Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Download speed suddenly collapsed, upload unaffected [Closed]


  • This topic is locked This topic is locked

#1
RupturedHope

RupturedHope

    Member

  • Member
  • PipPip
  • 52 posts
Hi there,

I have a strange issue with my download speed that started out of the blue today just before I started playing LoL. At first I assumed the servers were busy, but once I alttabbed and looked at speedtest.nl, it turned out I had suddenly dropped to .7Mbit down, while up was unaffected. I grabbed my laptop, and it had no issues. I ran MBAM SB and HMP, to no avail. They did mention Conduit.A and one other PUP, but after the first removal they did not return. No other issues popped up, so I'm completely at a loss.

OTL log :
OTL logfile created on: 22/09/13 23:21:43 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dark\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd/MM/yy

7.90 Gb Total Physical Memory | 6.24 Gb Available Physical Memory | 79.00% Memory free
15.79 Gb Paging File | 13.65 Gb Available in Paging File | 86.47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119.14 Gb Total Space | 21.40 Gb Free Space | 17.96% Space Free | Partition Type: NTFS
Drive D: | 1863.01 Gb Total Space | 779.85 Gb Free Space | 41.86% Space Free | Partition Type: NTFS
Drive E: | 1863.01 Gb Total Space | 99.33 Gb Free Space | 5.33% Space Free | Partition Type: NTFS

Computer Name: CALLIOPE | User Name: Dark | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/09/22 23:19:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dark\Desktop\OTL.exe
PRC - [2013/08/26 04:13:08 | 000,009,216 | ---- | M] (Ellora Assets Corp.) -- C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
PRC - [2013/05/28 11:42:24 | 000,037,344 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe
PRC - [2013/05/28 11:42:23 | 000,032,736 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe
PRC - [2013/05/28 11:20:15 | 000,140,768 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe
PRC - [2012/01/26 19:40:44 | 000,291,608 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2011/11/29 21:04:56 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe


========== Modules (No Company Name) ==========

MOD - [2013/09/17 05:21:27 | 000,410,576 | ---- | M] () -- C:\Users\Dark\AppData\Local\Google\Chrome\Application\29.0.1547.76\ppgooglenaclpluginchrome.dll
MOD - [2013/09/17 05:21:26 | 013,611,984 | ---- | M] () -- C:\Users\Dark\AppData\Local\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll
MOD - [2013/09/17 05:21:25 | 004,053,456 | ---- | M] () -- C:\Users\Dark\AppData\Local\Google\Chrome\Application\29.0.1547.76\pdf.dll
MOD - [2013/09/17 05:20:34 | 000,709,584 | ---- | M] () -- C:\Users\Dark\AppData\Local\Google\Chrome\Application\29.0.1547.76\libglesv2.dll
MOD - [2013/09/17 05:20:33 | 000,099,792 | ---- | M] () -- C:\Users\Dark\AppData\Local\Google\Chrome\Application\29.0.1547.76\libegl.dll
MOD - [2013/09/17 05:20:31 | 001,604,560 | ---- | M] () -- C:\Users\Dark\AppData\Local\Google\Chrome\Application\29.0.1547.76\ffmpegsumo.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/09/22 21:07:10 | 000,109,352 | ---- | M] (SurfRight B.V.) [Auto | Stopped] -- C:\Program Files\HitmanPro\hmpsched.exe -- (HitmanProScheduler)
SRV:64bit: - [2013/05/23 22:12:02 | 000,143,120 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV:64bit: - [2012/12/19 21:56:00 | 000,240,640 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012/02/09 17:26:48 | 000,133,632 | ---- | M] () [Auto | Running] -- C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe -- (ISCTAgent)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/09/11 01:48:14 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/08/26 04:13:08 | 000,009,216 | ---- | M] (Ellora Assets Corp.) [Auto | Running] -- C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe -- (FreemakeVideoCapture)
SRV - [2013/08/22 13:11:11 | 000,075,136 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013/07/09 06:41:31 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/06/21 09:53:36 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/05/28 11:42:24 | 000,037,344 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe -- (PSUAService)
SRV - [2013/05/28 11:20:15 | 000,140,768 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe -- (NanoServiceMain)
SRV - [2013/05/10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/10/23 11:47:48 | 002,848,168 | ---- | M] (TeamViewer GmbH) [Auto | Stopped] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012/01/12 08:24:26 | 000,274,200 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2011/12/09 14:39:52 | 000,135,584 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2011/11/29 21:04:56 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011/03/16 10:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/04/16 17:10:58 | 000,036,864 | ---- | M] (Realtek) [Auto | Stopped] -- C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe -- (Realtek11nCU)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/09/22 22:52:23 | 000,034,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WPRO_41_2001.sys -- (WPRO_41_2001)
DRV:64bit: - [2013/05/29 17:16:45 | 000,137,448 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\PSINProt.sys -- (PSINProt)
DRV:64bit: - [2013/05/29 05:55:24 | 000,246,504 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NNSStrm.sys -- (NNSSTRM)
DRV:64bit: - [2013/05/29 05:55:24 | 000,106,216 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NNStlsc.sys -- (NNSTLSC)
DRV:64bit: - [2013/05/29 05:55:23 | 000,118,504 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NNSPrv.sys -- (NNSPRV)
DRV:64bit: - [2013/05/29 05:55:23 | 000,114,920 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NNSSmtp.sys -- (NNSSMTP)
DRV:64bit: - [2013/05/29 05:55:22 | 000,305,896 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NNSProt.sys -- (NNSPROT)
DRV:64bit: - [2013/05/29 05:55:22 | 000,119,016 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NNSPop3.sys -- (NNSPOP3)
DRV:64bit: - [2013/05/29 05:55:22 | 000,069,864 | ---- | M] (Panda Security, S.L.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\NNSPihsw.sys -- (NNSPIHSW)
DRV:64bit: - [2013/05/29 05:55:21 | 000,114,920 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NNSIds.sys -- (NNSIDS)
DRV:64bit: - [2013/05/29 05:55:21 | 000,109,288 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NNSHttps.sys -- (NNSHTTPS)
DRV:64bit: - [2013/05/29 05:55:21 | 000,095,464 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NNSpicc.sys -- (NNSPICC)
DRV:64bit: - [2013/05/29 05:55:20 | 000,122,088 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NNSHttp.sys -- (NNSHTTP)
DRV:64bit: - [2013/05/29 05:55:20 | 000,091,368 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NNSAlpc.sys -- (NNSALPC)
DRV:64bit: - [2013/05/28 11:25:41 | 000,105,704 | ---- | M] (Panda Security, S.L.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PSINReg.sys -- (PSINReg)
DRV:64bit: - [2013/05/28 11:25:40 | 000,205,544 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\PSINKNC.sys -- (PSINKNC)
DRV:64bit: - [2013/05/28 11:25:40 | 000,124,648 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\PSINProc.sys -- (PSINProc)
DRV:64bit: - [2013/05/28 11:25:05 | 000,122,088 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\PSINFile.sys -- (PSINFile)
DRV:64bit: - [2013/05/28 11:25:04 | 000,168,680 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\PSINAflt.sys -- (PSINAflt)
DRV:64bit: - [2013/04/29 09:17:30 | 000,058,808 | ---- | M] (Panda Security, S.L.) [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\PSKMAD.sys -- (PSKMAD)
DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/12/19 22:48:48 | 011,278,336 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/12/19 21:32:54 | 000,552,960 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/11/06 13:11:52 | 000,096,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012/07/17 19:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/02/09 17:24:16 | 000,044,992 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ISCTD64.sys -- (ISCT)
DRV:64bit: - [2012/02/09 17:24:16 | 000,025,536 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\imsevent.sys -- (imsevent)
DRV:64bit: - [2012/02/09 17:24:14 | 000,025,536 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ikbevent.sys -- (ikbevent)
DRV:64bit: - [2012/01/26 19:39:34 | 000,787,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012/01/26 19:39:34 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012/01/26 19:39:34 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012/01/05 13:36:54 | 014,652,768 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/12/05 21:23:08 | 000,331,264 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011/11/29 19:40:32 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/09/21 17:56:24 | 000,049,760 | ---- | M] (Asmedia Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\asahci64.sys -- (asahci64)
DRV:64bit: - [2011/07/22 18:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 23:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/06/08 10:41:16 | 001,600,064 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ae1000w7.sys -- (AE1000)
DRV:64bit: - [2011/05/10 17:28:48 | 000,017,192 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AsrAppCharger.sys -- (AsrAppCharger)
DRV:64bit: - [2011/05/09 21:42:14 | 000,425,000 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2011/04/11 21:01:00 | 000,341,832 | ---- | M] (Logitech) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ladfGSRamd64.sys -- (LADF_RenderOnly)
DRV:64bit: - [2011/04/11 21:00:18 | 000,410,184 | ---- | M] (Logitech) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ladfGSCamd64.sys -- (LADF_CaptureOnly)
DRV:64bit: - [2011/03/29 18:15:00 | 001,254,464 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AE1200w764.sys -- (Linksys_adapter_H)
DRV:64bit: - [2011/03/04 17:00:14 | 000,390,632 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011/03/04 17:00:14 | 000,126,952 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011/02/11 23:23:34 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (npf)
DRV:64bit: - [2011/02/11 03:36:14 | 000,848,384 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL8192cu.sys -- (RTL8192cu)
DRV:64bit: - [2011/01/15 18:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2010/12/17 00:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010/11/21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 05:23:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010/11/21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/21 05:23:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/04/12 10:55:00 | 000,091,568 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2009/11/24 02:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009/11/24 02:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009/11/18 01:12:00 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/01 20:54:54 | 000,030,728 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGPBTDD.sys -- (LGPBTDD)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.7: C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Dark\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Dark\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@us-w1.rockmelt.com/RockMelt Update;version=8: C:\Users\Dark\AppData\Local\RockMelt\Update\1.2.189.1\npRockMeltOneClick8.dll (RockMelt Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2013/05/29 22:49:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dark\AppData\Roaming\Mozilla\Extensions
[2013/07/09 06:41:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/07/09 06:41:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/07/09 06:41:31 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google NCR (Enabled)
CHR - default_search_provider: search_url = http://www.google.co...q={searchTerms}
CHR - default_search_provider: suggest_url = ,
CHR - homepage: http://www.google.com/ncr
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\PepperFlash\11.5.31.139\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Disabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Dark\AppData\Local\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Dark\AppData\Local\Google\Chrome\Application\29.0.1547.76\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Disabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Dark\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: RockMelt Update (Disabled) = C:\Users\Dark\AppData\Local\RockMelt\Update\1.2.189.1\npRockMeltOneClick8.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll
CHR - Extension: Tab Expose = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ackpfhlmgjdjlohhjmbacaajbmkkklnp\2.0.5_0\
CHR - Extension: Search by Image for Google\u2122 = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\agdigejhabbnmfbbebmchkkjhcdjmeli\1.4_0\
CHR - Extension: Hacker News - Show Full Domain = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\amenlkcfjlmchdpogjmdolblcjlcmdbp\1.0_0\
CHR - Extension: Google Drive = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Mahadev Chrome Themes = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\baliefelillknjpaabnidahiijnnmccp\2_0\
CHR - Extension: Session Manager = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbcnbpafconjjigibnhbfmmgdbbkcjfi\0.4_0\
CHR - Extension: Sexy Undo Close Tab = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcennaiejdjpomgmmohhpgnjlmpcjmbg\7.2.12_0\
CHR - Extension: Apps list from context menu = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgeheffmcecddlippefcefgnbhmfadab\0.2_0\
CHR - Extension: Adblock Plus = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\
CHR - Extension: Adblock Plus = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.5_0\
CHR - Extension: Adblock Plus = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.5_1\
CHR - Extension: Scroll To Top Button = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\chiikmhgllekggjhdfjhajkfdkcngplp\6.2.4_0\
CHR - Extension: FeedSquares - Supercharge your Google Reader = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddkahgkblobiogkkeedfnjkldecloidi\1.4.0_0\
CHR - Extension: Read Later Fast = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\decdfngdidijkdjgbknlnepdljfaepji\1.6.0_0\
CHR - Extension: Gmelius - Ad Blocker and Better UI for Gmail\u2122 = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\dheionainndbbpoacpnopgmnihkcmnkl\5.7.4_0\
CHR - Extension: Activate Ext = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\dibkkempcomnamcffldikmhkigmpjjno\0.1.0_0\
CHR - Extension: Mega Button = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehjoabpkbidaaiikahbmfebfabbchoca\1.0.6_0\
CHR - Extension: Customize Menu = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\embakochaelgijbeolbbgnljfgpbeeoe\0.5.1.0_0\
CHR - Extension: Black = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\eoonlphbpioekooiogpokkgbmjciceik\1.1_0\
CHR - Extension: IP Geolocator = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadodjoencnnlijogpfpkmonlffhfdjp\1.3_0\
CHR - Extension: IP Geolocator = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadodjoencnnlijogpfpkmonlffhfdjp\1.3_0\~
CHR - Extension: Move left menu in Google Mail\u2122 = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffaboanbffefiogfnldddffmhpfpagcd\1.4.5_0\
CHR - Extension: Bookmarks Menu = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffmdedmghpoipeldijkdlcckdpempkdi\3.4.15_0\
CHR - Extension: Clutter = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopmmgbckkdhedhndlebkfnocagpgmnc\1.0.17_0\
CHR - Extension: Daemon = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdidbmjnkdnlfbmfdomopeiimkfblolf\0.1.1_0\
CHR - Extension: Full Screen Flash = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\gejijbmhbanhbllpkhfojmimfolkjgdl\1.4_0\
CHR - Extension: AdBlock = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.6_0\
CHR - Extension: AdBlock = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.7_0\
CHR - Extension: Mibbit webchat = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbadbkkklnhamjjeagmknajgmbgcmnpi\1.12_0\
CHR - Extension: TweetDeck by Twitter = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl\3.2.2_0\
CHR - Extension: TweetDeck by Twitter = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl\3.2.4_0\
CHR - Extension: TweetDeck by Twitter = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl\3.2.5_0\
CHR - Extension: Extensions Home Page = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcbjgpfakllmhcnfmpmkhopfjmeidkan\1.2_0\
CHR - Extension: AppJump App Launcher and Organizer = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\hccbinpobnjcpckmcfngmdpnbnjpmcbd\0.9.3_0\
CHR - Extension: AirMech = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdahlabpinmfcemhcbcfoijcpoalfgdn\19212_0\
CHR - Extension: AirMech = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdahlabpinmfcemhcbcfoijcpoalfgdn\19378_0\
CHR - Extension: AirMech = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdahlabpinmfcemhcbcfoijcpoalfgdn\19454_0\
CHR - Extension: AirMech = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdahlabpinmfcemhcbcfoijcpoalfgdn\19589_0\
CHR - Extension: TabJump - Intelligent Tab Navigator = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokofmgcicpnjchllaccgedmmmbbnbmf\0.7.9.2_0\
CHR - Extension: ShortCuts = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iblhmendleblcobcmphbhljgkfgnjoch\0.2_0\
CHR - Extension: IMG Rotate = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcoonajankpbolkgbipphpmbhefkengn\1.0.4_0\
CHR - Extension: Zoho Chat = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhciionmiegecfdffhjlcfanhikpppf\1.1_0\
CHR - Extension: Lock Tab = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnikalcnjojfkpleicbncjmnieimjlfe\0.8.2_0\
CHR - Extension: TackyNotes = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\kepjmeignbgkeglpbdmcendkoapjkekn\2.1_0\
CHR - Extension: Minecraft Wiki Searcher = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\kffllhckohamkhicfkcncgjekbbfmbji\0.3_0\
CHR - Extension: Methyl = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmfkloiffecmklfldmohmlhaiicmpcch\2.0_0\
CHR - Extension: TweetDeck Launcher = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmjdnkpkpnjblbgbnkeedepgnomafojk\2.0.1_0\
CHR - Extension: Instant Sounds = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcgiigejdempgibflnpfbimpgjhpofpj\1_0\
CHR - Extension: NewFreeScreensavers = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgdpfccfomdhboadcfaoffdebaajdkfh\2_0\
CHR - Extension: Wet Banana = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljecomdaijmibecakcpjadigpfkollbh\0.4.1_0\
CHR - Extension: Extensions Manager (aka Switcher) = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc\0.2.1.2_0\
CHR - Extension: Download Master = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcceagdollnkjlogmdckgjakjapmkdjf\3.0.1.2_0\
CHR - Extension: Badger = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\mffjibgogcfdddbofdobaognannnfgmf\1.0.1_0\
CHR - Extension: Youtube Ad Free! = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\mknomlkddfakhoakpmkeleifdphdfamo\2.2.4_0\
CHR - Extension: ScrewAds - Block, Skip, Remove YouTube Ads = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmbnjoljpgkhiaicaejkdcjbfjknipnc\2.1.5_0\
CHR - Extension: White Noise = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\mojghcdfgefcmgfidkgcamadlmaghfcm\1.6_0\
CHR - Extension: Download = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\nccjoeeljedbmkidebclpoabijggpbdp\0.1.7_0\
CHR - Extension: Incredible StartPage - Productive Start Page for Chrome! = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncdfeghkpohnalmpblddmnppfooljekh\1.6.2_0\
CHR - Extension: Diet Diary = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\neckeibmjhibmgoigmffjlihekefmffd\1.1_0\
CHR - Extension: WikiPreview = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlimegchokjpodijcknpbnhphchemmjm\0.3_0\
CHR - Extension: MuteTab = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmkbaaijgpppbokgnhhoakihofedkgcc\2.0.2_0\
CHR - Extension: MuteTab = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmkbaaijgpppbokgnhhoakihofedkgcc\2.0.5_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: TabCloud = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\npecfdijgoblfcgagoijgmgejmcpnhof\1.17_0\
CHR - Extension: Iconized Bookmarks Popup = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\npgonnihpamikjkfckpolamefpniicak\1.8.3_0\
CHR - Extension: Original Minimalist Email = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\npppajnlimcafecjepdjcijnoamopngp\1.6_0\
CHR - Extension: Skip video ads on Youtube = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\oanobjfgoogmilhpmlciifoaflmojigf\0.1.1_0\
CHR - Extension: Type Fu = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\okboeogmnhjpgbeaokfogelclpblaemo\2.0.0_0\
CHR - Extension: Apps Pop-up = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgmfnnibdimjiijaejcjeiannembnfca\1.4_0\
CHR - Extension: Send from Gmail (by Google) = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgphcomnlaojlmmcjmiddhdapjpbgeoc\1.16_0\
CHR - Extension: Space Planet = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppcocpoeoiajndepaaimnnglicichmbb\1.1_0\
CHR - Extension: Clearlook Scrollbar Theme = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppfdcmehpgiojcjgpclmfnbnpdmcmbgo\0.2.0_0\

O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [PSUAMain] C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe (Panda Security, S.L.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKLM..\Run: [VirtualCloneDrive] D:\Utilities\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
O4 - HKCU..\Run: [HydraVisionDesktopManager] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
O4 - HKCU..\Run: [RockMelt Update] C:\Users\Dark\AppData\Local\RockMelt\Update\RockMeltUpdate.exe (RockMelt Inc.)
O4 - HKCU..\Run: [SoniqueQuickStart] D:\Utilities\Sonique\sqstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{240FD767-8FD3-431A-99B0-1A0B4DF9265C}: DhcpNameServer = 192.168.2.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{24C41BCA-3295-408C-9740-A34101EA25EA}: DhcpNameServer = 192.168.2.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{761A5FCD-1B86-4892-B151-A80A44DF3373}: DhcpNameServer = 192.168.2.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8F95FE0D-B3D5-417F-8E9F-DF3AB98D3265}: NameServer = 93.182.182.93 93.182.132.32
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9ADB447E-906F-4B2C-9A70-FB7FE8A3C57B}: DhcpNameServer = 192.168.2.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B42D4D8C-B48D-4252-92C2-9DE65625CBC4}: DhcpNameServer = 192.168.2.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E48CBC3A-5D06-4BA3-8919-2BFAE68293E5}: DhcpNameServer = 192.168.2.254
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/09/22 23:19:35 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Dark\Desktop\OTL.exe
[2013/09/22 22:52:24 | 000,058,808 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\PSKMAD.sys
[2013/09/22 22:45:41 | 000,000,000 | ---D | C] -- C:\Windows\Profiles
[2013/09/22 22:45:41 | 000,000,000 | ---D | C] -- C:\Windows\Favorites
[2013/09/22 21:07:09 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
[2013/09/22 21:06:50 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2013/09/22 18:40:29 | 000,000,000 | ---D | C] -- C:\Users\Dark\Desktop\Monitor_Acer_1.0_Win7VistaXPx86x64_G225HQV
[2013/09/22 18:10:15 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/09/22 18:10:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/09/22 09:25:19 | 000,000,000 | ---D | C] -- C:\Users\Dark\Desktop\X - Rebirth Soundtrack
[2013/09/22 09:25:09 | 000,000,000 | ---D | C] -- C:\Users\Dark\Desktop\X3 - Albion Prelude Soundtrack
[2013/09/20 18:41:56 | 000,000,000 | ---D | C] -- C:\Users\Dark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2013/09/09 16:41:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Overwolf
[2013/09/09 16:40:27 | 000,000,000 | ---D | C] -- C:\Users\Dark\AppData\Local\Overwolf
[2013/09/05 00:42:17 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap
[2013/09/05 00:42:07 | 000,000,000 | ---D | C] -- C:\Users\Dark\Documents\Freemake
[2013/09/05 00:42:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Freemake
[2013/09/05 00:42:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Freemake
[2013/08/29 12:37:52 | 000,000,000 | ---D | C] -- C:\Users\Dark\AppData\Roaming\LolClient
[2013/08/29 11:11:06 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\AI_RecycleBin
[2013/08/29 11:10:58 | 000,000,000 | ---D | C] -- C:\Users\Dark\AppData\Local\PMB Files
[2013/08/29 11:10:58 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2013/08/29 11:09:45 | 000,000,000 | ---D | C] -- C:\Users\Dark\AppData\Roaming\Riot Games
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/09/22 23:19:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dark\Desktop\OTL.exe
[2013/09/22 23:17:29 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\RockMeltUpdateTaskUserS-1-5-21-3078208923-4164391845-252134557-1000UA.job
[2013/09/22 22:59:29 | 000,021,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/09/22 22:59:29 | 000,021,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/09/22 22:59:17 | 000,778,150 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/09/22 22:59:17 | 000,659,580 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/09/22 22:59:17 | 000,120,508 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/09/22 22:52:23 | 000,034,752 | ---- | M] () -- C:\Windows\SysNative\drivers\WPRO_41_2001.sys
[2013/09/22 22:52:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/09/22 22:52:15 | 2064,416,767 | -HS- | M] () -- C:\hiberfil.sys
[2013/09/22 22:45:41 | 000,001,048 | ---- | M] () -- C:\Users\Public\Desktop\Windows Media Player.lnk
[2013/09/22 21:48:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/09/22 21:38:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3078208923-4164391845-252134557-1000UA.job
[2013/09/22 21:07:10 | 000,001,896 | ---- | M] () -- C:\Users\Public\Desktop\HitmanPro.lnk
[2013/09/22 18:10:16 | 000,001,112 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/09/22 17:17:00 | 000,000,872 | ---- | M] () -- C:\Windows\tasks\RockMeltUpdateTaskUserS-1-5-21-3078208923-4164391845-252134557-1000Core.job
[2013/09/22 03:38:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3078208923-4164391845-252134557-1000Core.job
[2013/09/20 05:42:12 | 000,460,951 | ---- | M] () -- C:\Users\Dark\Untitled.jpg
[2013/08/28 02:19:24 | 004,681,789 | ---- | M] () -- C:\Users\Dark\Desktop\04.wmv
[2013/08/28 02:19:17 | 004,441,783 | ---- | M] () -- C:\Users\Dark\Desktop\03.wmv
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/09/22 22:45:41 | 000,001,048 | ---- | C] () -- C:\Users\Public\Desktop\Windows Media Player.lnk
[2013/09/22 21:07:10 | 000,001,896 | ---- | C] () -- C:\Users\Public\Desktop\HitmanPro.lnk
[2013/09/22 18:10:16 | 000,001,112 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/09/20 05:42:12 | 000,460,951 | ---- | C] () -- C:\Users\Dark\Untitled.jpg
[2013/08/28 02:19:20 | 004,681,789 | ---- | C] () -- C:\Users\Dark\Desktop\04.wmv
[2013/08/28 02:19:14 | 004,441,783 | ---- | C] () -- C:\Users\Dark\Desktop\03.wmv
[2013/08/22 13:11:13 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013/08/22 13:11:11 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013/06/29 17:52:00 | 000,002,740 | ---- | C] () -- C:\Windows\cdplayer.ini
[2013/06/29 17:50:17 | 000,001,534 | ---- | C] () -- C:\ProgramData\ss.ini
[2013/06/29 15:01:09 | 000,028,820 | ---- | C] () -- C:\Windows\SysWow64\sintfnt.dll
[2013/06/29 15:01:09 | 000,017,836 | ---- | C] () -- C:\Windows\SysWow64\sintf32.dll
[2013/06/29 15:01:09 | 000,012,066 | ---- | C] () -- C:\Windows\SysWow64\sintf16.dll
[2013/06/24 11:24:24 | 000,000,419 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2013/06/24 11:24:24 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2013/06/23 18:33:10 | 001,322,753 | ---- | C] () -- C:\Users\Dark\Nokia_Lumia_920_UG_en_GB.pdf
[2013/04/30 15:18:29 | 000,010,240 | ---- | C] () -- C:\Windows\SysWow64\vidx16.dll
[2013/04/03 04:39:02 | 000,079,872 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2013/02/27 11:16:40 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2012/12/22 04:25:05 | 000,000,218 | ---- | C] () -- C:\Users\Dark\.recently-used.xbel
[2012/12/04 16:49:26 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2012/12/02 21:18:33 | 000,000,193 | ---- | C] () -- C:\Windows\wordpad.INI
[2012/11/27 17:10:20 | 000,000,845 | ---- | C] () -- C:\Users\Dark\AppData\Local\recently-used.xbel
[2012/10/17 07:04:51 | 000,771,962 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/10/08 18:12:35 | 000,000,000 | ---- | C] () -- C:\ProgramData\0x0304A000.sfl
[2012/09/05 15:31:36 | 000,000,258 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2012/08/05 09:21:16 | 000,660,069 | ---- | C] () -- C:\Users\Dark\bookmarks_8_5_12.html
[2012/07/24 21:44:56 | 001,717,563 | ---- | C] () -- C:\Users\Dark\Moeder's LG Magnetron .pdf
[2012/05/31 21:49:39 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012/05/31 21:48:08 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/05/31 21:48:08 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012/05/31 21:48:07 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2012/05/31 08:44:21 | 012,978,688 | ---- | C] () -- C:\Windows\SysWow64\ig7icd32.dll
[2012/05/31 08:44:21 | 000,734,772 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin
[2012/05/31 08:44:21 | 000,557,476 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin
[2012/05/31 08:44:21 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/05/31 08:43:56 | 000,007,597 | ---- | C] () -- C:\Users\Dark\AppData\Local\resmon.resmoncfg
[2012/05/02 14:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

========== ZeroAccess Check ==========

[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2010/11/21 05:23:55 | 014,174,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010/11/21 05:24:02 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/09/19 17:59:35 | 000,000,000 | ---D | M] -- C:\Users\Dark\AppData\Roaming\.minecraft
[2013/02/08 07:50:38 | 000,000,000 | ---D | M] -- C:\Users\Dark\AppData\Roaming\.purple
[2013/05/04 18:13:23 | 000,000,000 | ---D | M] -- C:\Users\Dark\AppData\Roaming\Bioshock
[2012/11/21 20:55:41 | 000,000,000 | ---D | M] -- C:\Users\Dark\AppData\Roaming\Carbon
[2013/07/18 08:48:15 | 000,000,000 | ---D | M] -- C:\Users\Dark\AppData\Roaming\EoN
[2012/12/21 15:41:25 | 000,000,000 | ---D | M] -- C:\Users\Dark\AppData\Roaming\gtk-2.0
[2013/07/25 16:35:47 | 000,000,000 | ---D | M] -- C:\Users\Dark\AppData\Roaming\HeidiSQL
[2012/06/12 01:49:07 | 000,000,000 | ---D | M] -- C:\Users\Dark\AppData\Roaming\Leadertech
[2013/08/29 12:37:52 | 000,000,000 | ---D | M] -- C:\Users\Dark\AppData\Roaming\LolClient
[2012/07/07 22:41:49 | 000,000,000 | ---D | M] -- C:\Users\Dark\AppData\Roaming\My Games
[2013/07/25 16:35:15 | 000,000,000 | ---D | M] -- C:\Users\Dark\AppData\Roaming\MySQL
[2012/07/15 13:03:59 | 000,000,000 | ---D | M] -- C:\Users\Dark\AppData\Roaming\OpenOffice.org
[2013/07/15 14:37:47 | 000,000,000 | ---D | M] -- C:\Users\Dark\AppData\Roaming\Opera
[2013/07/15 14:40:28 | 000,000,000 | ---D | M] -- C:\Users\Dark\AppData\Roaming\Opera Software
[2013/08/19 01:44:17 | 000,000,000 | ---D | M] -- C:\Users\Dark\AppData\Roaming\Origin
[2012/08/06 18:18:42 | 000,000,000 | ---D | M] -- C:\Users\Dark\AppData\Roaming\Panda Security
[2012/09/17 06:06:44 | 000,000,000 | ---D | M] -- C:\Users\Dark\AppData\Roaming\Radio538DesktopPlayer.by.StingR.com
[2012/09/17 15:55:21 | 000,000,000 | ---D | M] -- C:\Users\Dark\AppData\Roaming\RIFT
[2013/08/29 11:10:51 | 000,000,000 | ---D | M] -- C:\Users\Dark\AppData\Roaming\Riot Games
[2012/12/30 16:11:56 | 000,000,000 | ---D | M] -- C:\Users\Dark\AppData\Roaming\RobotSoft
[2012/12/10 21:06:14 | 000,000,000 | ---D | M] -- C:\Users\Dark\AppData\Roaming\Spotify
[2012/10/23 20:34:46 | 000,000,000 | ---D | M] -- C:\Users\Dark\AppData\Roaming\TeamViewer
[2012/09/12 10:12:47 | 000,000,000 | ---D | M] -- C:\Users\Dark\AppData\Roaming\ts3overlay
[2012/12/21 16:27:48 | 000,000,000 | ---D | M] -- C:\Users\Dark\AppData\Roaming\ts3overlay_hook_win64
[2013/09/22 19:09:13 | 000,000,000 | ---D | M] -- C:\Users\Dark\AppData\Roaming\uTorrent
[2012/12/07 02:07:33 | 000,000,000 | ---D | M] -- C:\Users\Dark\AppData\Roaming\YourFileDownloader

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:5C321E34

< End of report >




Extras log :
OTL Extras logfile created on: 22/09/13 23:21:43 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dark\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd/MM/yy

7.90 Gb Total Physical Memory | 6.24 Gb Available Physical Memory | 79.00% Memory free
15.79 Gb Paging File | 13.65 Gb Available in Paging File | 86.47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119.14 Gb Total Space | 21.40 Gb Free Space | 17.96% Space Free | Partition Type: NTFS
Drive D: | 1863.01 Gb Total Space | 779.85 Gb Free Space | 41.86% Space Free | Partition Type: NTFS
Drive E: | 1863.01 Gb Total Space | 99.33 Gb Free Space | 5.33% Space Free | Partition Type: NTFS

Computer Name: CALLIOPE | User Name: Dark | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Add to playlist] -- "D:\Utilities\Sonique\Sonique.exe" -appendonly "%1" (Terra Lycos)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Add to playlist] -- "D:\Utilities\Sonique\Sonique.exe" -appendonly "%1" (Terra Lycos)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01183C1E-B99C-4691-B1D1-5AA2FAB2A58B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{024060AB-5ABD-48AC-ABC1-6FA01F7B95B2}" = rport=139 | protocol=6 | dir=out | app=system |
"{19966A70-6FC4-4069-9611-3F1CB87941B2}" = lport=137 | protocol=17 | dir=in | app=system |
"{2442FEFE-79BD-48DE-8F03-9008A012FB16}" = rport=137 | protocol=17 | dir=out | app=system |
"{459E4AF1-C0C1-4E05-A6B1-E7E542977C22}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{51237501-3C2F-42D8-A128-B64B08CFA314}" = rport=138 | protocol=17 | dir=out | app=system |
"{8723219A-7419-4206-88E7-29811B1E036E}" = lport=53 | protocol=17 | dir=in | name=realtek ap udp prot |
"{983FA5BA-E9D7-467F-8CF9-022C05BA03BE}" = lport=138 | protocol=17 | dir=in | app=system |
"{B2DB8AC3-8CE6-4A3D-BCFD-2C2EEE71D0B8}" = lport=1542 | protocol=17 | dir=in | name=realtek wps udp prot |
"{BC61CB7E-AACF-421A-9C37-84FDFF720EDD}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{D01DB71B-38B7-47EC-893F-7AA877FBFBC7}" = lport=139 | protocol=6 | dir=in | app=system |
"{E902358C-93A1-48C6-BF33-12DF9107740A}" = lport=1542 | protocol=6 | dir=in | name=realtek wps tcp prot |
"{EAF0AEDB-78F4-4037-8A2F-0D316C918580}" = rport=445 | protocol=6 | dir=out | app=system |
"{F482D8A4-8518-4999-979D-E39DB1396E4B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FD204FA9-B3E8-4489-990A-9D70AE9CF076}" = lport=445 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02E70A7F-EA24-48B2-9B57-4D61383D4C01}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{07491576-AE55-4C15-AA1D-BAA30BAE4B4B}" = protocol=6 | dir=in | app=c:\program files (x86)\yourfiledownloader\yourfile.exe |
"{079E48F9-4287-407B-A882-F803F9554EBA}" = protocol=6 | dir=in | app=d:\utilities\avg\avgmfapx.exe |
"{0E00026E-B9B4-49DA-A18C-0F0DD6A0C458}" = protocol=6 | dir=in | app=d:\games\mass effect\binaries\masseffect.exe |
"{1417D425-8312-4896-A529-DF7E1E1E0DD3}" = protocol=6 | dir=in | app=d:\games\mass effect\masseffectlauncher.exe |
"{18BDF5E5-BEE8-4876-8ACB-96006D7D34AC}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2000\agent.exe |
"{291687DF-5A5C-4176-A7FF-B99F03A67883}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{2A338AEC-DB8B-47AB-BF1E-2B7590B39A5F}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{2DA853AD-CAE8-41C0-B634-EBC4702B3885}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2000\agent.exe |
"{31D12788-B91A-4627-9554-2631F9867385}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{32524892-1ACA-4994-8618-39637B3BF183}" = protocol=6 | dir=in | app=d:\games\civilization 4\civilization4.exe |
"{35078334-D927-40DC-8241-E96656F6FF0D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3E2CE41F-3897-4456-9F98-0CDD6BC9C7F4}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{432D174A-3A62-43CD-8E85-6AC6A751FC74}" = protocol=1 | dir=out | [email protected],-28544 |
"{48C7A438-84BF-401B-9F81-C92991994D3E}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{493A1C68-3A1E-4517-BF1B-407697E01E74}" = protocol=6 | dir=in | app=d:\games\steam\steamapps\common\terraria\terraria.exe |
"{4BFC3876-2415-4FE0-96CA-E681ECECE8AB}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{4DEDCB7B-0DC2-40E5-B9AB-80D056B08955}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{505CA3D4-87D6-4678-83A3-1CB3B9EC7AFB}" = protocol=58 | dir=in | [email protected],-28545 |
"{602A3FC8-B336-4B6C-A945-D1E69EB96221}" = protocol=17 | dir=in | app=d:\games\mass effect\masseffectlauncher.exe |
"{61F1BBA3-A75B-4773-8582-DF3BB197977F}" = protocol=58 | dir=out | [email protected],-28546 |
"{628D04FA-6F3F-40DF-8C34-2CDB19F5756A}" = protocol=58 | dir=in | app=system |
"{6385988B-E9CE-4184-B95A-11A82C188F70}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{6527DD49-EB22-4399-B839-71439F927389}" = protocol=1 | dir=in | [email protected],-28543 |
"{65D5CED6-88E3-4C34-B25A-2503582A7DB5}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2006\agent.exe |
"{6FAA5EFC-3955-4097-AEB8-9EDF9E54F1B9}" = protocol=17 | dir=in | app=d:\games\mass effect\binaries\masseffect.exe |
"{7073F015-E761-42D3-A13C-3AC7649F528D}" = protocol=6 | dir=in | app=d:\games\steam\steamapps\common\silent hunter 3\sh3.exe |
"{72D5CEA5-01D0-4BDD-B244-C40EEDA303FF}" = protocol=6 | dir=in | app=d:\utilities\ventrilo\ventrilo.exe |
"{73D7CC6B-3217-43A9-B8AF-484ED070E589}" = protocol=17 | dir=in | app=c:\program files (x86)\yourfiledownloader\downloader.exe |
"{788F7196-9E0B-4B2E-A746-C4E5DA3F953E}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{7C71C224-BA99-4C7B-BFCF-76313F17CAE7}" = protocol=17 | dir=in | app=d:\utilities\ventrilo\ventrilo.exe |
"{7FE9F1E9-1573-44DB-BE25-98394914F590}" = protocol=6 | dir=in | app=d:\games\steam\steam.exe |
"{8E45D42B-B189-4322-8961-AF83C516D1AE}" = protocol=17 | dir=in | app=d:\games\steam\steam.exe |
"{911C0537-443C-4E98-A8D2-C930E73DD7F1}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{91575EE0-55ED-4ACB-8FF9-F3055977AD3B}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{94C02AA2-191B-490E-A310-41A6EFFC97BB}" = protocol=17 | dir=in | app=c:\program files (x86)\realtek\11n usb wireless lan utility\rtwlan.exe |
"{98285855-2D75-45CE-A5FD-32D5909BF7ED}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{9FE199F6-F9EB-427B-9B21-DFC15C0E720C}" = protocol=17 | dir=in | app=e:\games\battlefield 3\bf3.exe |
"{A8B1129D-D760-414C-B9E4-DA0289514455}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{AB719D4F-F4D4-4019-A4B7-925BF3A2C63F}" = protocol=6 | dir=in | app=c:\users\dark\appdata\roaming\utorrent\utorrent.exe |
"{B0139305-B273-45BA-B1F1-BFC56F81912B}" = protocol=17 | dir=in | app=d:\games\steam\steamapps\common\terraria\terraria.exe |
"{B1C49B03-7C53-4007-84A5-1C73B4849E60}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{B31A9F0C-DD81-49F8-BE01-902D200D03CD}" = protocol=6 | dir=in | app=c:\program files (x86)\yourfiledownloader\downloader.exe |
"{B4924430-156E-4294-AAB9-C6B34D3CD287}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{B589EBB4-9500-49FB-B352-66D2C0A744A6}" = protocol=6 | dir=in | app=c:\program files (x86)\end of nations alpha\rtsclientg.exe |
"{BC5998D0-3BF9-4069-9234-C6E87F21D35A}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{C0482181-84D6-4AE8-A088-5EF8FADB2743}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{C5E9DE51-7E36-45BB-9879-E6594B3D7D15}" = protocol=17 | dir=in | app=c:\users\dark\appdata\roaming\utorrent\utorrent.exe |
"{C9183B56-A80E-4DA6-87BA-B9A4B6FFAD02}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{CB3BACC4-C9A5-4602-B3C6-5904C95B5B92}" = protocol=6 | dir=in | app=d:\games\steam\steamapps\common\airmech\airmech.exe |
"{D5DEEF23-8D02-43A8-9F92-D7FB69F9F2B2}" = protocol=17 | dir=in | app=c:\program files (x86)\yourfiledownloader\yourfile.exe |
"{D6329C19-7BEE-411C-BD58-3DEA8AC67499}" = protocol=17 | dir=in | app=d:\utilities\avg\avgmfapx.exe |
"{DACF1B7B-5A53-4BAC-ADF0-48C8616387BD}" = protocol=17 | dir=in | app=d:\games\steam\steamapps\common\airmech\airmech.exe |
"{E232C2A7-4B95-4AF3-A040-59172945F51A}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{E35892D2-CB80-43B6-B5F1-BA241FA27A0D}" = protocol=6 | dir=in | app=e:\games\battlefield 3\bf3.exe |
"{EADEFF52-6BA3-4792-AF55-2B7C3254D549}" = protocol=17 | dir=in | app=d:\games\steam\steamapps\common\silent hunter 3\sh3.exe |
"{F014DC38-B0D7-47DC-9F66-E99DEB50C35F}" = protocol=17 | dir=in | app=c:\program files (x86)\end of nations alpha\rtsclientg.exe |
"{F2407BB2-45E1-4D8D-A4EA-0EDEDA251CEA}" = protocol=58 | dir=out | [email protected],-503 |
"{F54B495B-9925-414C-928B-671141CF8A38}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2006\agent.exe |
"{F73DB617-520D-462A-8CE6-9C42AF4FFD70}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{F7B1E8EC-AD8F-4FDA-9A05-F14E6319D00B}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{F81222C6-6636-43B6-B674-5731B895D5C5}" = protocol=6 | dir=in | app=c:\program files (x86)\realtek\11n usb wireless lan utility\rtwlan.exe |
"{F927034E-82DE-4880-A051-45FCB3AEB1CE}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{FFE4B9BC-4961-4922-AFBC-CFBA2D1A49CD}" = protocol=17 | dir=in | app=d:\games\civilization 4\civilization4.exe |
"TCP Query User{5CC251FD-DC36-4D4B-AA94-6327743BF5D2}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{7EC1C162-E3AE-42B7-AB67-151322920EDD}C:\program files\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"TCP Query User{91DFBA14-6035-4EDF-BDB5-97195D0BF2A5}C:\program files (x86)\tera\tera-launcher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tera\tera-launcher.exe |
"TCP Query User{BCD5E123-B4E9-4E72-8DE6-633479471201}D:\utility\xampp\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=d:\utility\xampp\mysql\bin\mysqld.exe |
"TCP Query User{C8DCF5FB-6066-497D-BAFA-11DC5BED1F83}D:\games\star trek online\star trek online\live\gameclient.exe" = protocol=6 | dir=in | app=d:\games\star trek online\star trek online\live\gameclient.exe |
"TCP Query User{CD52FE97-A186-4519-9467-0983E0C8BA6B}E:\games\diablo iii\diablo iii.exe" = protocol=6 | dir=in | app=e:\games\diablo iii\diablo iii.exe |
"UDP Query User{003FAE54-6217-4ADB-A72A-ABA2737BB942}D:\utility\xampp\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=d:\utility\xampp\mysql\bin\mysqld.exe |
"UDP Query User{033B53DA-8D1D-4B45-B5AF-76C821FBCC23}E:\games\diablo iii\diablo iii.exe" = protocol=17 | dir=in | app=e:\games\diablo iii\diablo iii.exe |
"UDP Query User{0660E211-81C8-4DEE-8B5B-7DD00D11D43C}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{083215DE-7052-4CB5-B89E-4498D4BA3B6F}C:\program files\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"UDP Query User{81E1D8BB-E6FB-43B7-9CE3-1E054E487D89}D:\games\star trek online\star trek online\live\gameclient.exe" = protocol=17 | dir=in | app=d:\games\star trek online\star trek online\live\gameclient.exe |
"UDP Query User{83CBFC68-931B-431E-BEE6-D77FDB09D18E}C:\program files (x86)\tera\tera-launcher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tera\tera-launcher.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{008C42A1-FB22-7DB4-618F-08E2C5059C0C}" = ccc-utility64
"{04573C2A-8756-E9F0-7878-C6029F6C7F25}" = AMD Drag and Drop Transcoding
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{26A24AE4-039D-4CA4-87B4-2F86417013FF}" = Java 7 Update 13 (64-bit)
"{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1" = MPC-HC 1.6.6.6957 (3975d54) (64-bit)
"{393D3B4C-1F95-CDD2-4F0A-395D99D5F553}" = AMD Accelerated Video Transcoding
"{4A6FE9F2-F6A2-452E-89C7-C24A9E2B804D}" = Panda Cloud Antivirus
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{53A19094-2C04-A9B9-7309-3E92152D4845}" = AMD Catalyst Install Manager
"{690285C2-2481-44FB-8402-162EA970A6DD}" = Logitech Gaming Software
"{6DB5331E-20A5-C1A7-E0E5-3A023C304389}" = AMD AVIVO64 Codecs
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{C0FFB192-3484-9AA0-7505-3A5B6688752F}" = AMD Media Foundation Decoders
"{C91DCB72-F5BB-410D-A91A-314F5D1B4284}" = Broadcom NetLink Controller
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{D1B033E8-A077-4B0D-9831-5798E19E861E}" = Intel® Smart Connect Technology 2.0 x64
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}" = Ventrilo Client for Windows x64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"ASRock App Charger_is1" = ASRock App Charger v1.0.5
"GIMP-2_is1" = GIMP 2.8.2
"HitmanPro37" = HitmanPro 3.7
"Logitech Gaming Software" = Logitech Gaming Software 8.30
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Nero 11 v11.2.4.100 (x64)11.2.4.100" = Nero 11 v11.2.4.100 (x64)
"Recuva" = Recuva
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR 4.00 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{1050A3D4-BC3B-4443-BD60-68C2BAE65EF4}" = CCC Help English
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1321BDD4-C5FC-BCFA-F281-7C66D5DE187F}" = CCC Help French
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}" = Mass Effect
"{1D6DF721-54B7-6AA4-2050-7E286CCE13E8}" = Catalyst Control Center
"{1EF73F13-8A60-7910-A59D-8F62A8BCD47D}" = CCC Help Swedish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22E62B37-5D05-C5AD-F53E-691342495A45}" = CCC Help Spanish
"{23528772-43DB-1E20-E845-DB1CE00FBB10}" = CCC Help Danish
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel® USB 3.0 eXtensible Host Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 25
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{3DD2E9EA-0544-4162-B8BE-E21E994E9F3B}" = LEGO Racers 2
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{4377F918-E6C9-4ECA-A7F5-754B310B7ED8}" = Sid Meier's Civilization 4
"{476CD9DE-C45F-4443-BFA7-E51C58B7E455}" = Populous
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.6
"{501451DE-5808-4599-B544-8BD0915B6B24}_is1" = FreeRIP MP3 Converter 4.3
"{51071D66-D034-4239-94E0-723FCA10B6FE}" = OpenOffice.org 3.4
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{5F32FD5A-6F9D-50FD-1896-0AEC107DE5D0}" = CCC Help Portuguese
"{60AAE030-8621-5187-F7CF-41A241698407}" = CCC Help Dutch
"{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}" = Asmedia ASM106x SATA Host Controller Driver
"{619DC4E1-DA11-48A1-4587-4E3E3D02D103}" = Catalyst Control Center Graphics Previews Common
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65A5E87D-7A3F-4819-807D-B86990D5F369}" = inSSIDer
"{66D6F3BD-CA23-41A4-9FA3-96B26B32528C}" = Command & Conquer The First Decade
"{6F05E0AC-22D3-BE6E-05DD-623504F54FB2}" = CCC Help Chinese Standard
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{7668B02B-DDDA-A67C-F86B-9D1061DD08CD}" = CCC Help Hungarian
"{79BF4901-1EC4-4726-B3C2-A7859706C6E7}" = League of Legends
"{7BA420C3-3629-2AD6-19D0-0A6E27D6B782}" = CCC Help Thai
"{82E73E8D-E1E7-45A4-A311-6D31492AA913}_is1" = AION Free-to-Play version 1.0
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EFA9357-75F9-EF3D-B7F9-BC913BA8DAC5}" = CCC Help Norwegian
"{90157C5D-D791-4D36-8C2B-7553DC01D601}" = ASUS VGA Driver
"{91DA5EBA-C240-289B-0AB4-6604CDE6A27F}" = CCC Help Czech
"{9711CA3C-614D-5B3B-E10F-062FD292075E}" = CCC Help Italian
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C049499-055C-4a0c-A916-1D12314F45EB}" = REALTEK Wireless LAN Driver and Utility
"{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1" = Gameforge Live 1.4.0 "Legend"
"{9FCBD98D-F8B3-6ECC-5293-9C28817E3269}" = Catalyst Control Center InstallProxy
"{A0B1B905-88E8-CBBB-C936-0FFECD06BBDC}" = Catalyst Control Center Localization All
"{A2S166A0-F031-4E27-A057-C69733219434}_is1" = TERA
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.8)
"{AF749638-8C8C-84E8-DA4A-37D014824E33}" = CCC Help German
"{B0B4575E-EB62-1BDC-994A-A42ED7E8FF46}" = CCC Help Greek
"{B1504E18-0D34-1554-20FB-2BF6459D4683}" = CCC Help Russian
"{B90B9B89-2B62-B281-25C3-A59B189C249F}" = CCC Help Finnish
"{BA0F9EA0-1313-976B-4809-A5535AB8E207}" = HydraVision
"{BC4A54D6-6591-4D01-AE21-C9ABAAF69D7F}" = Microsoft Expression Encoder 4
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1" = SRWare Iron version SRWare Iron 27.0.1500.0
"{C5ED3F69-3A6D-EA6E-EE57-342C0274FE5F}" = CCC Help Japanese
"{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}" = Sid Meier's Civilization 4
"{CFEF8DB5-B45E-4b05-90BE-D02AA6F45354}" = Firefall
"{DBD353DB-F37D-3CBB-65A7-0B3BA8634263}" = CCC Help Turkish
"{DDE59617-F59A-473B-BC4E-C2B81F6CD38D}" = Command & Conquer™ Red Alert™ 3 Uprising
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{E786AE85-8A30-4CF2-BF70-57404A5CD684}" = Windows Phone app for desktop
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE6EBBD2-C278-5F48-B021-C9314ABE7593}" = CCC Help Korean
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5C1211F-8F5E-B4BE-8046-3BB6B7944BA0}" = CCC Help Polish
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{F9EC30D1-F688-4708-9850-CB5120074AAA}" = Microsoft Expression Encoder 4 Screen Capture Codec
"{FA115E3B-1A2D-F0F1-52CE-99D1BD346C08}" = CCC Help Chinese Traditional
"{FCB10DE3-E190-4A7E-B06A-FAC61567ABFC}" = MySQL Tools for 5.0
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel® OpenCL CPU Runtime
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Bass Audio Decoder" = Bass Audio Decoder (remove only)
"Battlelog Web Plugins" = Battlelog Web Plugins
"Diablo III" = Diablo III
"Encoder_4.0.3205.0" = Microsoft Expression Encoder 4
"End of Nations Alpha" = End of Nations Alpha
"ESN Sonar-0.70.4" = ESN Sonar
"ffdshow_is1" = ffdshow v1.2.4453 [2012-05-21]
"Freemake Video Downloader_is1" = Freemake Video Downloader
"HeidiSQL_is1" = HeidiSQL 8.0.0.4396
"League of Legends 3.0.1" = League of Legends
"LEGO Racers" = LEGO Racers
"MakeMKV" = MakeMKV v1.8.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Mozilla Firefox 22.0 (x86 en-US)" = Mozilla Firefox 22.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Network Stumbler" = Network Stumbler 0.4.0 (remove only)
"Open Codecs" = Xiph.Org Open Codecs 0.85.17777
"Opera 12.16.1860" = Opera 12.16
"Origin" = Origin
"Panda Universal Agent Endpoint" = Panda Cloud Antivirus
"Pidgin" = Pidgin
"PowerISO" = PowerISO
"PunkBusterSvc" = PunkBuster Services
"Sniper Elite V2_is1" = Sniper Elite V2
"Sniper Ghost Warrior_is1" = Sniper Ghost Warrior
"Sonique15" = Sonique
"SpywareBlaster_is1" = SpywareBlaster 5.0
"SQLRestore" = SQLRestore
"Star Trek Online" = Star Trek Online
"StarCraft II" = StarCraft II
"Steam App 105600" = Terraria
"Steam App 15210" = Silent Hunter III
"Steam App 201310" = X3: Albion Prelude
"Steam App 206500" = AirMech
"Steam App 2820" = X3: Terran Conflict
"TeamViewer 7" = TeamViewer 7
"uTorrent" = µTorrent
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 2.0.8
"Winamp" = Winamp
"WinPcapInst" = WinPcap 4.1.2
"World of Warcraft" = World of Warcraft
"xampp" = XAMPP
"XCC Utilities" = XCC Utilities 1.47

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"101a9f93b8f0bb6f" = Curse Client
"Google Chrome" = Google Chrome
"RIFT" = RIFT
"RockMelt" = RockMelt
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 05/08/13 16:17:18 | Computer Name = Calliope | Source = Google Update | ID = 20
Description =

Error - 05/08/13 17:17:18 | Computer Name = Calliope | Source = Google Update | ID = 20
Description =

Error - 05/08/13 18:17:18 | Computer Name = Calliope | Source = Google Update | ID = 20
Description =

Error - 05/08/13 19:17:18 | Computer Name = Calliope | Source = Google Update | ID = 20
Description =

Error - 05/08/13 20:17:18 | Computer Name = Calliope | Source = Google Update | ID = 20
Description =

Error - 05/08/13 21:17:18 | Computer Name = Calliope | Source = Google Update | ID = 20
Description =

Error - 05/08/13 22:17:19 | Computer Name = Calliope | Source = Google Update | ID = 20
Description =

Error - 05/08/13 23:17:18 | Computer Name = Calliope | Source = Google Update | ID = 20
Description =

Error - 06/08/13 0:17:18 | Computer Name = Calliope | Source = Google Update | ID = 20
Description =

Error - 06/08/13 1:17:19 | Computer Name = Calliope | Source = Google Update | ID = 20
Description =

[ System Events ]
Error - 08/07/13 18:12:56 | Computer Name = Calliope | Source = Service Control Manager | ID = 7031
Description = The Windows Driver Foundation - User-mode Driver Framework service
terminated unexpectedly. It has done this 1 time(s). The following corrective
action will be taken in 120000 milliseconds: Restart the service.

Error - 08/07/13 18:12:56 | Computer Name = Calliope | Source = Service Control Manager | ID = 7031
Description = The COM+ Event System service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 1000 milliseconds:
Restart the service.

Error - 08/07/13 18:12:56 | Computer Name = Calliope | Source = Service Control Manager | ID = 7034
Description = The Function Discovery Provider Host service terminated unexpectedly.
It has done this 1 time(s).

Error - 08/07/13 18:12:56 | Computer Name = Calliope | Source = Service Control Manager | ID = 7031
Description = The Network List Service service terminated unexpectedly. It has
done this 1 time(s). The following corrective action will be taken in 100 milliseconds:
Restart the service.

Error - 08/07/13 18:12:56 | Computer Name = Calliope | Source = Service Control Manager | ID = 7031
Description = The Network Store Interface Service service terminated unexpectedly.
It has done this 1 time(s). The following corrective action will be taken in
120000 milliseconds: Restart the service.

Error - 08/07/13 18:12:56 | Computer Name = Calliope | Source = Service Control Manager | ID = 7034
Description = The Diagnostic Service Host service terminated unexpectedly. It has
done this 1 time(s).

Error - 08/07/13 18:12:56 | Computer Name = Calliope | Source = Service Control Manager | ID = 7031
Description = The Cryptographic Services service terminated unexpectedly. It has
done this 1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.

Error - 08/07/13 18:12:56 | Computer Name = Calliope | Source = Service Control Manager | ID = 7031
Description = The DNS Client service terminated unexpectedly. It has done this
1 time(s). The following corrective action will be taken in 120000 milliseconds:
Restart the service.

Error - 08/07/13 18:12:56 | Computer Name = Calliope | Source = Service Control Manager | ID = 7031
Description = The Workstation service terminated unexpectedly. It has done this
1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.

Error - 08/07/13 18:14:12 | Computer Name = Calliope | Source = EventLog | ID = 6008
Description = The previous system shutdown at 12:12:46 AM on ?7/?9/?2013 was unexpected.


< End of report >

Edited by RupturedHope, 23 September 2013 - 02:07 AM.

  • 0

Advertisements


#2
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts
Hello RupturedHope,

When you come back tell me whether you have made any changes to your computer about the time this happened. For example did you change your security program at all?

For now

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right click JRT.exe and "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

  • 0

#3
RupturedHope

RupturedHope

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
No changes. I would have rolled back with such thwartes


JRT log :

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.3 (09.27.2013:1)
OS: Windows 7 Home Premium x64
Ran by Dark on 28/09/13 at 4:43:17.78
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yourfiledownloader
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"
Successfully deleted: [Registry Key] "hkey_current_user\software\pip"



~~~ Files

Successfully deleted: [File] "C:\end"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\freerip"
Successfully deleted: [Folder] "C:\Users\Dark\AppData\Roaming\yourfiledownloader"
Successfully deleted: [Folder] "C:\Program Files (x86)\freerip"
Successfully deleted: [Folder] "C:\Program Files (x86)\yourfiledownloader"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 28/09/13 at 4:44:39.85
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Edited by RupturedHope, 28 September 2013 - 02:18 AM.

  • 0

#4
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts
Thank you. :thumbsup:

I take it the Junkware one is on the way?
  • 0

#5
RupturedHope

RupturedHope

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
Didn't realise there ought to be more than one log, so I reread your post and discovered I had not done this as administrator. Redid it as administrator, but still only got one log file :


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.3 (09.27.2013:1)
OS: Windows 7 Home Premium x64
Ran by Dark on 28/09/13 at 13:49:48.05
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 28/09/13 at 13:51:10.37
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  • 0

#6
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts
Hello RupturedHope,

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called (FRST.txt) in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run, it makes also another log (Addition.txt). Please also paste that into your reply.

  • 0

#7
RupturedHope

RupturedHope

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-09-2013 02
Ran by Dark (administrator) on CALLIOPE on 28-09-2013 20:29:18
Running from C:\Users\Dark\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
() C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe
(Realtek) C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Elaborate Bytes AG) D:\Utilities\VirtualCloneDrive\VCDDaemon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\System32\osk.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtWlan.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(RockMelt Inc.) C:\Users\Dark\AppData\Local\RockMelt\Update\1.2.189.1\RockMeltCrashHandler.exe
(Google Inc.) C:\Users\Dark\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Dark\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Dark\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Dark\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Dark\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Dark\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Dark\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Dark\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Dark\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Dark\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Dark\AppData\Local\Google\Chrome\Application\chrome.exe
(VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
(Google Inc.) C:\Users\Dark\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [6868280 2012-05-21] (Logitech Inc.)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12446824 2012-01-31] (Realtek Semiconductor)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [SoniqueQuickStart] - D:\Utilities\Sonique\sqstart.exe [44832 2012-06-09] ()
HKCU\...\Run: [RockMelt Update] - C:\Users\Dark\AppData\Local\RockMelt\Update\RockMeltUpdate.exe [136336 2012-06-11] (RockMelt Inc.)
HKCU\...\Run: [Google Update] - C:\Users\Dark\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-08-05] (Google Inc.)
HKCU\...\Run: [HydraVisionDesktopManager] - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2012-02-14] (AMD)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] - D:\Utilities\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-26] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [PSUAMain] - C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe [32736 2013-05-28] (Panda Security, S.L.)

==================== Internet (Whitelisted) ====================

BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.254
Tcpip\..\Interfaces\{8F95FE0D-B3D5-417F-8E9F-DF3AB98D3265}: [NameServer]93.182.182.93 93.182.132.32

FireFox:
========
FF ProfilePath: C:\Users\Dark\AppData\Roaming\Mozilla\Firefox\Profiles\3uy2jj20.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @java.com/DTPlugin,version=10.13.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.13.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Dark\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Dark\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @us-w1.rockmelt.com/RockMelt Update;version=8 - C:\Users\Dark\AppData\Local\RockMelt\Update\1.2.189.1\npRockMeltOneClick8.dll (RockMelt Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

Chrome:
=======
CHR HomePage: hxxp://www.google.com/ncr
CHR Extension: (Tab Expose) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ackpfhlmgjdjlohhjmbacaajbmkkklnp\2.0.5_0
CHR Extension: (Search by Image for Google\u2122) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\agdigejhabbnmfbbebmchkkjhcdjmeli\1.4_0
CHR Extension: (Hacker News - Show Full Domain) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\amenlkcfjlmchdpogjmdolblcjlcmdbp\1.0_0
CHR Extension: (Google Drive) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (Mahadev Chrome Themes) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\baliefelillknjpaabnidahiijnnmccp\2_0
CHR Extension: (Session Manager) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbcnbpafconjjigibnhbfmmgdbbkcjfi\0.4_0
CHR Extension: (Sexy Undo Close Tab) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcennaiejdjpomgmmohhpgnjlmpcjmbg\7.2.12_0
CHR Extension: (Apps list from context menu) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgeheffmcecddlippefcefgnbhmfadab\0.2_0
CHR Extension: (Adblock Plus) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0
CHR Extension: (Scroll To Top Button) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\chiikmhgllekggjhdfjhajkfdkcngplp\6.2.4_0
CHR Extension: (FeedSquares - Supercharge your Google Reader) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddkahgkblobiogkkeedfnjkldecloidi\1.4.0_0
CHR Extension: (Read Later Fast) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\decdfngdidijkdjgbknlnepdljfaepji\1.6.0_0
CHR Extension: (Gmelius - Ad Blocker and Better UI for Gmail\u2122) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\dheionainndbbpoacpnopgmnihkcmnkl\5.7.4_0
CHR Extension: (Activate Ext) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\dibkkempcomnamcffldikmhkigmpjjno\0.1.0_0
CHR Extension: (Mega Button) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehjoabpkbidaaiikahbmfebfabbchoca\1.0.6_0
CHR Extension: (Customize Menu) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\embakochaelgijbeolbbgnljfgpbeeoe\0.5.1.0_0
CHR Extension: (Black) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\eoonlphbpioekooiogpokkgbmjciceik\1.1_0
CHR Extension: (IP Geolocator) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadodjoencnnlijogpfpkmonlffhfdjp\1.3_0
CHR Extension: (Move left menu in Google Mail\u2122) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffaboanbffefiogfnldddffmhpfpagcd\1.4.5_0
CHR Extension: (Bookmarks Menu) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffmdedmghpoipeldijkdlcckdpempkdi\3.4.15_0
CHR Extension: (Clutter) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopmmgbckkdhedhndlebkfnocagpgmnc\1.0.17_0
CHR Extension: (Daemon) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdidbmjnkdnlfbmfdomopeiimkfblolf\0.1.1_0
CHR Extension: (Full Screen Flash) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\gejijbmhbanhbllpkhfojmimfolkjgdl\1.4_0
CHR Extension: (AdBlock) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.6_0
CHR Extension: (Mibbit webchat) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbadbkkklnhamjjeagmknajgmbgcmnpi\1.12_0
CHR Extension: (TweetDeck) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl\3.2.2_0
CHR Extension: (Extensions Home Page) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcbjgpfakllmhcnfmpmkhopfjmeidkan\1.2_0
CHR Extension: (AppJump App Launcher and Organizer) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\hccbinpobnjcpckmcfngmdpnbnjpmcbd\0.9.3_0
CHR Extension: (AirMech) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdahlabpinmfcemhcbcfoijcpoalfgdn\19212_0
CHR Extension: (TabJump - Intelligent Tab Navigator) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokofmgcicpnjchllaccgedmmmbbnbmf\0.7.9.2_0
CHR Extension: (ShortCuts) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iblhmendleblcobcmphbhljgkfgnjoch\0.2_0
CHR Extension: (IMG Rotate) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcoonajankpbolkgbipphpmbhefkengn\1.0.4_0
CHR Extension: (Zoho Chat) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhciionmiegecfdffhjlcfanhikpppf\1.1_0
CHR Extension: (Lock Tab) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnikalcnjojfkpleicbncjmnieimjlfe\0.8.2_0
CHR Extension: (TackyNotes) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\kepjmeignbgkeglpbdmcendkoapjkekn\2.1_0
CHR Extension: (Minecraft Wiki Searcher) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\kffllhckohamkhicfkcncgjekbbfmbji\0.3_0
CHR Extension: (Methyl) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmfkloiffecmklfldmohmlhaiicmpcch\2.0_0
CHR Extension: (TweetDeck Launcher) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmjdnkpkpnjblbgbnkeedepgnomafojk\2.0.1_0
CHR Extension: (Instant Sounds) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcgiigejdempgibflnpfbimpgjhpofpj\1_0
CHR Extension: (NewFreeScreensavers) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgdpfccfomdhboadcfaoffdebaajdkfh\2_0
CHR Extension: (Wet Banana) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljecomdaijmibecakcpjadigpfkollbh\0.4.1_0
CHR Extension: (Extensions Manager (aka Switcher)) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc\0.2.1.2_0
CHR Extension: (Download Master) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcceagdollnkjlogmdckgjakjapmkdjf\3.0.1.2_0
CHR Extension: (Badger) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\mffjibgogcfdddbofdobaognannnfgmf\1.0.1_0
CHR Extension: (Youtube Ad Free!) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\mknomlkddfakhoakpmkeleifdphdfamo\2.2.4_0
CHR Extension: (ScrewAds - Block, Skip, Remove YouTube Ads) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmbnjoljpgkhiaicaejkdcjbfjknipnc\2.1.5_0
CHR Extension: (White Noise) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\mojghcdfgefcmgfidkgcamadlmaghfcm\1.6_0
CHR Extension: (Download) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\nccjoeeljedbmkidebclpoabijggpbdp\0.1.7_0
CHR Extension: (Rename title) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncdfeghkpohnalmpblddmnppfooljekh\1.6.2_0
CHR Extension: (Diet Diary) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\neckeibmjhibmgoigmffjlihekefmffd\1.1_0
CHR Extension: (WikiPreview) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlimegchokjpodijcknpbnhphchemmjm\0.3_0
CHR Extension: (MuteTab) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmkbaaijgpppbokgnhhoakihofedkgcc\2.0.2_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0
CHR Extension: (TabCloud) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\npecfdijgoblfcgagoijgmgejmcpnhof\1.17_0
CHR Extension: (Iconized Bookmarks Popup) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\npgonnihpamikjkfckpolamefpniicak\1.8.3_0
CHR Extension: (Original Minimalist Email) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\npppajnlimcafecjepdjcijnoamopngp\1.6_0
CHR Extension: (Skip video ads on Youtube) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\oanobjfgoogmilhpmlciifoaflmojigf\0.1.1_0
CHR Extension: (Type Fu) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\okboeogmnhjpgbeaokfogelclpblaemo\2.0.0_0
CHR Extension: (Apps Pop-up) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgmfnnibdimjiijaejcjeiannembnfca\1.4_0
CHR Extension: (Send from Gmail (by Google)) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgphcomnlaojlmmcjmiddhdapjpbgeoc\1.16_0
CHR Extension: (Space Planet) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppcocpoeoiajndepaaimnnglicichmbb\1.1_0
CHR Extension: (Clearlook Scrollbar Theme) - C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppfdcmehpgiojcjgpclmfnbnpdmcmbgo\0.2.0_0
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [143120 2013-05-23] (SUPERAntiSpyware.com)
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2013-08-26] (Ellora Assets Corp.)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [109352 2013-09-22] (SurfRight B.V.)
R2 ISCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-09] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe [140768 2013-05-28] (Panda Security, S.L.)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2013-08-22] ()
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe [37344 2013-05-28] (Panda Security, S.L.)
R2 Realtek11nCU; C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek)

==================== Drivers (Whitelisted) ====================

S3 AE1000; C:\Windows\System32\DRIVERS\ae1000w7.sys [1600064 2011-06-08] (Ralink Technology Corp.)
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2011-09-21] (Asmedia Technology)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()
S3 LGPBTDD; C:\Windows\System32\Drivers\LGPBTDD.sys [30728 2009-07-01] (Logitech Inc.)
S3 Linksys_adapter_H; C:\Windows\System32\DRIVERS\AE1200w764.sys [1254464 2011-03-29] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [91368 2013-05-29] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [122088 2013-05-29] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [109288 2013-05-29] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [114920 2013-05-29] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [95464 2013-05-29] (Panda Security, S.L.)
S4 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [69864 2013-05-29] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [119016 2013-05-29] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [305896 2013-05-29] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [118504 2013-05-29] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [114920 2013-05-29] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [246504 2013-05-29] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [106216 2013-05-29] (Panda Security, S.L.)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [168680 2013-05-28] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [122088 2013-05-28] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [205544 2013-05-28] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [124648 2013-05-28] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [137448 2013-05-29] (Panda Security, S.L.)
S3 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [105704 2013-05-28] (Panda Security, S.L.)
U3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [58808 2013-04-29] (Panda Security, S.L.)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [848384 2011-02-11] (Realtek Semiconductor Corporation )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2013-09-28] ()
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-28 20:29 - 2013-09-28 20:29 - 00000000 ____D C:\FRST
2013-09-28 20:26 - 2013-09-28 20:26 - 01953880 _____ (Farbar) C:\Users\Dark\Desktop\FRST64.exe
2013-09-28 13:51 - 2013-09-28 13:51 - 00000643 _____ C:\Users\Dark\Desktop\JRT.txt
2013-09-28 13:49 - 2013-04-29 09:17 - 00058808 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2013-09-28 04:39 - 2013-09-28 04:39 - 00000000 ____D C:\Windows\ERUNT
2013-09-28 04:38 - 2013-09-28 04:38 - 01030305 _____ (Thisisu) C:\Users\Dark\Desktop\JRT.exe
2013-09-22 23:25 - 2013-09-22 23:25 - 00067920 _____ C:\Users\Dark\Desktop\Extras.Txt
2013-09-22 23:24 - 2013-09-22 23:24 - 00109036 _____ C:\Users\Dark\Desktop\OTL.Txt
2013-09-22 23:19 - 2013-09-22 23:19 - 00602112 _____ (OldTimer Tools) C:\Users\Dark\Desktop\OTL.exe
2013-09-22 22:45 - 2013-09-22 22:45 - 00000000 ____D C:\Windows\Profiles\Default
2013-09-22 21:07 - 2013-09-22 21:07 - 00001896 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2013-09-22 21:07 - 2013-09-22 21:07 - 00000000 ____D C:\Program Files\HitmanPro
2013-09-22 21:06 - 2013-09-22 21:11 - 00000000 ____D C:\ProgramData\HitmanPro
2013-09-22 18:40 - 2013-09-22 18:40 - 00000000 ____D C:\Users\Dark\Desktop\Monitor_Acer_1.0_Win7VistaXPx86x64_G225HQV
2013-09-22 18:10 - 2013-09-22 18:10 - 00001112 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-22 18:10 - 2013-09-22 18:10 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-22 18:10 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-22 09:25 - 2013-09-13 16:50 - 00000000 ____D C:\Users\Dark\Desktop\X - Rebirth Soundtrack
2013-09-22 09:25 - 2013-09-13 16:38 - 00000000 ____D C:\Users\Dark\Desktop\X3 - Albion Prelude Soundtrack
2013-09-21 00:29 - 2013-09-21 00:29 - 00000020 _____ C:\Users\Dark\Desktop\period.txt
2013-09-20 18:41 - 2013-09-20 18:41 - 00000000 ____D C:\Users\Dark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-09-19 19:09 - 2013-09-19 19:09 - 00001670 _____ C:\Users\Dark\Desktop\New Text Document.txt
2013-09-09 16:41 - 2013-09-09 23:52 - 00000000 ____D C:\Program Files (x86)\Overwolf
2013-09-09 16:40 - 2013-09-09 16:41 - 00000000 ____D C:\Users\Dark\AppData\Local\Overwolf
2013-09-05 00:42 - 2013-09-05 00:43 - 00000000 ____D C:\Users\Dark\Documents\Freemake
2013-09-05 00:42 - 2013-09-05 00:42 - 00000000 ____D C:\ProgramData\Freemake
2013-09-05 00:42 - 2013-09-05 00:42 - 00000000 ____D C:\Program Files\WinPcap
2013-09-05 00:42 - 2013-09-05 00:42 - 00000000 ____D C:\Program Files (x86)\Freemake
2013-08-29 12:37 - 2013-08-29 12:37 - 00000000 ____D C:\Users\Dark\AppData\Roaming\LolClient
2013-08-29 11:11 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2013-08-29 11:11 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2013-08-29 11:11 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2013-08-29 11:10 - 2013-09-22 19:17 - 00000000 ____D C:\Users\Dark\AppData\Local\PMB Files
2013-08-29 11:10 - 2013-09-22 19:17 - 00000000 ____D C:\ProgramData\PMB Files
2013-08-29 11:09 - 2013-08-29 11:10 - 00000000 ____D C:\Users\Dark\AppData\Roaming\Riot Games

==================== One Month Modified Files and Folders =======

2013-09-28 20:29 - 2013-09-28 20:29 - 00000000 ____D C:\FRST
2013-09-28 20:29 - 2012-06-02 17:33 - 00000000 ____D C:\Users\Dark\AppData\Roaming\vlc
2013-09-28 20:26 - 2013-09-28 20:26 - 01953880 _____ (Farbar) C:\Users\Dark\Desktop\FRST64.exe
2013-09-28 20:17 - 2012-06-11 17:12 - 00000924 _____ C:\Windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-3078208923-4164391845-252134557-1000UA.job
2013-09-28 19:48 - 2012-06-17 11:31 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-28 19:38 - 2012-08-05 09:22 - 00000904 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3078208923-4164391845-252134557-1000UA.job
2013-09-28 17:17 - 2012-06-11 17:12 - 00000872 _____ C:\Windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-3078208923-4164391845-252134557-1000Core.job
2013-09-28 13:56 - 2009-07-14 06:45 - 00021664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-28 13:56 - 2009-07-14 06:45 - 00021664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-28 13:55 - 2009-07-14 07:13 - 00778150 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-28 13:52 - 2012-05-31 08:36 - 01427664 _____ C:\Windows\WindowsUpdate.log
2013-09-28 13:51 - 2013-09-28 13:51 - 00000643 _____ C:\Users\Dark\Desktop\JRT.txt
2013-09-28 13:49 - 2013-07-23 19:54 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2013-09-28 13:49 - 2013-02-04 18:02 - 00034752 _____ C:\Windows\system32\Drivers\WPRO_41_2001.sys
2013-09-28 13:49 - 2010-11-21 05:47 - 00047192 _____ C:\Windows\PFRO.log
2013-09-28 13:49 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-28 13:49 - 2009-07-14 06:51 - 00121032 _____ C:\Windows\setupact.log
2013-09-28 04:39 - 2013-09-28 04:39 - 00000000 ____D C:\Windows\ERUNT
2013-09-28 04:39 - 2012-12-10 19:09 - 00000000 ____D C:\Users\Dark\AppData\Roaming\uTorrent
2013-09-28 04:38 - 2013-09-28 04:38 - 01030305 _____ (Thisisu) C:\Users\Dark\Desktop\JRT.exe
2013-09-28 03:38 - 2012-08-05 09:22 - 00000852 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3078208923-4164391845-252134557-1000Core.job
2013-09-27 15:20 - 2013-07-27 19:17 - 00000000 ____D C:\Users\Dark\AppData\Roaming\.minecraft
2013-09-26 05:54 - 2012-06-07 00:10 - 00000000 ____D C:\Users\Dark\AppData\Roaming\Skype
2013-09-22 23:25 - 2013-09-22 23:25 - 00067920 _____ C:\Users\Dark\Desktop\Extras.Txt
2013-09-22 23:24 - 2013-09-22 23:24 - 00109036 _____ C:\Users\Dark\Desktop\OTL.Txt
2013-09-22 23:19 - 2013-09-22 23:19 - 00602112 _____ (OldTimer Tools) C:\Users\Dark\Desktop\OTL.exe
2013-09-22 22:45 - 2013-09-22 22:45 - 00000000 ____D C:\Windows\Profiles\Default
2013-09-22 21:11 - 2013-09-22 21:06 - 00000000 ____D C:\ProgramData\HitmanPro
2013-09-22 21:07 - 2013-09-22 21:07 - 00001896 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2013-09-22 21:07 - 2013-09-22 21:07 - 00000000 ____D C:\Program Files\HitmanPro
2013-09-22 20:39 - 2013-07-09 13:15 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-09-22 20:38 - 2013-07-09 13:11 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
2013-09-22 20:37 - 2012-06-02 17:38 - 00000000 ____D C:\Users\Dark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Utilities
2013-09-22 19:17 - 2013-08-29 11:10 - 00000000 ____D C:\Users\Dark\AppData\Local\PMB Files
2013-09-22 19:17 - 2013-08-29 11:10 - 00000000 ____D C:\ProgramData\PMB Files
2013-09-22 18:40 - 2013-09-22 18:40 - 00000000 ____D C:\Users\Dark\Desktop\Monitor_Acer_1.0_Win7VistaXPx86x64_G225HQV
2013-09-22 18:10 - 2013-09-22 18:10 - 00001112 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-22 18:10 - 2013-09-22 18:10 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-21 00:29 - 2013-09-21 00:29 - 00000020 _____ C:\Users\Dark\Desktop\period.txt
2013-09-20 23:54 - 2012-09-04 23:32 - 00000000 ___RD C:\Users\Dark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-09-20 23:54 - 2012-05-31 08:35 - 00000000 ____D C:\Users\Dark
2013-09-20 18:41 - 2013-09-20 18:41 - 00000000 ____D C:\Users\Dark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-09-19 19:09 - 2013-09-19 19:09 - 00001670 _____ C:\Users\Dark\Desktop\New Text Document.txt
2013-09-15 14:02 - 2013-04-15 11:46 - 00000000 ____D C:\Users\Dark\Desktop\Calvin Harris Feat. Ellie Goulding - I Need Your Love
2013-09-13 16:50 - 2013-09-22 09:25 - 00000000 ____D C:\Users\Dark\Desktop\X - Rebirth Soundtrack
2013-09-13 16:38 - 2013-09-22 09:25 - 00000000 ____D C:\Users\Dark\Desktop\X3 - Albion Prelude Soundtrack
2013-09-11 16:29 - 2012-12-10 19:11 - 00000000 ____D C:\Program Files (x86)\uTorrent
2013-09-11 01:48 - 2012-06-17 11:31 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-11 01:48 - 2012-06-07 07:38 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-11 01:48 - 2012-06-07 07:38 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-09 23:52 - 2013-09-09 16:41 - 00000000 ____D C:\Program Files (x86)\Overwolf
2013-09-09 16:41 - 2013-09-09 16:40 - 00000000 ____D C:\Users\Dark\AppData\Local\Overwolf
2013-09-09 13:07 - 2012-06-02 11:52 - 00274582 _____ C:\Windows\DirectX.log
2013-09-05 00:43 - 2013-09-05 00:42 - 00000000 ____D C:\Users\Dark\Documents\Freemake
2013-09-05 00:42 - 2013-09-05 00:42 - 00000000 ____D C:\ProgramData\Freemake
2013-09-05 00:42 - 2013-09-05 00:42 - 00000000 ____D C:\Program Files\WinPcap
2013-09-05 00:42 - 2013-09-05 00:42 - 00000000 ____D C:\Program Files (x86)\Freemake
2013-09-02 19:37 - 2013-06-26 09:33 - 00000000 ____D C:\foto's Jw
2013-09-02 19:12 - 2012-06-30 10:24 - 00000000 ____D C:\Users\Dark\AppData\Roaming\dvdcss
2013-08-29 12:37 - 2013-08-29 12:37 - 00000000 ____D C:\Users\Dark\AppData\Roaming\LolClient
2013-08-29 11:10 - 2013-08-29 11:09 - 00000000 ____D C:\Users\Dark\AppData\Roaming\Riot Games

Some content of TEMP:
====================
C:\Users\Dark\AppData\Local\Temp\COMAP.EXE
C:\Users\Dark\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Dark\AppData\Local\Temp\drm_dyndata_7380006.dll
C:\Users\Dark\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\Dark\AppData\Local\Temp\FreemakeVideoDownloader_3.5.4.0.exe
C:\Users\Dark\AppData\Local\Temp\htmlayout.dll
C:\Users\Dark\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\Dark\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Dark\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Dark\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Dark\AppData\Local\Temp\sonarinst.exe
C:\Users\Dark\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Dark\AppData\Local\Temp\tmp2878.exe
C:\Users\Dark\AppData\Local\Temp\tmp4684.exe
C:\Users\Dark\AppData\Local\Temp\tmp4A4C.exe
C:\Users\Dark\AppData\Local\Temp\tmp4BD3.exe
C:\Users\Dark\AppData\Local\Temp\Uninstall.exe
C:\Users\Dark\AppData\Local\Temp\uninstall31820927.exe
C:\Users\Dark\AppData\Local\Temp\utt3DE6.tmp.exe
C:\Users\Dark\AppData\Local\Temp\vlc-2.0.5-win32.exe
C:\Users\Dark\AppData\Local\Temp\vlc-2.0.6-win32.exe
C:\Users\Dark\AppData\Local\Temp\vlc-2.0.7-win32.exe
C:\Users\Dark\AppData\Local\Temp\vlc-2.0.8-win32.exe
C:\Users\Dark\AppData\Local\Temp\_is7B67.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-21 04:48

==================== End Of Log ============================



Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-09-2013 02
Ran by Dark at 2013-09-28 20:29:46
Running from C:\Users\Dark\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Panda Cloud Antivirus (Enabled - Up to date) {3456760B-FDAA-FFFD-06C2-7BB528D2066C}
AS: Panda Cloud Antivirus (Enabled - Up to date) {8F3797EF-DB90-F073-3C72-40C753554CD1}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Cloud Antivirus Firewall (Disabled) {0C6DF72E-B7C5-FEA5-2D9D-D280D6014117}

==================== Installed Programs ======================

µTorrent (HKCU Version: 3.3.1.30017)
µTorrent (x32 Version: 3.3.0.29625)
Adobe AIR (x32 Version: 3.4.0.2540)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)
Adobe Reader X (10.1.8) (x32 Version: 10.1.8)
AION Free-to-Play version 1.0 (x32 Version: 1.0)
AirMech (x32)
AMD Accelerated Video Transcoding (Version: 12.5.100.21219)
AMD APP SDK Runtime (Version: 10.0.1084.4)
AMD AVIVO64 Codecs (Version: 12.3.103.20214)
AMD Catalyst Install Manager (Version: 8.0.903.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.71219.1540)
Asmedia ASM104x USB 3.0 Host Controller Driver (x32 Version: 1.10.1.0)
Asmedia ASM106x SATA Host Controller Driver (x32)
ASRock App Charger v1.0.5
ASUS VGA Driver (x32 Version: 3.0.0.1)
Bass Audio Decoder (remove only) (x32)
Battlefield 3™ (x32 Version: 1.6.0.0)
Battlelog Web Plugins (x32 Version: 2.1.7)
Broadcom NetLink Controller (Version: 14.8.5.1)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center (x32 Version: 2012.1219.1521.27485)
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1219.1521.27485)
Catalyst Control Center InstallProxy (x32 Version: 2012.1219.1521.27485)
Catalyst Control Center Localization All (x32 Version: 2012.1219.1521.27485)
CCC Help Chinese Standard (x32 Version: 2012.1219.1520.27485)
CCC Help Chinese Traditional (x32 Version: 2012.1219.1520.27485)
CCC Help Czech (x32 Version: 2012.1219.1520.27485)
CCC Help Danish (x32 Version: 2012.1219.1520.27485)
CCC Help Dutch (x32 Version: 2012.1219.1520.27485)
CCC Help English (x32 Version: 2012.1219.1520.27485)
CCC Help Finnish (x32 Version: 2012.1219.1520.27485)
CCC Help French (x32 Version: 2012.1219.1520.27485)
CCC Help German (x32 Version: 2012.1219.1520.27485)
CCC Help Greek (x32 Version: 2012.1219.1520.27485)
CCC Help Hungarian (x32 Version: 2012.1219.1520.27485)
CCC Help Italian (x32 Version: 2012.1219.1520.27485)
CCC Help Japanese (x32 Version: 2012.1219.1520.27485)
CCC Help Korean (x32 Version: 2012.1219.1520.27485)
CCC Help Norwegian (x32 Version: 2012.1219.1520.27485)
CCC Help Polish (x32 Version: 2012.1219.1520.27485)
CCC Help Portuguese (x32 Version: 2012.1219.1520.27485)
CCC Help Russian (x32 Version: 2012.1219.1520.27485)
CCC Help Spanish (x32 Version: 2012.1219.1520.27485)
CCC Help Swedish (x32 Version: 2012.1219.1520.27485)
CCC Help Thai (x32 Version: 2012.1219.1520.27485)
CCC Help Turkish (x32 Version: 2012.1219.1520.27485)
ccc-utility64 (Version: 2012.1219.1521.27485)
Cisco EAP-FAST Module (x32 Version: 2.2.14)
Cisco LEAP Module (x32 Version: 1.0.19)
Cisco PEAP Module (x32 Version: 1.1.6)
Command & Conquer The First Decade (x32 Version: 1.00.0000)
Command & Conquer™ Red Alert™ 3 Uprising (x32 Version: 1.0.1.0)
Curse Client (HKCU Version: 5.1.1.644)
Diablo III (x32 Version: 1.0.8.16603)
End of Nations Alpha (x32 Version: 1.0.0.0)
ESN Sonar (x32 Version: 0.70.4)
Fallout 3 (x32 Version: 1.00.0000)
ffdshow v1.2.4453 [2012-05-21] (x32 Version: 1.2.4453.0)
Firefall (x32)
Freemake Video Downloader (x32 Version: 3.5.4)
FreeRIP MP3 Converter 4.3 (x32 Version: 4.3)
Futuremark SystemInfo (x32 Version: 4.6.0)
Gameforge Live 1.4.0 "Legend" (x32 Version: 1.4.0)
GIMP 2.8.2 (Version: 2.8.2)
Google Chrome (HKCU Version: 29.0.1547.76)
HeidiSQL 8.0.0.4396 (x32 Version: 8.0)
HitmanPro 3.7 (Version: 3.7.7.205)
HydraVision (x32 Version: 4.2.230.0)
inSSIDer (x32 Version: 2.1.6)
Intel® Control Center (x32 Version: 1.2.1.1007)
Intel® OpenCL CPU Runtime (x32)
Intel® Processor Graphics (x32 Version: 8.15.10.2618)
Intel® Rapid Storage Technology (x32 Version: 11.0.0.1032)
Intel® Smart Connect Technology 2.0 x64 (Version: 2.0.1083.0)
Intel® USB 3.0 eXtensible Host Controller Driver (x32 Version: 1.0.3.214)
Java 7 Update 13 (64-bit) (Version: 7.0.130)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
JavaFX 2.1.1 (x32 Version: 2.1.1)
League of Legends (x32 Version: 3.0.1)
LEGO Racers (x32)
LEGO Racers 2 (x32)
Logitech Gaming Software (Version: 8.30.86)
Logitech Gaming Software 8.30 (Version: 8.30.86)
MakeMKV v1.8.0 (x32 Version: v1.8.0)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Mass Effect (x32 Version: 1.00)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Expression Encoder 4 (x32 Version: 4.0.3205.0)
Microsoft Expression Encoder 4 Screen Capture Codec (x32 Version: 4.0.3205.0)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0)
Microsoft Silverlight (x32 Version: 5.1.10411.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (x32 Version: 9.0.30411)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft XNA Framework Redistributable 4.0 (x32 Version: 4.0.20823.0)
Mozilla Firefox 22.0 (x86 en-US) (x32 Version: 22.0)
Mozilla Maintenance Service (x32 Version: 22.0)
MPC-HC 1.6.6.6957 (3975d54) (64-bit) (Version: 1.6.6.6957)
MySQL Tools for 5.0 (x32 Version: 5.0.17)
Nero 11 v11.2.4.100 (x64) (Version: 11.2.4.100)
Network Stumbler 0.4.0 (remove only) (x32)
OpenOffice.org 3.4 (x32 Version: 3.4.9590)
Opera 12.16 (x32 Version: 12.16.1860)
Origin (x32 Version: 9.3.1.4482)
Panda Cloud Antivirus (Version: 6.02.00.0000)
Panda Cloud Antivirus (x32 Version: 02.02.00.0000)
Pando Media Booster (x32 Version: 2.6.0.7)
Pidgin (x32 Version: 2.10.6)
Populous (x32 Version: 1.0.0.0)
PowerISO (x32 Version: 4.7)
PunkBuster Services (x32 Version: 0.991)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6559)
REALTEK Wireless LAN Driver and Utility (x32 Version: 1.00.0179)
Recuva (Version: 1.47)
RIFT (HKCU)
RockMelt (HKCU Version: 0.16.91.483)
Sid Meier's Civilization 4 (x32 Version: 1.00.0000)
Silent Hunter III (x32)
Skype™ 6.6 (x32 Version: 6.6.106)
Sniper Elite V2 (x32)
Sniper Ghost Warrior (x32)
Sonique (x32)
SpywareBlaster 5.0 (x32 Version: 5.0.0)
SQLRestore (x32)
SRWare Iron version SRWare Iron 27.0.1500.0 (x32 Version: SRWare Iron 27.0.1500.0)
Star Trek Online (x32)
StarCraft II (x32 Version: 2.0.9.26147)
Steam (x32 Version: 1.0.0.0)
SUPERAntiSpyware (Version: 5.6.1020)
TeamSpeak 3 Client (Version: 3.0.12)
TeamViewer 7 (x32 Version: 7.0.15723)
TERA (x32 Version: 16.04)
Terraria (x32)
Ventrilo Client for Windows x64 (Version: 3.0.8.0)
VirtualCloneDrive (x32)
Visual Studio 2008 x64 Redistributables (x32 Version: 10.0.0.2)
VLC media player 2.0.8 (x32 Version: 2.0.8)
Winamp (x32 Version: 5.623 )
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Phone app for desktop (x32 Version: 1.0.1720.1)
WinPcap 4.1.2 (x32 Version: 4.1.0.2001)
WinRAR 4.00 (64-bit) (Version: 4.00.0)
World of Warcraft (x32 Version: 5.2.0.16769)
X3: Albion Prelude (x32)
X3: Terran Conflict (x32)
XAMPP (x32 Version: 1.8.2-0)
XCC Utilities 1.47 (x32)
Xiph.Org Open Codecs 0.85.17777 (x32 Version: 0.85.17777)

==================== Restore Points =========================

09-09-2013 11:07:33 Installed DirectX
09-09-2013 21:46:04 Removed Overwolf
17-09-2013 19:24:11 Scheduled Checkpoint
22-09-2013 16:41:52 Device Driver Package Install: ACER Monitors

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {01632409-F4A8-4BC7-8404-C06CD45E6DD2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3078208923-4164391845-252134557-1000Core => C:\Users\Dark\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-05] (Google Inc.)
Task: {6734E6D6-14B7-417D-B20E-C01208BB1B29} - System32\Tasks\RockMeltUpdateTaskUserS-1-5-21-3078208923-4164391845-252134557-1000UA => C:\Users\Dark\AppData\Local\RockMelt\Update\RockMeltUpdate.exe [2012-06-11] (RockMelt Inc.)
Task: {72ED6EB0-8A55-4A0F-A8ED-61E931C0E34E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-11] (Adobe Systems Incorporated)
Task: {806EC7EF-0634-444E-8CE5-F587285745A3} - System32\Tasks\YourFile DownloaderUpdate => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe
Task: {BFE15F91-EB53-445B-B7D3-6B901826E5B4} - System32\Tasks\RockMeltUpdateTaskUserS-1-5-21-3078208923-4164391845-252134557-1000Core => C:\Users\Dark\AppData\Local\RockMelt\Update\RockMeltUpdate.exe [2012-06-11] (RockMelt Inc.)
Task: {E1FB68DC-B76F-4C42-904F-5FC49DEB5C95} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3078208923-4164391845-252134557-1000UA => C:\Users\Dark\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-05] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3078208923-4164391845-252134557-1000Core.job => C:\Users\Dark\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3078208923-4164391845-252134557-1000UA.job => C:\Users\Dark\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-3078208923-4164391845-252134557-1000Core.job => C:\Users\Dark\AppData\Local\RockMelt\Update\RockMeltUpdate.exe
Task: C:\Windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-3078208923-4164391845-252134557-1000UA.job => C:\Users\Dark\AppData\Local\RockMelt\Update\RockMeltUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-05-31 08:44 - 2012-01-05 11:24 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-06-02 11:55 - 2011-03-02 12:40 - 00164864 ____C () D:\Utilities\WinRAR\rarext.dll
2013-04-12 19:23 - 2013-04-12 19:23 - 00612664 _____ () C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\SQLite3.dll
2012-12-04 16:49 - 2009-12-09 22:20 - 00126976 _____ () C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\EnumDevLib.dll
2012-12-04 16:50 - 2011-07-15 12:03 - 00693760 ____R () C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\P2PLib.dll
2013-02-04 17:55 - 2013-02-04 17:55 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\a21ece5c049c9f429756fd1a3fe55ccd\IsdiInterop.ni.dll
2012-05-31 21:01 - 2011-11-29 21:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2013-09-19 20:39 - 2013-09-17 05:20 - 00709584 _____ () C:\Users\Dark\AppData\Local\Google\Chrome\Application\29.0.1547.76\libglesv2.dll
2013-09-19 20:39 - 2013-09-17 05:20 - 00099792 _____ () C:\Users\Dark\AppData\Local\Google\Chrome\Application\29.0.1547.76\libegl.dll
2013-09-19 20:39 - 2013-09-17 05:21 - 04053456 _____ () C:\Users\Dark\AppData\Local\Google\Chrome\Application\29.0.1547.76\pdf.dll
2013-09-19 20:39 - 2013-09-17 05:21 - 00410576 _____ () C:\Users\Dark\AppData\Local\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll
2013-09-19 20:39 - 2013-09-17 05:20 - 01604560 _____ () C:\Users\Dark\AppData\Local\Google\Chrome\Application\29.0.1547.76\ffmpegsumo.dll
2013-09-19 20:39 - 2013-09-17 05:21 - 13611984 _____ () C:\Users\Dark\AppData\Local\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:5C321E34

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"

==================== Faulty Device Manager Devices =============

Name: High Definition Audio Controller
Description: High Definition Audio Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HDAudBus
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/28/2013 08:17:14 PM) (Source: Google Update) (User: Calliope)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://us-w1.rockmelt.com/update/1.0/update
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072

Error: (09/28/2013 07:17:14 PM) (Source: Google Update) (User: Calliope)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://us-w1.rockmelt.com/update/1.0/update
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072

Error: (09/28/2013 06:17:14 PM) (Source: Google Update) (User: Calliope)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://us-w1.rockmelt.com/update/1.0/update
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072

Error: (09/28/2013 05:17:16 PM) (Source: Google Update) (User: Calliope)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://us-w1.rockmelt.com/update/1.0/update
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072

Error: (09/28/2013 04:23:08 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (09/28/2013 04:17:14 PM) (Source: Google Update) (User: Calliope)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://us-w1.rockmelt.com/update/1.0/update
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072

Error: (09/28/2013 03:17:14 PM) (Source: Google Update) (User: Calliope)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://us-w1.rockmelt.com/update/1.0/update
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072

Error: (09/28/2013 02:17:15 PM) (Source: Google Update) (User: Calliope)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://us-w1.rockmelt.com/update/1.0/update
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072


System errors:
=============

Microsoft Office Sessions:
=========================
Error: (09/28/2013 08:17:14 PM) (Source: Google Update)(User: Calliope)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://us-w1.rockmelt.com/update/1.0/update
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072

Error: (09/28/2013 07:17:14 PM) (Source: Google Update)(User: Calliope)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://us-w1.rockmelt.com/update/1.0/update
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072

Error: (09/28/2013 06:17:14 PM) (Source: Google Update)(User: Calliope)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://us-w1.rockmelt.com/update/1.0/update
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072

Error: (09/28/2013 05:17:16 PM) (Source: Google Update)(User: Calliope)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://us-w1.rockmelt.com/update/1.0/update
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072

Error: (09/28/2013 04:23:08 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"D:\Utilities\Winamp\Plugins\gen_G15Display.dll

Error: (09/28/2013 04:17:14 PM) (Source: Google Update)(User: Calliope)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://us-w1.rockmelt.com/update/1.0/update
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072

Error: (09/28/2013 03:17:14 PM) (Source: Google Update)(User: Calliope)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://us-w1.rockmelt.com/update/1.0/update
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072

Error: (09/28/2013 02:17:15 PM) (Source: Google Update)(User: Calliope)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://us-w1.rockmelt.com/update/1.0/update
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072


==================== Memory info ===========================

Percentage of memory in use: 26%
Total physical RAM: 8086.38 MB
Available physical RAM: 5912.94 MB
Total Pagefile: 16170.96 MB
Available Pagefile: 13338.13 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: (SSD) (Fixed) (Total:119.14 GB) (Free:19.77 GB) NTFS
Drive d: (HDD) (Fixed) (Total:1863.01 GB) (Free:779.54 GB) NTFS
Drive e: (HDD2) (Fixed) (Total:1863.01 GB) (Free:90.22 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: AE46A490)
Partition 1: (Not Active) - (Size=-198626508800) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: EA7C6075)
Partition 1: (Not Active) - (Size=-198626508800) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: D0F081FC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119 GB) - (Type=07 NTFS)

==================== End Of Log ============================
  • 0

#8
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts
Please run OTL.exe

  • Under the Custom Scans/Fixes box at the bottom, copy and paste the content of the quote box below:

    :Files
    ipconfig /flushdns /c

    :Commands
    [resethosts]
    [emptytemp]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • It will produce a log for you on reboot, please post that log in your next reply.The log is saved in the same location as OTL.
After that

Please download Security Check by screen317 from here .

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
So when you return please post
  • OTL fix txt
  • checkup.txt

  • 0

#9
RupturedHope

RupturedHope

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
09282013_221935.log

All processes killed
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Dark\Desktop\cmd.bat deleted successfully.
C:\Users\Dark\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Dark
->Temp folder emptied: 913003909 bytes
->Temporary Internet Files folder emptied: 61408975 bytes
->Java cache emptied: 147614 bytes
->FireFox cache emptied: 269228973 bytes
->Google Chrome cache emptied: 279769985 bytes
->Opera cache emptied: 57399285 bytes
->Flash cache emptied: 15526679 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56504 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 94656 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 12322288 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67697 bytes
RecycleBin emptied: 57781725 bytes

Total Files Cleaned = 1,590.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 09282013_221935

Files\Folders moved on Reboot...
C:\Windows\SysNative\WPRO_41_2001woem.tmp moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...



checkup.txt

Results of screen317's Security Check version 0.99.73
Windows 7 Service Pack 1 x64 (UAC is disabled!)
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Windows Firewall Disabled!
Panda Cloud Antivirus
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
SpywareBlaster 5.0
Malwarebytes Anti-Malware version 1.75.0.1300
JavaFX 2.1.1
Java 7 Update 25
Adobe Flash Player 11.8.800.168
Adobe Reader 10.1.8 Adobe Reader out of Date!
Mozilla Firefox 22.0 Firefox out of Date!
Google Chrome 29.0.1547.66
Google Chrome 29.0.1547.76
````````Process Check: objlist.exe by Laurent````````
Panda Security Panda Cloud Antivirus PSANHost.exe
Panda Security Panda Cloud Antivirus PSUAService.exe
Panda Security Panda Cloud Antivirus PSUAMain.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 20% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````
  • 0

#10
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts
Your Firefox browser is out of date. If you use it then go to Help > About Firefox and it will check for updates.

If you don't use it then you may as well uninstall it.

Step 2

Your Adobe Acrobat Reader is out of date. Older versions are vunerable to attack.

Please go to the link below to update.

Note: Before you download ensure you uncheck the "Yes install Chrome as default browser and Google Toolbar for Internet Explorer" or any other third party software option. That is foistware.

http://www.adobe.com.../readstep2.html

Note: From time to time software suppliers change the foistware options so it may not show the one quoted in the instructions above. Just take care to untick any boxes offering an option to download or install any other program.

Next

Care: Do not download and use if your hard drive is SSD (Solid State Disk).


Providing you hard drive is not SSD please download Auslogics Disk Defrag and save it to your Desktop.

Double click and follow the prompts to install it. Note: only install the defrag utility. Some versions come with Askbar toolbars... do not install those or any other foistware that might be promoted.

Once installed, run the defrag utility.

At the end the utility may tell you that it has found Junk Files and recommend that you run a scan to remove. Disregard that suggestion, it is a promotion of a tool you don't need. All we are interested in here is the defrag. process.

Note: Do not download Windows Registry Cleaner which is promoted at the same site.

After that

How to run Chkdsk in Vista:

  • Right click on the Start > Explore.
  • Select the hard drive letter (usually local disk C) for which you want to run the Chkdsk utility.
  • Right-click on the driver letter and select Properties > Tools.
  • Under the Error-Checking section of the window, click the Check Now button. If you have User Account Controls enabled, a window will pop up asking permission to continue. Click Continue.
  • Click to have Chkdsk Automatically fix file system errors and to Scan for and attempt recovery of bad sectors.
  • Click Start.

Chkdsk will not run if the drive you wish to check is in use. You will requested to schedule Chkdsk. Click Schedule Check Disk, it then will run the next time you boot your computer. Turn off the computer and then turn it back on, Chkdsk will run.

Finally in this post

  • Close all windows and open OTL again.
  • Click Run Scan and let the program run uninterrupted
  • It will produce a log for you. Post the log here.

  • 0

Advertisements


#11
RupturedHope

RupturedHope

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
I've updated FF & Adobe, but had to queue the checkdisk operation on my three disks for tonight while I sleep.
  • 0

#12
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts
No problem catch you tomorrow.

By the way did you look at the defrag? You C: drive is showing at 20% fragmentation which is very high.

I guess if you have an SSD hard drive you won't be able to do it but if not, it should make a difference.
  • 0

#13
RupturedHope

RupturedHope

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
My C's an SSD, so I skipped that part. :thumbsup:
  • 0

#14
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts
:thumbsup:
  • 0

#15
RupturedHope

RupturedHope

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
The scan of my two large drives took more than all night, i had to cancel to be able to post.
I will be queing one of them for scanning tonight, but if that takes longer than the night I'll just unhook the two media drives for the purposes of this diagnosis.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP