/26 14:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012/07/26 14:54:34 | 000,096,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2012/07/26 14:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012/07/26 13:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/07/26 12:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012/07/26 12:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012/07/26 12:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012/07/26 12:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012/07/26 12:28:02 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\acpials.sys -- (acpials)
DRV:64bit: - [2012/07/26 12:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012/07/26 12:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012/07/26 12:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012/07/26 12:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012/07/26 12:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012/07/26 12:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012/07/26 12:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012/07/26 12:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012/07/26 12:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012/07/26 12:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/07/26 12:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012/07/26 12:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012/07/26 12:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/07/26 12:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012/07/26 12:25:02 | 000,202,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2012/07/26 12:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012/07/26 12:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012/07/26 12:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012/07/13 12:56:32 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011/07/23 02:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/13 07:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2010/07/02 03:11:24 | 000,012,352 | ---- | M] () [Kernel | "Start" not found. | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2013/05/10 08:13:02 | 000,015,144 | ---- | M] (Windows ® 2003 DDK 3790 provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\rtport.sys -- (rtport)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {B0EF3AC5-F159-422D-9315-0B656270F517}
IE:64bit: - HKLM\..\SearchScopes\{B0EF3AC5-F159-422D-9315-0B656270F517}: "URL" = http://www.bing.com/...E10TR&pc=MASMJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {B0EF3AC5-F159-422D-9315-0B656270F517}
IE - HKLM\..\SearchScopes\{B0EF3AC5-F159-422D-9315-0B656270F517}: "URL" = http://www.bing.com/...E10TR&pc=MASMJS

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung13.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://samsung13.msn.com
IE - HKCU\..\SearchScopes,DefaultScope = {B0EF3AC5-F159-422D-9315-0B656270F517}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

[2013/08/05 15:57:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\micha_000\AppData\Roaming\Mozilla\Extensions

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - Extension: Google Docs = C:\Users\micha_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\micha_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\micha_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Kingdom Rush = C:\Users\micha_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckmfhhjalnddapegkbbohfaodgbnocim\1.0.7.3_0\
CHR - Extension: Google Search = C:\Users\micha_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: AdBlock = C:\Users\micha_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.4_0\
CHR - Extension: TopArcadeHits = C:\Users\micha_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdgdlcjhlbaphcjmagicjhhgfnkiihp\1.0.0_0\
CHR - Extension: Google Mail Checker = C:\Users\micha_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: Check My Links = C:\Users\micha_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojkcdipcgfaekbeaelaapakgnjflfglf\3.3.4_0\
CHR - Extension: Gmail = C:\Users\micha_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/07/26 15:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll (Motorola Solutions, Inc.)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVBg_SRSSA] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm ()
O8 - Extra context menu item: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{68E3AFC4-82E3-40D4-AAF5-6C6C888AF391}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/08/08 20:43:29 | 000,000,000 | R--D | C] -- C:\Users\micha_000\Documents\Documents
[2013/08/08 18:11:24 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Roaming\Malwarebytes
[2013/08/08 18:11:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/08/08 18:11:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/08/08 18:11:06 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2013/08/08 18:11:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/08/08 18:10:38 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Local\Programs
[2013/08/08 17:47:03 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Roaming\SUPERAntiSpyware.com
[2013/08/08 17:46:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2013/08/08 17:46:35 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2013/08/08 17:46:35 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2013/08/08 17:35:12 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
[2013/08/08 17:35:12 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker
[2013/08/07 18:29:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
[2013/08/07 16:13:07 | 000,000,000 | ---D | C] -- C:\windows\SysNative\MRT
[2013/08/06 18:13:19 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Local\CrashDumps
[2013/08/05 16:07:01 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Roaming\vlc
[2013/08/05 16:02:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013/08/05 16:02:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2013/08/05 15:59:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyPC Backup
[2013/08/05 15:57:42 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Roaming\Mozilla
[2013/08/05 15:52:00 | 000,000,000 | ---D | C] -- C:\Users\micha_000\Documents\CyberLink
[2013/08/05 15:52:00 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Roaming\CyberLink
[2013/08/05 15:40:09 | 000,000,000 | ---D | C] -- C:\windows\Minidump
[2013/08/01 17:46:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZipGenius 6
[2013/08/01 17:46:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZipGenius 6
[2013/08/01 17:46:05 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Roaming\Apple Computer
[2013/08/01 17:46:05 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Local\Apple Computer
[2013/08/01 17:46:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/08/01 17:46:00 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/08/01 17:45:59 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/08/01 17:45:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013/08/01 17:45:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2013/08/01 17:45:59 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013/08/01 17:45:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2013/08/01 17:45:51 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Local\Apple
[2013/08/01 17:45:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2013/08/01 17:45:43 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2013/08/01 17:45:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2013/08/01 17:45:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2013/08/01 17:45:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2013/08/01 17:08:22 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SoulseekQt
[2013/08/01 17:08:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SoulseekQt
[2013/08/01 17:02:29 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Roaming\Nico Mak Computing
[2013/08/01 17:02:27 | 000,019,840 | ---- | C] (WinZip Computing, S.L.(WinZip Computing)) -- C:\windows\SysNative\roboot64.exe
[2013/08/01 16:58:32 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Roaming\BitTorrent
[2013/08/01 16:45:29 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2013/08/01 16:32:30 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Local\bitcasa
[2013/08/01 16:19:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2013/08/01 16:17:47 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Roaming\AVG2013
[2013/08/01 16:17:04 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Roaming\TuneUp Software
[2013/08/01 16:17:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2013/08/01 16:16:58 | 000,000,000 | -H-D | C] -- C:\$AVG
[2013/08/01 16:16:58 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013
[2013/08/01 16:16:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2013/08/01 16:06:58 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013/08/01 16:06:58 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Local\MFAData
[2013/08/01 16:06:58 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2013/08/01 16:06:58 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Local\Avg2013
[2013/08/01 15:52:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/08/01 15:51:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013/08/01 15:50:52 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Local\Google
[2013/08/01 15:50:25 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Local\Deployment
[2013/08/01 15:50:25 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Local\Apps
[2013/08/01 15:48:39 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Roaming\Macromedia
[2013/08/01 15:31:04 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Local\Samsung
[2013/08/01 15:30:37 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Local\Absolute_Software
[2013/08/01 15:30:15 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Local\Adobe
[2013/08/01 15:29:57 | 000,000,000 | R--D | C] -- C:\Users\micha_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013/08/01 15:29:57 | 000,000,000 | R--D | C] -- C:\Users\micha_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013/08/01 15:29:56 | 000,000,000 | R--D | C] -- C:\Users\micha_000\Searches
[2013/08/01 15:29:56 | 000,000,000 | R--D | C] -- C:\Users\micha_000\Contacts
[2013/08/01 15:29:56 | 000,000,000 | -H-D | C] -- C:\Users\micha_000\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2013/08/01 15:29:56 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Roaming\Adobe
[2013/08/01 15:29:37 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Local\VirtualStore
[2013/08/01 15:29:34 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Local\Packages
[2013/08/01 15:29:32 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Roaming\Intel
[2013/08/01 15:29:01 | 000,000,000 | --SD | C] -- C:\Users\micha_000\AppData\Roaming\Microsoft
[2013/08/01 15:29:01 | 000,000,000 | R--D | C] -- C:\Users\micha_000\Videos
[2013/08/01 15:29:01 | 000,000,000 | R--D | C] -- C:\Users\micha_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2013/08/01 15:29:01 | 000,000,000 | R--D | C] -- C:\Users\micha_000\Saved Games
[2013/08/01 15:29:01 | 000,000,000 | R--D | C] -- C:\Users\micha_000\Pictures
[2013/08/01 15:29:01 | 000,000,000 | R--D | C] -- C:\Users\micha_000\Music
[2013/08/01 15:29:01 | 000,000,000 | R--D | C] -- C:\Users\micha_000\Links
[2013/08/01 15:29:01 | 000,000,000 | R--D | C] -- C:\Users\micha_000\Favorites
[2013/08/01 15:29:01 | 000,000,000 | R--D | C] -- C:\Users\micha_000\Downloads
[2013/08/01 15:29:01 | 000,000,000 | R--D | C] -- C:\Users\micha_000\Documents
[2013/08/01 15:29:01 | 000,000,000 | R--D | C] -- C:\Users\micha_000\Desktop
[2013/08/01 15:29:01 | 000,000,000 | R--D | C] -- C:\Users\micha_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013/08/01 15:29:01 | 000,000,000 | R--D | C] -- C:\Users\micha_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2013/08/01 15:29:01 | 000,000,000 | -HSD | C] -- C:\Users\micha_000\AppData\Local\Temporary Internet Files
[2013/08/01 15:29:01 | 000,000,000 | -HSD | C] -- C:\Users\micha_000\Templates
[2013/08/01 15:29:01 | 000,000,000 | -HSD | C] -- C:\Users\micha_000\Start Menu
[2013/08/01 15:29:01 | 000,000,000 | -HSD | C] -- C:\Users\micha_000\SendTo
[2013/08/01 15:29:01 | 000,000,000 | -HSD | C] -- C:\Users\micha_000\Recent
[2013/08/01 15:29:01 | 000,000,000 | -HSD | C] -- C:\Users\micha_000\PrintHood
[2013/08/01 15:29:01 | 000,000,000 | -HSD | C] -- C:\Users\micha_000\NetHood
[2013/08/01 15:29:01 | 000,000,000 | -HSD | C] -- C:\Users\micha_000\Documents\My Videos
[2013/08/01 15:29:01 | 000,000,000 | -HSD | C] -- C:\Users\micha_000\Documents\My Pictures
[2013/08/01 15:29:01 | 000,000,000 | -HSD | C] -- C:\Users\micha_000\Documents\My Music
[2013/08/01 15:29:01 | 000,000,000 | -HSD | C] -- C:\Users\micha_000\My Documents
[2013/08/01 15:29:01 | 000,000,000 | -HSD | C] -- C:\Users\micha_000\Local Settings
[2013/08/01 15:29:01 | 000,000,000 | -HSD | C] -- C:\Users\micha_000\AppData\Local\History
[2013/08/01 15:29:01 | 000,000,000 | -HSD | C] -- C:\Users\micha_000\Cookies
[2013/08/01 15:29:01 | 000,000,000 | -HSD | C] -- C:\Users\micha_000\Application Data
[2013/08/01 15:29:01 | 000,000,000 | -HSD | C] -- C:\Users\micha_000\AppData\Local\Application Data
[2013/08/01 15:29:01 | 000,000,000 | -H-D | C] -- C:\Users\micha_000\AppData
[2013/08/01 15:29:01 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Local\Temp
[2013/08/01 15:29:01 | 000,000,000 | ---D | C] -- C:\Users\micha_000\Roaming
[2013/08/01 15:29:01 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Local\Microsoft
[2013/08/01 15:29:01 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013/07/20 01:51:00 | 000,311,608 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgloga.sys
[2013/07/20 01:50:56 | 000,246,072 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgidsdrivera.sys
[2013/07/20 01:50:56 | 000,071,480 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgidsha.sys
[2013/07/20 01:50:50 | 000,206,648 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgldx64.sys
[2013/04/12 12:09:44 | 002,064,264 | ---- | C] (Samsung Electronics) -- C:\ProgramData\MakeMarkerFile.exe
[1 C:\windows\SysNative\*.tmp files -> C:\windows\SysNative\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/08/10 16:47:05 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/08/09 18:56:00 | 000,000,928 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/08/09 15:56:00 | 000,000,924 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/08/08 20:42:29 | 004,579,878 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013/08/08 20:42:29 | 000,803,478 | ---- | M] () -- C:\windows\SysNative\perfh00C.dat
[2013/08/08 20:42:29 | 000,799,202 | ---- | M] () -- C:\windows\SysNative\perfh015.dat
[2013/08/08 20:42:29 | 000,799,006 | ---- | M] () -- C:\windows\SysNative\perfh013.dat
[2013/08/08 20:42:29 | 000,755,256 | ---- | M] () -- C:\windows\SysNative\perfh007.dat
[2013/08/08 20:42:29 | 000,723,700 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013/08/08 20:42:29 | 000,163,620 | ---- | M] () -- C:\windows\SysNative\perfc015.dat
[2013/08/08 20:42:29 | 000,162,810 | ---- | M] () -- C:\windows\SysNative\perfc013.dat
[2013/08/08 20:42:29 | 000,159,584 | ---- | M] () -- C:\windows\SysNative\perfc007.dat
[2013/08/08 20:42:29 | 000,159,308 | ---- | M] () -- C:\windows\SysNative\perfc00C.dat
[2013/08/08 20:42:29 | 000,136,838 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013/08/08 18:59:16 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013/08/08 18:59:15 | 2259,492,863 | -HS- | M] () -- C:\hiberfil.sys
[2013/08/08 18:11:08 | 000,001,137 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/08/08 17:46:39 | 000,001,828 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2013/08/05 15:56:36 | 000,001,045 | ---- | M] () -- C:\Users\micha_000\Desktop\SoulseekQt - Shortcut.lnk
[2013/08/05 15:44:38 | 003,293,480 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013/08/05 15:40:08 | 935,517,302 | ---- | M] () -- C:\windows\MEMORY.DMP
[2013/08/01 17:46:57 | 000,001,101 | ---- | M] () -- C:\Users\Public\Desktop\ZipGenius 6.lnk
[2013/08/01 17:46:04 | 000,001,793 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/08/01 17:01:41 | 000,000,841 | ---- | M] () -- C:\Users\micha_000\Desktop\BitTorrent.lnk
[2013/08/01 17:01:41 | 000,000,821 | ---- | M] () -- C:\Users\micha_000\Application Data\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk
[2013/08/01 16:40:40 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2013/08/01 16:37:01 | 000,002,291 | ---- | M] () -- C:\Users\micha_000\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/08/01 16:17:04 | 000,000,975 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2013/08/01 15:52:40 | 000,002,267 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/08/01 15:48:33 | 000,001,436 | ---- | M] () -- C:\Users\micha_000\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/08/01 15:30:34 | 000,000,000 | ---- | M] () -- C:\Users\micha_000\AppData\Roaming\AbsoluteReminder.xml
[2013/08/01 15:30:08 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\drivers\144D_SAMSUNG_na_900X3C_P07A.mrk
[2013/07/20 01:51:00 | 000,311,608 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgloga.sys
[2013/07/20 01:50:56 | 000,246,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgidsdrivera.sys
[2013/07/20 01:50:56 | 000,071,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgidsha.sys
[2013/07/20 01:50:50 | 000,206,648 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgldx64.sys
[1 C:\windows\SysNative\*.tmp files -> C:\windows\SysNative\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/08/08 18:11:08 | 000,001,137 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/08/08 17:46:39 | 000,001,828 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2013/08/05 16:10:33 | 000,386,642 | ---- | C] () -- C:\windows\SysNative\ApnDatabase.xml
[2013/08/05 15:56:36 | 000,001,045 | ---- | C] () -- C:\Users\micha_000\Desktop\SoulseekQt - Shortcut.lnk
[2013/08/05 15:44:35 | 003,293,480 | ---- | C] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013/08/01 17:46:57 | 000,001,101 | ---- | C] () -- C:\Users\Public\Desktop\ZipGenius 6.lnk
[2013/08/01 17:46:04 | 000,001,793 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/08/01 17:45:51 | 000,002,563 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2013/08/01 17:01:41 | 000,000,841 | ---- | C] () -- C:\Users\micha_000\Desktop\BitTorrent.lnk
[2013/08/01 17:01:41 | 000,000,821 | ---- | C] () -- C:\Users\micha_000\Application Data\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk
[2013/08/01 16:40:40 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2013/08/01 16:17:04 | 000,000,975 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2013/08/01 15:52:40 | 000,002,291 | ---- | C] () -- C:\Users\micha_000\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/08/01 15:52:40 | 000,002,267 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/08/01 15:51:04 | 000,000,928 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/08/01 15:51:04 | 000,000,924 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/08/01 15:48:33 | 000,001,436 | ---- | C] () -- C:\Users\micha_000\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/08/01 15:30:34 | 000,001,202 | ---- | C] () -- C:\Users\micha_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\S Agent.lnk
[2013/08/01 15:30:34 | 000,000,000 | ---- | C] () -- C:\Users\micha_000\AppData\Roaming\AbsoluteReminder.xml
[2013/08/01 15:30:12 | 000,001,249 | ---- | C] () -- C:\Users\micha_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RtkGUI.lnk
[2013/08/01 15:30:08 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\drivers\144D_SAMSUNG_na_900X3C_P07A.mrk
[2013/08/01 15:29:56 | 000,001,442 | ---- | C] () -- C:\Users\micha_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013/08/01 15:29:01 | 000,000,352 | ---- | C] () -- C:\Users\micha_000\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013/08/01 15:29:01 | 000,000,334 | ---- | C] () -- C:\Users\micha_000\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2013/04/12 12:09:44 | 000,003,004 | ---- | C] () -- C:\ProgramData\MakeMarkerFile.xml
[2013/04/12 12:04:51 | 000,000,002 | ---- | C] () -- C:\windows\HotFixList.ini
[2013/04/12 11:07:52 | 000,083,968 | ---- | C] () -- C:\windows\SysWow64\OEMLicense.dll
[2013/02/07 15:27:32 | 000,030,568 | ---- | C] () -- C:\windows\MusiccityDownload.exe
[2013/02/07 15:27:28 | 000,974,848 | ---- | C] () -- C:\windows\SysWow64\cis-2.4.dll
[2013/02/07 15:27:28 | 000,081,920 | ---- | C] () -- C:\windows\SysWow64\issacapi_bs-2.3.dll
[2013/02/07 15:27:28 | 000,065,536 | ---- | C] () -- C:\windows\SysWow64\issacapi_pe-2.3.dll
[2013/02/07 15:27:28 | 000,057,344 | ---- | C] () -- C:\windows\SysWow64\issacapi_se-2.3.dll
[2013/01/30 18:06:21 | 000,598,384 | ---- | C] () -- C:\windows\SysWow64\igvpkrng700.bin
[2013/01/30 18:06:21 | 000,272,928 | ---- | C] () -- C:\windows\SysWow64\igvpkrng600.bin
[2013/01/30 18:06:19 | 000,064,512 | ---- | C] () -- C:\windows\SysWow64\igdde32.dll
[2013/01/30 18:06:18 | 000,963,452 | ---- | C] () -- C:\windows\SysWow64\igcodeckrng600.bin
[2013/01/30 18:06:18 | 000,754,652 | ---- | C] () -- C:\windows\SysWow64\igcodeckrng700.bin
[2012/12/10 15:12:50 | 000,001,536 | ---- | C] () -- C:\windows\SysWow64\IusEventLog.dll
[2012/07/26 18:13:10 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat
[2012/07/26 18:13:09 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT
[2012/07/26 17:21:26 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2012/07/26 11:17:42 | 000,043,520 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2012/07/26 06:37:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2012/07/26 06:28:31 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
[2012/06/03 00:31:19 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat

========== ZeroAccess Check ==========

[2013/08/05 15:59:45 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/03/06 16:31:28 | 019,758,592 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/03/06 15:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/26 13:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/26 13:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/26 13:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/08/01 16:17:47 | 000,000,000 | ---D | M] -- C:\Users\micha_000\AppData\Roaming\AVG2013
[2013/08/07 18:19:17 | 000,000,000 | ---D | M] -- C:\Users\micha_000\AppData\Roaming\BitTorrent
[2013/08/01 17:04:29 | 000,000,000 | ---D | M] -- C:\Users\micha_000\AppData\Roaming\Nico Mak Computing
[2013/08/01 16:17:04 | 000,000,000 | ---D | M] -- C:\Users\micha_000\AppData\Roaming\TuneUp Software

========== Purity Check ==========

< End of report >

OTL Extras logfile created on: 10/08/2013 4:49:00 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\micha_000\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

7.63 Gb Total Physical Memory | 6.02 Gb Available Physical Memory | 78.90% Memory free
15.38 Gb Paging File | 12.91 Gb Available in Paging File | 83.95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 215.66 Gb Total Space | 61.79 Gb Free Space | 28.65% Space Free | Partition Type: NTFS

Computer Name: GRANTYSBABY | User Name: micha_000 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1D86CA1D-810D-471E-BB51-4AE98E52AB74}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{9B8DBEAE-81F7-4412-974E-0442F8B39FC2}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01659208-5F24-4365-AF9A-3DA25A8F2383}" = dir=out | name=@{microsoft.bingweather_1.5.1.245_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{1000C7F3-2F20-46A1-8F36-7DAE69E9B6A3}" = protocol=17 | dir=in | app=c:\program files\condusiv technologies\intellimemory\intellimem.exe |
"{11487D4D-09BB-4936-9F22-E57A7F29E398}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{1582456B-171F-4D89-89AD-E74303EB8BB3}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |
"{1AB8A29B-BB79-404E-992D-869C35A66D24}" = dir=out | name=@{microsoft.bingmaps_1.5.1.240_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{23910356-9279-4F5F-905E-8C5BDEF75134}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{3049406F-7800-47CC-8468-DF96D0838A8D}" = dir=in | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{3F34EAA0-FEDA-4605-B5AA-3279F31E8309}" = dir=out | name=@{microsoft.skypeapp_1.1.0.25_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{52252771-1575-41C7-BBD9-3F6BE56877B6}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{54063515-796F-429C-8723-FEB1CC14FBE2}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{5D557FFD-8275-4753-825C-ECF9853BEF03}" = protocol=6 | dir=in | app=c:\users\micha_000\appdata\roaming\bittorrent\bittorrent.exe |
"{5EE082F6-DC96-4CAC-8BD0-66CF613E4728}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |
"{6C36F42F-AA5C-4B11-9859-2390921FC845}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{7011FAAA-3A06-447C-8D98-5D2A592ACCE1}" = dir=in | app=c:\program files\intel corporation\intel widi\widiapp.exe |
"{7EF47D86-1FFE-4FDA-91A2-595DADAC9DD9}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{8418AD3B-0F75-48D6-86D8-CC1AF608741A}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |
"{927B2356-4697-4D5E-AB58-BE0AC2C09965}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe |
"{9A77C909-DC8D-4E2F-8682-5629E4B182E5}" = dir=out | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{B2338F05-3B6C-4D46-90AA-20E068BCDB3D}" = dir=out | name=s camera |
"{C1B97CAA-A3A6-44C9-BEA5-DEF4C06BCDD4}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{C54B03F6-B47A-411B-8FEB-493D9B28722D}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{CCFC3E8F-DEB5-4E56-9956-BF53B67206EF}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{D154D4AB-37B8-497B-AE97-53AC2C1685ED}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |
"{DA23B796-343C-40AD-85C0-028969F2C05D}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{E6B6C6D0-7829-438A-ABD2-2CC13F60B695}" = dir=in | name=@{microsoft.skypeapp_1.1.0.25_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{E9F22B77-28B1-4A6A-A448-9FE96428ED0B}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe |
"{EDE528D1-A73C-4CB7-969C-EA94E3C42938}" = protocol=6 | dir=in | app=c:\program files\condusiv technologies\intellimemory\intellimem.exe |
"{EF71935D-321E-4025-BD0C-58B06EFC08AE}" = protocol=17 | dir=in | app=c:\users\micha_000\appdata\roaming\bittorrent\bittorrent.exe |
"{F10E9D01-EA7E-4693-B16E-20F4BBCE2AF8}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{FA40A11E-71C9-4DB1-94C8-616EADF9B620}" = dir=out | name=windows_ie_ac_001 |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{22B32087-797D-4A1B-AFA7-072C87580ADC}" = Help Desk
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{39648D75-C1D7-4590-8A83-0A160AF3FFA3}" = S Agent
"{40320F22-7D70-49DB-9D66-B6FAE5F36B47}" = IntelliMemory
"{4FF9E8AA-D554-4CE7-89F9-B69DAA5A1E98}" = AVG 2013
"{6097158B-0184-4140-BEC3-7885794D2571}" = Intel® WiDi
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{76FF0F03-B707-4332-B5D1-A56C8303514E}" = iTunes
"{7C6CD9B4-B230-4E76-80AA-FB465FF4DE29}" = Intel® PROSet/Wireless WiFi Software Driver
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8EC7C961-2CD2-49DC-8F39-75E9CD20BB19}" = Support Center
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A94C50AA-21E8-4627-ADD0-E16A07030D7D}" = Intel® PROSet/Wireless for Bluetooth® + High Speed
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DA2600C1-6BDF-4FD1-8F3D-148929CC1385}" = Intel® PROSet/Wireless Software for Bluetooth® Technology
"{DEF50764-F1A7-4DD4-B8BA-C81A4807631A}" = Intel® PROSet/Wireless WiFi Software
"{E74BF83C-2CA5-48EF-901F-959309E7D9EC}" = AVG 2013
"{F842F8B0-6942-4930-821F-543E976B2C66}" = MSVCRT110_amd64
"{FA00A3CC-7440-4938-A271-F186F50DD40D}" = Intel® Trusted Connect Service Client
"AVG" = AVG 2013
"Elantech" = ETDWare X64 11.7.9.5_WHQL
"Unlocker" = Unlocker 1.9.2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00AA59D7-B92D-4A06-8D06-0596081C0E68}" = Photo Gallery
"{02F04AFA-243D-4E6A-9556-60F8D2539547}" = Support Center FAQ
"{1057511B-F8FE-4230-9ED3-AB949A57EE4A}" = Windows Live PIMT Platform
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Recovery
"{16040885-C382-4BFC-95D0-23F58BF9D943}" = User Guide
"{1D181764-DCD0-41B8-AA7B-0A599F027A72}" = Adobe Photoshop Elements 11
"{29315CEC-E6CE-4394-84DC-6F862E8D9A52}" = Windows Live UX Platform
"{2AE414B5-7FE6-49A3-93C8-D864162CDEBC}" = Windows Live UX Platform Language Pack
"{2D416A80-0BB1-4D8B-B770-7BE8F53D5937}" = Windows Live UX Platform Language Pack
"{2FAFE37E-D796-47B8-BA8F-D09819B12DF6}" = Windows Live Essentials
"{34BEB782-66B1-4772-8E3E-71B758BA848B}" = Side Sync
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{40F55150-F43D-4C9F-9A00-1A0A6F1EB7F0}" = Movie Maker
"{46316411-80D8-4F68-8118-696E05FCE199}" = Windows Live Essentials
"{4689F012-C8E3-4F6E-BDEF-13671D53A6DC}" = Windows Live UX Platform Language Pack
"{4F9A382F-4478-4036-905C-F77DF2EA0370}" = Windows Live SOXE
"{4FA8F084-C42F-45E1-B7E5-E0C8A1083DC5}" = Windows Live SOXE Definitions
"{5CC4C963-F772-4766-BFF2-DE551E205EE9}" = Photo Common
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{60A1253C-2D51-4166-95C2-52E9CF4F8D64}" = Photo Gallery
"{618F39BD-9720-47CF-A89C-108AB41B1493}" = Windows Live UX Platform Language Pack
"{64DF7404-9D46-44AF-AFA1-A2F8D5648C2D}" = Windows Live Photo Common
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{66792BEC-2401-4DEC-AD4E-BEBFD9EF7F8D}" = SW Update
"{698ED639-3A26-49EF-B1EF-CD89CB97C778}" = Windows Live Essentials
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{76EE8FE7-1957-4C51-9074-4930A8CFB1AF}" = Windows Live Installer
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78F35489-621D-4FFD-BCE7-2C7C3897E47C}" = Windows Live
"{7914488D-F56B-464F-B735-F8E972E5E208}" = Photo Common
"{7F682A00-6497-4551-A2A6-063AE667D1CF}" = Movie Maker
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{87d45b7e-19da-4dd5-9214-5e0d587c312f}" = Intel® PROSet/Wireless Software
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8CB5C357-12E5-41B1-A024-D57D4E6F32D9}" = Settings
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8EEED220-D348-4F49-8C82-B11F6C5450C7}" = Movie Maker
"{90150000-0138-0409-0000-0000000FF1CE}" = Microsoft Office
"{90B936B2-33E6-4FE8-9A64-08EEB42AF2B1}" = Podstawowe programy Windows Live
"{96AA21F4-C8CE-4380-995A-992536463263}" = Galeria fotografii
"{9846E46F-07E0-4BDF-985A-E3FBA8C15877}" = Movie Maker
"{98CE8819-87AA-4814-8167-ADDDD513485F}" = PSE11 STI Installer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B2E55F8-5BA8-4A45-9682-ACB6F2CC0DA5}" = Photo Gallery
"{A6C48A9F-694A-4234-B3AA-62590B668927}" = Intel® Manageability Engine Firmware Recovery Agent
"{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}" = Easy File Share
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.3) MUI
"{B19E03EA-067C-412F-A81E-271720E601AB}" = Fotogalerie
"{B27FA0A3-D80F-41A9-8BAD-C5F2D859AB22}" = Photo Common
"{BA73469B-D8C7-4FE3-B33C-1340D09F0709}" = Windows Live Communications Platform
"{CCDB7ADB-1643-4C30-B39D-1562CFE51420}" = Movie Maker
"{D48BCCD6-D2E2-42F4-B8E8-D7BC10C568EC}" = Windows Live UX Platform Language Pack
"{D4D065E1-3ABF-41D0-B385-FC6F027F4D00}" = Elements 11 Organizer
"{D531FC91-6F4E-49A7-B912-15289D05B6F8}" = Photo Common
"{D71BC54E-A4E6-4E06-866C-FD6EE16EA187}" = Movie Maker
"{D77A6FED-256C-4E2F-9873-59C92C854A4E}" = Photo Common
"{DF02C515-40B5-45AC-A601-5DC69D03885C}" = Phone Screen Sharing
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E44F8A34-529E-4318-A0E1-1893C337A47F}" = SRS Premium Sound
"{EC3B598C-1151-4191-B5B4-A9072ADE6259}_is1" = ZipGenius 6.3
"{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}" = E-POP
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel® SDK for OpenCL - CPU Only Runtime Package
"{FE8DFDD0-A543-4A83-B7A9-C411138194D5}" = Galerie de photos
"Adobe Photoshop Elements 11" = Adobe Photoshop Elements 11
"Google Chrome" = Google Chrome
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"SoulseekQt" = SoulseekQt
"VLC media player" = VLC media player 2.0.8
"WinLiveSuite" = Podstawowe programy Windows Live

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent

========== Last 20 Event Log Errors ==========

[ System Events ]
Error - 5/08/2013 1:40:09 AM | Computer Name = GrantysBaby | Source = EventLog | ID = 6008
Description = The previous system shutdown at 3:23:44 PM on ?5/?08/?2013 was unexpected.

Error - 5/08/2013 1:40:10 AM | Computer Name = GrantysBaby | Source = BugCheck | ID = 1001
Description =

Error - 5/08/2013 1:42:27 AM | Computer Name = GrantysBaby | Source = Service Control Manager | ID = 7023
Description = The Security Center service terminated with the following error: %%32

Error - 5/08/2013 1:42:27 AM | Computer Name = GrantysBaby | Source = Service Control Manager | ID = 7000
Description = The Windows Search service failed to start due to the following error:
%%32

Error - 5/08/2013 1:43:26 AM | Computer Name = GrantysBaby | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
error: %%5

Error - 5/08/2013 1:44:12 AM | Computer Name = GrantysBaby | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
error: %%5

Error - 5/08/2013 1:00:26 PM | Computer Name = GrantysBaby | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x8024200d: Update for Microsoft Camera Codec Pack for Windows 8 for
x64-based Systems (KB2859541).

Error - 7/08/2013 11:54:06 PM | Computer Name = GrantysBaby | Source = DCOM | ID = 10016
Description =

Error - 8/08/2013 2:35:42 AM | Computer Name = GrantysBaby | Source = DCOM | ID = 10016
Description =

Error - 8/08/2013 4:58:56 AM | Computer Name = GrantysBaby | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
error: %%5

< End of report >

#4
granty85

Posted 10 August 2013 - 01:11 AM

Member

Topic Starter
Member
16 posts

Hi Phel,

I forgot to mention I use two external hard drives with this laptop. Do I need to include them in this process?

#5
Phel

Posted 10 August 2013 - 01:27 AM

Trusted Helper

Malware Removal
1,386 posts

No, now it's not needed, OTL log is enough to help you.

#6
Phel

Posted 10 August 2013 - 11:56 AM

Trusted Helper

Malware Removal
1,386 posts

Sorry for delay.

Step 1. AdwCleaner scan.

Please, download AdwCleaner from here to your Desktop.
Right click on adwcleaner.exe file on your Desktop->Run as Administrator.
Adwcleaner window should appear.
Click on the Delete button.
Click on OK.
Computer will be rebooted automatically, when program will finish it's job.
After fix Notepad window with report should appear. Post the contents of the report in your next message.

Step 2. Uninstall Chrome extension.

Launch your Google Chrome browser.
In the address bar type the following:

chrome:extensions
Extension list will appear.
Find there TopArcadeHits extension.
Click on the recycle bin icon near it (uninstall it).
Restart your browser.

Step 3. OTL fix.

Run OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following

:OTL
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
[2013/08/05 15:59:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyPC Backup
[2013/08/01 17:02:29 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Roaming\Nico Mak Computing
[2013/08/01 17:02:27 | 000,019,840 | ---- | C] (WinZip Computing, S.L.(WinZip Computing)) -- C:\windows\SysNative\roboot64.exe

:Commands
[EMPTYTEMP]

Then click the Run Fix button at the top
Let the program run unhindered, reboot the PC when it is done
Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

So, please, don't forget to post in your next message:

AdwCleaner log
OTL log

#7
granty85

Posted 10 August 2013 - 07:53 PM

Member

Topic Starter
Member
16 posts

All processes killed
========== OTL ==========
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
C:\Program Files (x86)\MyPC Backup folder moved successfully.
C:\Users\micha_000\AppData\Roaming\Nico Mak Computing folder moved successfully.
C:\Windows\SysNative\roboot64.exe moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: EasySurvey

User: Guest
->Temp folder emptied: 3281 bytes
->Temporary Internet Files folder emptied: 56068 bytes

User: micha_000
->Temp folder emptied: 821847 bytes
->Temporary Internet Files folder emptied: 6578254 bytes
->Google Chrome cache emptied: 345479898 bytes
->Flash cache emptied: 492 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 7300096 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1134404 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 194642 bytes
RecycleBin emptied: 37199064 bytes

Total Files Cleaned = 380.00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 08112013_114919

Files\Folders moved on Reboot...
C:\Users\micha_000\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

# AdwCleaner v2.306 - Logfile created 08/11/2013 at 11:43:48
# Updated 19/07/2013 by Xplode
# Operating system : Windows 8 (64 bits)
# User : micha_000 - GRANTYSBABY
# Boot Mode : Normal
# Running from : C:\Users\micha_000\Downloads\adwcleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

***** [Registry] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16537

[OK] Registry is clean.

-\\ Google Chrome v28.0.1500.95

File : C:\Users\micha_000\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [1241 octets] - [11/08/2013 11:43:48]

########## EOF - C:\AdwCleaner[S1].txt - [1301 octets] ##########

#8
granty85

Posted 10 August 2013 - 07:55 PM

Member

Topic Starter
Member
16 posts

Also Toparcadehits extension was removed

#9
Phel

Posted 11 August 2013 - 10:49 AM

Trusted Helper

Malware Removal
1,386 posts

How your computer is running now?

Step 1. AdwCleaner scan.

Right click on adwcleaner.exe file on your Desktop->Run as Administrator.
Adwcleaner window should appear.
Click on the Delete button.
Click on OK.
Computer will be rebooted automatically, when program will finish it's job.

After reboot:

Right click on adwcleaner.exe file on your Desktop->Run as Administrator.
AdwCleaner window should appear.
Click on the Search button.
After scan Notepad window with report should appear. Post the contents of the report in your next message.

Step 2. OTL scan.

Open OTL again.
Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open notepad window - OTL.Txt. This is saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of this file, one at a time and post them in your topic.

So, please, don't forget to post in your next message:

AdwCleaner log
OTL log

#10
granty85

Posted 12 August 2013 - 12:38 AM

Member

Topic Starter
Member
16 posts

Hi Phel,

It seems to be running with no pop-ups now, so far so good.

# AdwCleaner v2.306 - Logfile created 08/12/2013 at 16:23:33
# Updated 19/07/2013 by Xplode
# Operating system : Windows 8 (64 bits)
# User : micha_000 - GRANTYSBABY
# Boot Mode : Normal
# Running from : C:\Users\micha_000\Desktop\adwcleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

***** [Registry] *****

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16537

[OK] Registry is clean.

-\\ Google Chrome v28.0.1500.95

File : C:\Users\micha_000\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [1368 octets] - [11/08/2013 11:44:06]
AdwCleaner[S2].txt - [705 octets] - [12/08/2013 16:23:33]

########## EOF - C:\AdwCleaner[S2].txt - [764 octets] ##########

# AdwCleaner v2.306 - Logfile created 08/12/2013 at 16:25:52
# Updated 19/07/2013 by Xplode
# Operating system : Windows 8 (64 bits)
# User : micha_000 - GRANTYSBABY
# Boot Mode : Normal
# Running from : C:\Users\micha_000\Desktop\adwcleaner.exe
# Option [Search]

***** [Services] *****

***** [Files / Folders] *****

***** [Registry] *****

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16537

[OK] Registry is clean.

-\\ Google Chrome v28.0.1500.95

File : C:\Users\micha_000\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [645 octets] - [12/08/2013 16:25:52]
AdwCleaner[S1].txt - [1368 octets] - [11/08/2013 11:44:06]
AdwCleaner[S2].txt - [832 octets] - [12/08/2013 16:23:46]

########## EOF - C:\AdwCleaner[R1].txt - [823 octets] ##########

OTL logfile created on: 12/08/2013 4:29:10 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\micha_000\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

7.63 Gb Total Physical Memory | 3.60 Gb Available Physical Memory | 47.16% Memory free
15.38 Gb Paging File | 11.16 Gb Available in Paging File | 72.54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 215.66 Gb Total Space | 61.87 Gb Free Space | 28.69% Space Free | Partition Type: NTFS

Computer Name: GRANTYSBABY | User Name: micha_000 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/08/10 16:48:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\micha_000\Desktop\OTL.exe
PRC - [2013/07/25 10:49:49 | 000,846,288 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/07/23 19:09:28 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
PRC - [2013/07/04 15:53:10 | 004,939,312 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
PRC - [2013/07/01 01:46:26 | 004,411,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgui.exe
PRC - [2013/03/19 15:11:24 | 001,594,416 | ---- | M] (Samsung Electronics CO., LTD.) -- C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
PRC - [2013/03/19 15:11:16 | 000,085,040 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
PRC - [2013/03/19 15:10:58 | 002,624,048 | ---- | M] (Samsung Electronics CO., LTD.) -- C:\Program Files (x86)\Samsung\Settings\sSettings.exe
PRC - [2013/03/15 17:14:16 | 003,303,984 | ---- | M] (Samsung Electronics CO., LTD.) -- C:\Program Files (x86)\Samsung\Side Sync\SideSync.exe
PRC - [2013/03/14 14:14:26 | 002,912,304 | ---- | M] (Samsung Electronics CO., LTD.) -- C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe
PRC - [2013/03/07 10:20:50 | 000,310,640 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2013/01/27 06:12:12 | 000,172,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
PRC - [2013/01/15 04:29:52 | 000,366,040 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2013/01/15 04:29:52 | 000,279,000 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2013/01/15 04:29:50 | 000,165,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2013/01/15 04:29:50 | 000,131,032 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2012/09/30 13:01:24 | 001,132,480 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2012/09/30 13:00:56 | 001,112,000 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2012/04/24 15:37:56 | 000,169,752 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
PRC - [2012/04/03 23:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

========== Modules (No Company Name) ==========

MOD - [2013/07/25 10:49:46 | 000,396,240 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ppgooglenaclpluginchrome.dll
MOD - [2013/07/25 10:49:44 | 004,052,944 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\pdf.dll
MOD - [2013/07/25 10:48:54 | 000,601,552 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\libglesv2.dll
MOD - [2013/07/25 10:48:53 | 000,123,344 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\libegl.dll
MOD - [2013/07/25 10:48:51 | 001,597,392 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ffmpegsumo.dll
MOD - [2013/04/21 21:44:32 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013/04/21 21:44:04 | 001,242,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2013/03/19 15:11:28 | 000,111,152 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
MOD - [2013/03/19 15:11:14 | 000,211,064 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
MOD - [2013/03/19 15:11:02 | 000,060,976 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
MOD - [2013/03/19 15:10:48 | 000,103,984 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
MOD - [2013/03/19 15:10:48 | 000,027,184 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
MOD - [2013/03/15 17:14:16 | 000,192,048 | ---- | M] () -- C:\Program Files (x86)\Samsung\Side Sync\SideSyncNetworkFramework.dll

========== Services (SafeList) ==========

SRV:64bit: - [2013/06/01 19:19:58 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/05/24 06:12:02 | 000,143,120 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV:64bit: - [2013/05/04 16:58:02 | 000,470,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/05/04 16:57:05 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013/04/09 14:48:42 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013/03/02 12:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/03/02 12:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/02/17 22:14:38 | 000,099,664 | ---- | M] (ELAN Microelectronics Corp.) [Auto | Running] -- C:\Program Files\Elantech\ETDService.exe -- (ETDService)
SRV:64bit: - [2013/02/13 04:53:50 | 000,770,528 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:64bit: - [2013/02/08 18:40:34 | 003,386,608 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:64bit: - [2013/02/08 18:40:08 | 000,273,136 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2013/02/08 18:39:48 | 000,621,296 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2013/02/08 18:39:14 | 000,149,744 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2013/01/29 11:57:14 | 000,014,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013/01/10 09:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/01/10 09:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2012/12/21 10:15:50 | 000,055,720 | ---- | M] (Condusiv Technologies) [Auto | Running] -- C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe -- (IntelliMemory)
SRV:64bit: - [2012/12/10 15:31:44 | 000,803,872 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel®
SRV:64bit: - [2012/12/10 15:31:28 | 000,732,160 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2012/11/06 14:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012/09/20 19:10:47 | 002,367,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2012/09/20 16:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012/09/12 19:07:06 | 000,135,984 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV:64bit: - [2012/07/26 13:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012/07/26 13:07:42 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2012/07/26 13:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012/07/26 13:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012/07/26 13:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012/07/26 13:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012/07/26 13:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/07/26 13:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012/07/26 13:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012/07/26 13:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012/07/26 13:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012/07/26 10:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012/07/26 10:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012/07/26 10:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012/07/26 10:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012/07/26 10:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012/07/26 10:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV - [2013/07/23 19:09:28 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2013/07/04 15:53:10 | 004,939,312 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013/03/19 15:11:24 | 001,594,416 | ---- | M] (Samsung Electronics CO., LTD.) [Auto | Running] -- C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe -- (Easy Launcher)
SRV - [2013/03/14 14:14:26 | 002,912,304 | ---- | M] (Samsung Electronics CO., LTD.) [Auto | Running] -- C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe -- (SWUpdateService)
SRV - [2013/01/29 12:08:48 | 000,277,488 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013/01/27 06:12:12 | 000,172,104 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor11.0)
SRV - [2013/01/15 04:29:52 | 000,366,040 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2013/01/15 04:29:52 | 000,279,000 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2013/01/15 04:29:50 | 000,165,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2013/01/15 04:29:50 | 000,131,032 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe -- (Intel®
SRV - [2012/11/06 14:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012/09/30 13:01:24 | 001,132,480 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2012/09/30 13:00:56 | 001,112,000 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2012/07/26 13:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012/04/24 15:37:56 | 000,169,752 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2012/04/03 23:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/07/20 01:51:00 | 000,311,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2013/07/20 01:50:56 | 000,246,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2013/07/20 01:50:56 | 000,071,480 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2013/07/20 01:50:50 | 000,206,648 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2013/07/10 01:32:38 | 000,045,880 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2013/07/09 01:28:50 | 000,248,632 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avgwfpa.sys -- (Avgwfpa)
DRV:64bit: - [2013/07/01 01:45:28 | 000,116,536 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2013/06/01 21:54:16 | 000,194,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013/06/01 21:29:35 | 000,337,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013/06/01 21:29:35 | 000,213,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013/06/01 13:08:26 | 000,117,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\BthA2DP.sys -- (BthA2DP)
DRV:64bit: - [2013/05/04 17:34:17 | 000,446,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013/05/04 17:34:15 | 000,284,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013/03/02 20:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/03/02 20:45:20 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/03/02 20:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/02/22 19:07:16 | 003,311,072 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NETwew00.sys -- (NETwNe64)
DRV:64bit: - [2013/02/17 22:14:14 | 000,355,664 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\ETD.sys -- (ETD)
DRV:64bit: - [2013/02/17 21:58:40 | 000,020,336 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\ETDSMBus.sys -- (ETDSMBus)
DRV:64bit: - [2013/02/13 04:54:38 | 000,164,832 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2013/02/13 04:54:38 | 000,164,832 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2013/02/02 17:25:23 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/01/29 11:57:05 | 000,035,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013/01/29 09:08:22 | 000,230,904 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013/01/23 11:22:50 | 000,342,528 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2013/01/16 13:30:34 | 005,358,464 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2013/01/10 11:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2012/12/21 10:15:58 | 000,104,872 | ---- | M] (Condusiv Technologies) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\intmsd.sys -- (intmsd)
DRV:64bit: - [2012/12/21 10:15:58 | 000,029,096 | ---- | M] (Condusiv Technologies) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\intmfs.sys -- (intmfs)
DRV:64bit: - [2012/11/27 13:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012/11/20 14:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012/11/19 13:10:38 | 000,652,344 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012/11/06 13:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012/10/26 04:17:44 | 000,020,912 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\avgboota.sys -- (Avgboota)
DRV:64bit: - [2012/10/12 18:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/10/11 17:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012/10/11 17:13:49 | 000,058,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2012/10/09 19:48:50 | 000,035,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2012/10/09 19:48:50 | 000,025,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2012/10/09 19:48:48 | 000,188,896 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\xHCIPort.sys -- (XHCIPort)
DRV:64bit: - [2012/10/09 19:48:48 | 000,047,072 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\usb3Hub.sys -- (usb3Hub)
DRV:64bit: - [2012/10/01 15:41:40 | 001,337,216 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2012/10/01 15:41:38 | 000,132,480 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2012/09/20 17:55:30 | 000,120,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2012/09/20 17:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012/09/20 17:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012/09/07 02:25:26 | 000,719,504 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/08/10 04:01:00 | 000,056,336 | ---- | M] (Corel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2012/08/06 12:07:08 | 000,068,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\iBtFltCoex.sys -- (ibtfltcoex)
DRV:64bit: - [2012/07/27 22:00:03 | 000,023,408 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\RadioHIDMini.sys -- (RadioHIDMini)
DRV:64bit: - [2012/07/26 15:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/07/26 15:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012/07/26 15:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012/07/26 15:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012/07/26 15:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012/07/26 15:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012/07/26 15:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012/07/26 15:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012/07/26 15:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012/07/26 15:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012/07/26 15:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012/07/26 15:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012/07/26 15:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012/07/26 15:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012/07/26 15:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012/07/26 15:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/07/26 15:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/07/26 14:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012/07/26 14:54:34 | 000,096,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2012/07/26 14:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012/07/26 13:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/07/26 12:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012/07/26 12:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012/07/26 12:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012/07/26 12:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012/07/26 12:28:02 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\acpials.sys -- (acpials)
DRV:64bit: - [2012/07/26 12:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012/07/26 12:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012/07/26 12:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012/07/26 12:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012/07/26 12:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012/07/26 12:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012/07/26 12:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012/07/26 12:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012/07/26 12:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012/07/26 12:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/07/26 12:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012/07/26 12:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012/07/26 12:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/07/26 12:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012/07/26 12:25:02 | 000,202,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2012/07/26 12:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012/07/26 12:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012/07/26 12:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012/07/13 12:56:32 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011/07/23 02:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/13 07:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2010/07/02 03:11:24 | 000,012,352 | ---- | M] () [Kernel | "Start" not found. | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2013/05/10 08:13:02 | 000,015,144 | ---- | M] (Windows ® 2003 DDK 3790 provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\rtport.sys -- (rtport)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{B0EF3AC5-F159-422D-9315-0B656270F517}: "URL" = http://www.bing.com/...E10TR&pc=MASMJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{B0EF3AC5-F159-422D-9315-0B656270F517}: "URL" = http://www.bing.com/...E10TR&pc=MASMJS

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung13.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://samsung13.msn.com
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

[2013/08/05 15:57:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\micha_000\AppData\Roaming\Mozilla\Extensions

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - Extension: Google Docs = C:\Users\micha_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\micha_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\micha_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Kingdom Rush = C:\Users\micha_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckmfhhjalnddapegkbbohfaodgbnocim\1.0.7.3_0\
CHR - Extension: Google Search = C:\Users\micha_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: AdBlock = C:\Users\micha_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.4_0\
CHR - Extension: Google Mail Checker = C:\Users\micha_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: Check My Links = C:\Users\micha_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojkcdipcgfaekbeaelaapakgnjflfglf\3.3.4_0\
CHR - Extension: Gmail = C:\Users\micha_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/07/26 15:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll (Motorola Solutions, Inc.)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVBg_SRSSA] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm ()
O8 - Extra context menu item: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{68E3AFC4-82E3-40D4-AAF5-6C6C888AF391}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/08/11 11:49:19 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/08/10 16:48:09 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\micha_000\Desktop\OTL.exe
[2013/08/08 20:43:29 | 000,000,000 | R--D | C] -- C:\Users\micha_000\Documents\Documents
[2013/08/08 18:11:24 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Roaming\Malwarebytes
[2013/08/08 18:11:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/08/08 18:11:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/08/08 18:11:06 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2013/08/08 18:11:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/08/08 18:10:38 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Local\Programs
[2013/08/08 17:47:03 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Roaming\SUPERAntiSpyware.com
[2013/08/08 17:46:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2013/08/08 17:46:35 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2013/08/08 17:46:35 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2013/08/08 17:35:12 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
[2013/08/08 17:35:12 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker
[2013/08/07 18:29:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
[2013/08/07 16:13:07 | 000,000,000 | ---D | C] -- C:\windows\SysNative\MRT
[2013/08/06 18:13:19 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Local\CrashDumps
[2013/08/05 16:07:01 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Roaming\vlc
[2013/08/05 16:02:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013/08/05 16:02:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2013/08/05 15:57:42 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Roaming\Mozilla
[2013/08/05 15:52:00 | 000,000,000 | ---D | C] -- C:\Users\micha_000\Documents\CyberLink
[2013/08/05 15:52:00 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Roaming\CyberLink
[2013/08/05 15:40:09 | 000,000,000 | ---D | C] -- C:\windows\Minidump
[2013/08/01 17:46:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZipGenius 6
[2013/08/01 17:46:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZipGenius 6
[2013/08/01 17:46:05 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Roaming\Apple Computer
[2013/08/01 17:46:05 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Local\Apple Computer
[2013/08/01 17:46:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/08/01 17:46:00 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/08/01 17:45:59 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/08/01 17:45:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013/08/01 17:45:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2013/08/01 17:45:59 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013/08/01 17:45:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2013/08/01 17:45:51 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Local\Apple
[2013/08/01 17:45:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2013/08/01 17:45:43 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2013/08/01 17:45:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2013/08/01 17:45:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2013/08/01 17:45:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2013/08/01 17:08:22 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SoulseekQt
[2013/08/01 17:08:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SoulseekQt
[2013/08/01 16:58:32 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Roaming\BitTorrent
[2013/08/01 16:45:29 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2013/08/01 16:32:30 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Local\bitcasa
[2013/08/01 16:19:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2013/08/01 16:17:47 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Roaming\AVG2013
[2013/08/01 16:17:04 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Roaming\TuneUp Software
[2013/08/01 16:17:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2013/08/01 16:16:58 | 000,000,000 | -H-D | C] -- C:\$AVG
[2013/08/01 16:16:58 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013
[2013/08/01 16:16:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2013/08/01 16:06:58 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013/08/01 16:06:58 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Local\MFAData
[2013/08/01 16:06:58 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2013/08/01 16:06:58 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Local\Avg2013
[2013/08/01 15:52:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/08/01 15:51:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013/08/01 15:50:52 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Local\Google
[2013/08/01 15:50:25 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Local\Deployment
[2013/08/01 15:50:25 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Local\Apps
[2013/08/01 15:48:39 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Roaming\Macromedia
[2013/08/01 15:31:04 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Local\Samsung
[2013/08/01 15:30:37 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Local\Absolute_Software
[2013/08/01 15:30:15 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Local\Adobe
[2013/08/01 15:29:57 | 000,000,000 | R--D | C] -- C:\Users\micha_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013/08/01 15:29:57 | 000,000,000 | R--D | C] -- C:\Users\micha_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013/08/01 15:29:56 | 000,000,000 | R--D | C] -- C:\Users\micha_000\Searches
[2013/08/01 15:29:56 | 000,000,000 | R--D | C] -- C:\Users\micha_000\Contacts
[2013/08/01 15:29:56 | 000,000,000 | -H-D | C] -- C:\Users\micha_000\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2013/08/01 15:29:56 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Roaming\Adobe
[2013/08/01 15:29:37 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Local\VirtualStore
[2013/08/01 15:29:34 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Local\Packages
[2013/08/01 15:29:32 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Roaming\Intel
[2013/08/01 15:29:01 | 000,000,000 | --SD | C] -- C:\Users\micha_000\AppData\Roaming\Microsoft
[2013/08/01 15:29:01 | 000,000,000 | R--D | C] -- C:\Users\micha_000\Videos
[2013/08/01 15:29:01 | 000,000,000 | R--D | C] -- C:\Users\micha_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2013/08/01 15:29:01 | 000,000,000 | R--D | C] -- C:\Users\micha_000\Saved Games
[2013/08/01 15:29:01 | 000,000,000 | R--D | C] -- C:\Users\micha_000\Pictures
[2013/08/01 15:29:01 | 000,000,000 | R--D | C] -- C:\Users\micha_000\Music
[2013/08/01 15:29:01 | 000,000,000 | R--D | C] -- C:\Users\micha_000\Links
[2013/08/01 15:29:01 | 000,000,000 | R--D | C] -- C:\Users\micha_000\Favorites
[2013/08/01 15:29:01 | 000,000,000 | R--D | C] -- C:\Users\micha_000\Downloads
[2013/08/01 15:29:01 | 000,000,000 | R--D | C] -- C:\Users\micha_000\Documents
[2013/08/01 15:29:01 | 000,000,000 | R--D | C] -- C:\Users\micha_000\Desktop
[2013/08/01 15:29:01 | 000,000,000 | R--D | C] -- C:\Users\micha_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013/08/01 15:29:01 | 000,000,000 | R--D | C] -- C:\Users\micha_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2013/08/01 15:29:01 | 000,000,000 | -HSD | C] -- C:\Users\micha_000\AppData\Local\Temporary Internet Files
[2013/08/01 15:29:01 | 000,000,000 | -HSD | C] -- C:\Users\micha_000\Templates
[2013/08/01 15:29:01 | 000,000,000 | -HSD | C] -- C:\Users\micha_000\Start Menu
[2013/08/01 15:29:01 | 000,000,000 | -HSD | C] -- C:\Users\micha_000\SendTo
[2013/08/01 15:29:01 | 000,000,000 | -HSD | C] -- C:\Users\micha_000\Recent
[2013/08/01 15:29:01 | 000,000,000 | -HSD | C] -- C:\Users\micha_000\PrintHood
[2013/08/01 15:29:01 | 000,000,000 | -HSD | C] -- C:\Users\micha_000\NetHood
[2013/08/01 15:29:01 | 000,000,000 | -HSD | C] -- C:\Users\micha_000\Documents\My Videos
[2013/08/01 15:29:01 | 000,000,000 | -HSD | C] -- C:\Users\micha_000\Documents\My Pictures
[2013/08/01 15:29:01 | 000,000,000 | -HSD | C] -- C:\Users\micha_000\Documents\My Music
[2013/08/01 15:29:01 | 000,000,000 | -HSD | C] -- C:\Users\micha_000\My Documents
[2013/08/01 15:29:01 | 000,000,000 | -HSD | C] -- C:\Users\micha_000\Local Settings
[2013/08/01 15:29:01 | 000,000,000 | -HSD | C] -- C:\Users\micha_000\AppData\Local\History
[2013/08/01 15:29:01 | 000,000,000 | -HSD | C] -- C:\Users\micha_000\Cookies
[2013/08/01 15:29:01 | 000,000,000 | -HSD | C] -- C:\Users\micha_000\Application Data
[2013/08/01 15:29:01 | 000,000,000 | -HSD | C] -- C:\Users\micha_000\AppData\Local\Application Data
[2013/08/01 15:29:01 | 000,000,000 | -H-D | C] -- C:\Users\micha_000\AppData
[2013/08/01 15:29:01 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Local\Temp
[2013/08/01 15:29:01 | 000,000,000 | ---D | C] -- C:\Users\micha_000\Roaming
[2013/08/01 15:29:01 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Local\Microsoft
[2013/08/01 15:29:01 | 000,000,000 | ---D | C] -- C:\Users\micha_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013/07/20 01:51:00 | 000,311,608 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgloga.sys
[2013/07/20 01:50:56 | 000,246,072 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgidsdrivera.sys
[2013/07/20 01:50:56 | 000,071,480 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgidsha.sys
[2013/07/20 01:50:50 | 000,206,648 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgldx64.sys
[2013/04/12 12:09:44 | 002,064,264 | ---- | C] (Samsung Electronics) -- C:\ProgramData\MakeMarkerFile.exe

========== Files - Modified Within 30 Days ==========

[2013/08/12 16:28:28 | 004,579,878 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013/08/12 16:28:28 | 000,803,478 | ---- | M] () -- C:\windows\SysNative\perfh00C.dat
[2013/08/12 16:28:28 | 000,799,202 | ---- | M] () -- C:\windows\SysNative\perfh015.dat
[2013/08/12 16:28:28 | 000,799,006 | ---- | M] () -- C:\windows\SysNative\perfh013.dat
[2013/08/12 16:28:28 | 000,755,256 | ---- | M] () -- C:\windows\SysNative\perfh007.dat
[2013/08/12 16:28:28 | 000,723,700 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013/08/12 16:28:28 | 000,163,620 | ---- | M] () -- C:\windows\SysNative\perfc015.dat
[2013/08/12 16:28:28 | 000,162,810 | ---- | M] () -- C:\windows\SysNative\perfc013.dat
[2013/08/12 16:28:28 | 000,159,584 | ---- | M] () -- C:\windows\SysNative\perfc007.dat
[2013/08/12 16:28:28 | 000,159,308 | ---- | M] () -- C:\windows\SysNative\perfc00C.dat
[2013/08/12 16:28:28 | 000,136,838 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013/08/12 16:26:20 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/08/12 16:24:31 | 000,000,924 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/08/12 16:24:19 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013/08/12 16:24:18 | 2259,492,863 | -HS- | M] () -- C:\hiberfil.sys
[2013/08/11 11:56:00 | 000,000,928 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/08/11 11:43:32 | 000,666,633 | ---- | M] () -- C:\Users\micha_000\Desktop\adwcleaner.exe
[2013/08/10 16:48:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\micha_000\Desktop\OTL.exe
[2013/08/08 18:11:08 | 000,001,137 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/08/08 17:46:39 | 000,001,828 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2013/08/05 15:56:36 | 000,001,045 | ---- | M] () -- C:\Users\micha_000\Desktop\SoulseekQt - Shortcut.lnk
[2013/08/05 15:44:38 | 003,293,480 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013/08/05 15:40:08 | 935,517,302 | ---- | M] () -- C:\windows\MEMORY.DMP
[2013/08/01 17:46:57 | 000,001,101 | ---- | M] () -- C:\Users\Public\Desktop\ZipGenius 6.lnk
[2013/08/01 17:46:04 | 000,001,793 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/08/01 17:01:41 | 000,000,841 | ---- | M] () -- C:\Users\micha_000\Desktop\BitTorrent.lnk
[2013/08/01 17:01:41 | 000,000,821 | ---- | M] () -- C:\Users\micha_000\Application Data\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk
[2013/08/01 16:40:40 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2013/08/01 16:37:01 | 000,002,291 | ---- | M] () -- C:\Users\micha_000\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/08/01 16:17:04 | 000,000,975 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2013/08/01 15:52:40 | 000,002,267 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/08/01 15:48:33 | 000,001,436 | ---- | M] () -- C:\Users\micha_000\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/08/01 15:30:34 | 000,000,000 | ---- | M] () -- C:\Users\micha_000\AppData\Roaming\AbsoluteReminder.xml
[2013/08/01 15:30:08 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\drivers\144D_SAMSUNG_na_900X3C_P07A.mrk
[2013/07/20 01:51:00 | 000,311,608 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgloga.sys
[2013/07/20 01:50:56 | 000,246,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgidsdrivera.sys
[2013/07/20 01:50:56 | 000,071,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgidsha.sys
[2013/07/20 01:50:50 | 000,206,648 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgldx64.sys

========== Files Created - No Company Name ==========

[2013/08/11 11:43:27 | 000,666,633 | ---- | C] () -- C:\Users\micha_000\Desktop\adwcleaner.exe
[2013/08/08 18:11:08 | 000,001,137 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/08/08 17:46:39 | 000,001,828 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2013/08/05 16:10:33 | 000,386,642 | ---- | C] () -- C:\windows\SysNative\ApnDatabase.xml
[2013/08/05 15:56:36 | 000,001,045 | ---- | C] () -- C:\Users\micha_000\Desktop\SoulseekQt - Shortcut.lnk
[2013/08/05 15:44:35 | 003,293,480 | ---- | C] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013/08/01 17:46:57 | 000,001,101 | ---- | C] () -- C:\Users\Public\Desktop\ZipGenius 6.lnk
[2013/08/01 17:46:04 | 000,001,793 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/08/01 17:45:51 | 000,002,563 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2013/08/01 17:01:41 | 000,000,841 | ---- | C] () -- C:\Users\micha_000\Desktop\BitTorrent.lnk
[2013/08/01 17:01:41 | 000,000,821 | ---- | C] () -- C:\Users\micha_000\Application Data\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk
[2013/08/01 16:40:40 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2013/08/01 16:17:04 | 000,000,975 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2013/08/01 15:52:40 | 000,002,291 | ---- | C] () -- C:\Users\micha_000\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/08/01 15:52:40 | 000,002,267 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/08/01 15:51:04 | 000,000,928 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/08/01 15:51:04 | 000,000,924 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/08/01 15:48:33 | 000,001,436 | ---- | C] () -- C:\Users\micha_000\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/08/01 15:30:34 | 000,001,202 | ---- | C] () -- C:\Users\micha_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\S Agent.lnk
[2013/08/01 15:30:34 | 000,000,000 | ---- | C] () -- C:\Users\micha_000\AppData\Roaming\AbsoluteReminder.xml
[2013/08/01 15:30:12 | 000,001,249 | ---- | C] () -- C:\Users\micha_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RtkGUI.lnk
[2013/08/01 15:30:08 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\drivers\144D_SAMSUNG_na_900X3C_P07A.mrk
[2013/08/01 15:29:56 | 000,001,442 | ---- | C] () -- C:\Users\micha_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013/08/01 15:29:01 | 000,000,352 | ---- | C] () -- C:\Users\micha_000\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013/08/01 15:29:01 | 000,000,334 | ---- | C] () -- C:\Users\micha_000\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2013/04/12 12:09:44 | 000,003,004 | ---- | C] () -- C:\ProgramData\MakeMarkerFile.xml
[2013/04/12 12:04:51 | 000,000,002 | ---- | C] () -- C:\windows\HotFixList.ini
[2013/04/12 11:07:52 | 000,083,968 | ---- | C] () -- C:\windows\SysWow64\OEMLicense.dll
[2013/02/07 15:27:32 | 000,030,568 | ---- | C] () -- C:\windows\MusiccityDownload.exe
[2013/02/07 15:27:28 | 000,974,848 | ---- | C] () -- C:\windows\SysWow64\cis-2.4.dll
[2013/02/07 15:27:28 | 000,081,920 | ---- | C] () -- C:\windows\SysWow64\issacapi_bs-2.3.dll
[2013/02/07 15:27:28 | 000,065,536 | ---- | C] () -- C:\windows\SysWow64\issacapi_pe-2.3.dll
[2013/02/07 15:27:28 | 000,057,344 | ---- | C] () -- C:\windows\SysWow64\issacapi_se-2.3.dll
[2013/01/30 18:06:21 | 000,598,384 | ---- | C] () -- C:\windows\SysWow64\igvpkrng700.bin
[2013/01/30 18:06:21 | 000,272,928 | ---- | C] () -- C:\windows\SysWow64\igvpkrng600.bin
[2013/01/30 18:06:19 | 000,064,512 | ---- | C] () -- C:\windows\SysWow64\igdde32.dll
[2013/01/30 18:06:18 | 000,963,452 | ---- | C] () -- C:\windows\SysWow64\igcodeckrng600.bin
[2013/01/30 18:06:18 | 000,754,652 | ---- | C] () -- C:\windows\SysWow64\igcodeckrng700.bin
[2012/12/10 15:12:50 | 000,001,536 | ---- | C] () -- C:\windows\SysWow64\IusEventLog.dll
[2012/07/26 18:13:10 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat
[2012/07/26 18:13:09 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT
[2012/07/26 17:21:26 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2012/07/26 11:17:42 | 000,043,520 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2012/07/26 06:37:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2012/07/26 06:28:31 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
[2012/06/03 00:31:19 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat

========== ZeroAccess Check ==========

[2013/08/05 15:59:45 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/03/06 16:31:28 | 019,758,592 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/03/06 15:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/26 13:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/26 13:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/26 13:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/08/01 16:17:47 | 000,000,000 | ---D | M] -- C:\Users\micha_000\AppData\Roaming\AVG2013
[2013/08/07 18:19:17 | 000,000,000 | ---D | M] -- C:\Users\micha_000\AppData\Roaming\BitTorrent
[2013/08/01 16:17:04 | 000,000,000 | ---D | M] -- C:\Users\micha_000\AppData\Roaming\TuneUp Software

========== Purity Check ==========

< End of report >

#11
Phel

Posted 12 August 2013 - 04:23 AM

Trusted Helper

Malware Removal
1,386 posts

Step 1. MBAM scan.

Posted Image

Please download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.

Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Quick Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

Step 2. ESET Online Scanner scan.

Please run a free online scan with the ESET Online Scanner

Vista / Win7 users: Right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator.

Note: This scan works with Internet Explorer or Mozilla FireFox.

You will need to disable your current installed Anti-Virus for the duration of the online scan, how to do so can be read here.

If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.

Click the green ESET Online Scanner box
Tick the box next to YES, I accept the Terms of Use
then click on: Start
You may see a panel towards the top of the screen telling you the website wants to install an addon... click and allow it to install. If your firewall asks whether you want to allow installation, say yes.
Make sure that the option Scan archives is checked.
Now click on Advanced Settings and select the following:
- Scan for potentially unwanted applications
- Scan for potentially unsafe applications
- Enable Anti-Stealth Technology
Click on Start
The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
When completed the Online Scan will begin automatically. The scan may take several hours.
Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
When completed select Uninstall application on close, make sure you copy the logfile first!
Then click on: Finish
Use notepad to open the logfile located at C:\Program Files (x86)\ESET\EsetOnlineScanner\log.txt.
Copy and paste that log as a reply to this topic.

So, please, don't forget to post in your next message:

ESET Online Scanner's log
MBAM log

#12
granty85

Posted 13 August 2013 - 06:25 AM

Member

Topic Starter
Member
16 posts

Hi Phel,

I can't seem to get the online scan to work. I usually use google chrome but used Internet Explorer as recommended as I don't have FF installed. When I click start the pop-up window just 'breaks' and nothing happens. My computer runs Windows 8, not sure if that has anything to do with it.

Here is the log from Malwarebytes

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.08.08.02

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16635
micha_000 :: GRANTYSBABY [administrator]

13/08/2013 5:38:44 PM
mbam-log-2013-08-13 (17-38-44).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 241872
Time elapsed: 2 minute(s), 14 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

What should I do next?

PS: Computer still seems to be running without the random pop-ups which is great, thank you.

#13
Phel

Posted 13 August 2013 - 01:34 PM

Trusted Helper

Malware Removal
1,386 posts

What should I do next?

Try to launch ESET Online Scanner from Chrome. I want to make sure that your computer is absolutely clean.

#14
granty85

Posted 15 August 2013 - 12:34 AM

Member

Topic Starter
Member
16 posts

Hi Phel,

I ran ESET using Chrome and it worked fine. I can't find the log file though and didnt see an option for copying it. However the conclusion of the scan was no threats found. Did you still need the log file? Should I run it again?

Cheers