This topic is locked
I have a strange issue with my download speed that started out of the blue today just before I started playing LoL. At first I assumed the servers were busy, but once I alttabbed and looked at speedtest.nl, it turned out I had suddenly dropped to .7Mbit down, while up was unaffected. I grabbed my laptop, and it had no issues. I ran MBAM SB and HMP, to no avail. They did mention Conduit.A and one other PUP, but after the first removal they did not return. No other issues popped up, so I'm completely at a loss.
OTL log :
OTL logfile created on: 22/09/13 23:21:43 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dark\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd/MM/yy
7.90 Gb Total Physical Memory | 6.24 Gb Available Physical Memory | 79.00% Memory free
15.79 Gb Paging File | 13.65 Gb Available in Paging File | 86.47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119.14 Gb Total Space | 21.40 Gb Free Space | 17.96% Space Free | Partition Type: NTFS
Drive D: | 1863.01 Gb Total Space | 779.85 Gb Free Space | 41.86% Space Free | Partition Type: NTFS
Drive E: | 1863.01 Gb Total Space | 99.33 Gb Free Space | 5.33% Space Free | Partition Type: NTFS
Computer Name: CALLIOPE | User Name: Dark | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/09/22 23:19:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dark\Desktop\OTL.exe
PRC - [2013/08/26 04:13:08 | 000,009,216 | ---- | M] (Ellora Assets Corp.) -- C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
PRC - [2013/05/28 11:42:24 | 000,037,344 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe
PRC - [2013/05/28 11:42:23 | 000,032,736 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe
PRC - [2013/05/28 11:20:15 | 000,140,768 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe
PRC - [2012/01/26 19:40:44 | 000,291,608 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2011/11/29 21:04:56 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
========== Modules (No Company Name) ==========
MOD - [2013/09/17 05:21:27 | 000,410,576 | ---- | M] () -- C:\Users\Dark\AppData\Local\Google\Chrome\Application\29.0.1547.76\ppgooglenaclpluginchrome.dll
MOD - [2013/09/17 05:21:26 | 013,611,984 | ---- | M] () -- C:\Users\Dark\AppData\Local\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll
MOD - [2013/09/17 05:21:25 | 004,053,456 | ---- | M] () -- C:\Users\Dark\AppData\Local\Google\Chrome\Application\29.0.1547.76\pdf.dll
MOD - [2013/09/17 05:20:34 | 000,709,584 | ---- | M] () -- C:\Users\Dark\AppData\Local\Google\Chrome\Application\29.0.1547.76\libglesv2.dll
MOD - [2013/09/17 05:20:33 | 000,099,792 | ---- | M] () -- C:\Users\Dark\AppData\Local\Google\Chrome\Application\29.0.1547.76\libegl.dll
MOD - [2013/09/17 05:20:31 | 001,604,560 | ---- | M] () -- C:\Users\Dark\AppData\Local\Google\Chrome\Application\29.0.1547.76\ffmpegsumo.dll
========== Services (SafeList) ==========
SRV:64bit: - [2013/09/22 21:07:10 | 000,109,352 | ---- | M] (SurfRight B.V.) [Auto | Stopped] -- C:\Program Files\HitmanPro\hmpsched.exe -- (HitmanProScheduler)
SRV:64bit: - [2013/05/23 22:12:02 | 000,143,120 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV:64bit: - [2012/12/19 21:56:00 | 000,240,640 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012/02/09 17:26:48 | 000,133,632 | ---- | M] () [Auto | Running] -- C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe -- (ISCTAgent)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/09/11 01:48:14 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/08/26 04:13:08 | 000,009,216 | ---- | M] (Ellora Assets Corp.) [Auto | Running] -- C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe -- (FreemakeVideoCapture)
SRV - [2013/08/22 13:11:11 | 000,075,136 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013/07/09 06:41:31 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/06/21 09:53:36 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/05/28 11:42:24 | 000,037,344 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe -- (PSUAService)
SRV - [2013/05/28 11:20:15 | 000,140,768 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe -- (NanoServiceMain)
SRV - [2013/05/10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/10/23 11:47:48 | 002,848,168 | ---- | M] (TeamViewer GmbH) [Auto | Stopped] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012/01/12 08:24:26 | 000,274,200 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2011/12/09 14:39:52 | 000,135,584 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2011/11/29 21:04:56 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011/03/16 10:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/04/16 17:10:58 | 000,036,864 | ---- | M] (Realtek) [Auto | Stopped] -- C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe -- (Realtek11nCU)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013/09/22 22:52:23 | 000,034,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WPRO_41_2001.sys -- (WPRO_41_2001)
DRV:64bit: - [2013/05/29 17:16:45 | 000,137,448 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\PSINProt.sys -- (PSINProt)
DRV:64bit: - [2013/05/29 05:55:24 | 000,246,504 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NNSStrm.sys -- (NNSSTRM)
DRV:64bit: - [2013/05/29 05:55:24 | 000,106,216 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NNStlsc.sys -- (NNSTLSC)
DRV:64bit: - [2013/05/29 05:55:23 | 000,118,504 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NNSPrv.sys -- (NNSPRV)
DRV:64bit: - [2013/05/29 05:55:23 | 000,114,920 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NNSSmtp.sys -- (NNSSMTP)
DRV:64bit: - [2013/05/29 05:55:22 | 000,305,896 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NNSProt.sys -- (NNSPROT)
DRV:64bit: - [2013/05/29 05:55:22 | 000,119,016 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NNSPop3.sys -- (NNSPOP3)
DRV:64bit: - [2013/05/29 05:55:22 | 000,069,864 | ---- | M] (Panda Security, S.L.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\NNSPihsw.sys -- (NNSPIHSW)
DRV:64bit: - [2013/05/29 05:55:21 | 000,114,920 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NNSIds.sys -- (NNSIDS)
DRV:64bit: - [2013/05/29 05:55:21 | 000,109,288 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NNSHttps.sys -- (NNSHTTPS)
DRV:64bit: - [2013/05/29 05:55:21 | 000,095,464 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NNSpicc.sys -- (NNSPICC)
DRV:64bit: - [2013/05/29 05:55:20 | 000,122,088 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NNSHttp.sys -- (NNSHTTP)
DRV:64bit: - [2013/05/29 05:55:20 | 000,091,368 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NNSAlpc.sys -- (NNSALPC)
DRV:64bit: - [2013/05/28 11:25:41 | 000,105,704 | ---- | M] (Panda Security, S.L.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PSINReg.sys -- (PSINReg)
DRV:64bit: - [2013/05/28 11:25:40 | 000,205,544 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\PSINKNC.sys -- (PSINKNC)
DRV:64bit: - [2013/05/28 11:25:40 | 000,124,648 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\PSINProc.sys -- (PSINProc)
DRV:64bit: - [2013/05/28 11:25:05 | 000,122,088 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\PSINFile.sys -- (PSINFile)
DRV:64bit: - [2013/05/28 11:25:04 | 000,168,680 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\PSINAflt.sys -- (PSINAflt)
DRV:64bit: - [2013/04/29 09:17:30 | 000,058,808 | ---- | M] (Panda Security, S.L.) [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\PSKMAD.sys -- (PSKMAD)
DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/12/19 22:48:48 | 011,278,336 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/12/19 21:32:54 | 000,552,960 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/11/06 13:11:52 | 000,096,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012/07/17 19:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/02/09 17:24:16 | 000,044,992 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ISCTD64.sys -- (ISCT)
DRV:64bit: - [2012/02/09 17:24:16 | 000,025,536 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\imsevent.sys -- (imsevent)
DRV:64bit: - [2012/02/09 17:24:14 | 000,025,536 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ikbevent.sys -- (ikbevent)
DRV:64bit: - [2012/01/26 19:39:34 | 000,787,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012/01/26 19:39:34 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012/01/26 19:39:34 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012/01/05 13:36:54 | 014,652,768 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/12/05 21:23:08 | 000,331,264 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011/11/29 19:40:32 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/09/21 17:56:24 | 000,049,760 | ---- | M] (Asmedia Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\asahci64.sys -- (asahci64)
DRV:64bit: - [2011/07/22 18:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 23:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/06/08 10:41:16 | 001,600,064 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ae1000w7.sys -- (AE1000)
DRV:64bit: - [2011/05/10 17:28:48 | 000,017,192 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AsrAppCharger.sys -- (AsrAppCharger)
DRV:64bit: - [2011/05/09 21:42:14 | 000,425,000 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2011/04/11 21:01:00 | 000,341,832 | ---- | M] (Logitech) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ladfGSRamd64.sys -- (LADF_RenderOnly)
DRV:64bit: - [2011/04/11 21:00:18 | 000,410,184 | ---- | M] (Logitech) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ladfGSCamd64.sys -- (LADF_CaptureOnly)
DRV:64bit: - [2011/03/29 18:15:00 | 001,254,464 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AE1200w764.sys -- (Linksys_adapter_H)
DRV:64bit: - [2011/03/04 17:00:14 | 000,390,632 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011/03/04 17:00:14 | 000,126,952 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011/02/11 23:23:34 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (npf)
DRV:64bit: - [2011/02/11 03:36:14 | 000,848,384 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL8192cu.sys -- (RTL8192cu)
DRV:64bit: - [2011/01/15 18:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2010/12/17 00:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010/11/21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 05:23:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010/11/21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/21 05:23:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/04/12 10:55:00 | 000,091,568 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2009/11/24 02:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009/11/24 02:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009/11/18 01:12:00 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/01 20:54:54 | 000,030,728 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGPBTDD.sys -- (LGPBTDD)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.7: C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Dark\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Dark\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@us-w1.rockmelt.com/RockMelt Update;version=8: C:\Users\Dark\AppData\Local\RockMelt\Update\1.2.189.1\npRockMeltOneClick8.dll (RockMelt Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2013/05/29 22:49:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dark\AppData\Roaming\Mozilla\Extensions
[2013/07/09 06:41:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/07/09 06:41:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/07/09 06:41:31 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
========== Chrome ==========
CHR - default_search_provider: Google NCR (Enabled)
CHR - default_search_provider: search_url = http://www.google.co...q={searchTerms}
CHR - default_search_provider: suggest_url = ,
CHR - homepage: http://www.google.com/ncr
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\PepperFlash\11.5.31.139\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Disabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Dark\AppData\Local\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Dark\AppData\Local\Google\Chrome\Application\29.0.1547.76\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Disabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Dark\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: RockMelt Update (Disabled) = C:\Users\Dark\AppData\Local\RockMelt\Update\1.2.189.1\npRockMeltOneClick8.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll
CHR - Extension: Tab Expose = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ackpfhlmgjdjlohhjmbacaajbmkkklnp\2.0.5_0\
CHR - Extension: Search by Image for Google\u2122 = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\agdigejhabbnmfbbebmchkkjhcdjmeli\1.4_0\
CHR - Extension: Hacker News - Show Full Domain = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\amenlkcfjlmchdpogjmdolblcjlcmdbp\1.0_0\
CHR - Extension: Google Drive = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Mahadev Chrome Themes = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\baliefelillknjpaabnidahiijnnmccp\2_0\
CHR - Extension: Session Manager = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbcnbpafconjjigibnhbfmmgdbbkcjfi\0.4_0\
CHR - Extension: Sexy Undo Close Tab = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcennaiejdjpomgmmohhpgnjlmpcjmbg\7.2.12_0\
CHR - Extension: Apps list from context menu = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgeheffmcecddlippefcefgnbhmfadab\0.2_0\
CHR - Extension: Adblock Plus = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\
CHR - Extension: Adblock Plus = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.5_0\
CHR - Extension: Adblock Plus = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.5_1\
CHR - Extension: Scroll To Top Button = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\chiikmhgllekggjhdfjhajkfdkcngplp\6.2.4_0\
CHR - Extension: FeedSquares - Supercharge your Google Reader = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddkahgkblobiogkkeedfnjkldecloidi\1.4.0_0\
CHR - Extension: Read Later Fast = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\decdfngdidijkdjgbknlnepdljfaepji\1.6.0_0\
CHR - Extension: Gmelius - Ad Blocker and Better UI for Gmail\u2122 = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\dheionainndbbpoacpnopgmnihkcmnkl\5.7.4_0\
CHR - Extension: Activate Ext = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\dibkkempcomnamcffldikmhkigmpjjno\0.1.0_0\
CHR - Extension: Mega Button = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehjoabpkbidaaiikahbmfebfabbchoca\1.0.6_0\
CHR - Extension: Customize Menu = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\embakochaelgijbeolbbgnljfgpbeeoe\0.5.1.0_0\
CHR - Extension: Black = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\eoonlphbpioekooiogpokkgbmjciceik\1.1_0\
CHR - Extension: IP Geolocator = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadodjoencnnlijogpfpkmonlffhfdjp\1.3_0\
CHR - Extension: IP Geolocator = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadodjoencnnlijogpfpkmonlffhfdjp\1.3_0\~
CHR - Extension: Move left menu in Google Mail\u2122 = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffaboanbffefiogfnldddffmhpfpagcd\1.4.5_0\
CHR - Extension: Bookmarks Menu = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffmdedmghpoipeldijkdlcckdpempkdi\3.4.15_0\
CHR - Extension: Clutter = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopmmgbckkdhedhndlebkfnocagpgmnc\1.0.17_0\
CHR - Extension: Daemon = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdidbmjnkdnlfbmfdomopeiimkfblolf\0.1.1_0\
CHR - Extension: Full Screen Flash = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\gejijbmhbanhbllpkhfojmimfolkjgdl\1.4_0\
CHR - Extension: AdBlock = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.6_0\
CHR - Extension: AdBlock = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.7_0\
CHR - Extension: Mibbit webchat = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbadbkkklnhamjjeagmknajgmbgcmnpi\1.12_0\
CHR - Extension: TweetDeck by Twitter = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl\3.2.2_0\
CHR - Extension: TweetDeck by Twitter = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl\3.2.4_0\
CHR - Extension: TweetDeck by Twitter = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl\3.2.5_0\
CHR - Extension: Extensions Home Page = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcbjgpfakllmhcnfmpmkhopfjmeidkan\1.2_0\
CHR - Extension: AppJump App Launcher and Organizer = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\hccbinpobnjcpckmcfngmdpnbnjpmcbd\0.9.3_0\
CHR - Extension: AirMech = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdahlabpinmfcemhcbcfoijcpoalfgdn\19212_0\
CHR - Extension: AirMech = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdahlabpinmfcemhcbcfoijcpoalfgdn\19378_0\
CHR - Extension: AirMech = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdahlabpinmfcemhcbcfoijcpoalfgdn\19454_0\
CHR - Extension: AirMech = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdahlabpinmfcemhcbcfoijcpoalfgdn\19589_0\
CHR - Extension: TabJump - Intelligent Tab Navigator = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokofmgcicpnjchllaccgedmmmbbnbmf\0.7.9.2_0\
CHR - Extension: ShortCuts = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iblhmendleblcobcmphbhljgkfgnjoch\0.2_0\
CHR - Extension: IMG Rotate = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcoonajankpbolkgbipphpmbhefkengn\1.0.4_0\
CHR - Extension: Zoho Chat = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhciionmiegecfdffhjlcfanhikpppf\1.1_0\
CHR - Extension: Lock Tab = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnikalcnjojfkpleicbncjmnieimjlfe\0.8.2_0\
CHR - Extension: TackyNotes = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\kepjmeignbgkeglpbdmcendkoapjkekn\2.1_0\
CHR - Extension: Minecraft Wiki Searcher = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\kffllhckohamkhicfkcncgjekbbfmbji\0.3_0\
CHR - Extension: Methyl = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmfkloiffecmklfldmohmlhaiicmpcch\2.0_0\
CHR - Extension: TweetDeck Launcher = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmjdnkpkpnjblbgbnkeedepgnomafojk\2.0.1_0\
CHR - Extension: Instant Sounds = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcgiigejdempgibflnpfbimpgjhpofpj\1_0\
CHR - Extension: NewFreeScreensavers = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgdpfccfomdhboadcfaoffdebaajdkfh\2_0\
CHR - Extension: Wet Banana = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljecomdaijmibecakcpjadigpfkollbh\0.4.1_0\
CHR - Extension: Extensions Manager (aka Switcher) = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc\0.2.1.2_0\
CHR - Extension: Download Master = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcceagdollnkjlogmdckgjakjapmkdjf\3.0.1.2_0\
CHR - Extension: Badger = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\mffjibgogcfdddbofdobaognannnfgmf\1.0.1_0\
CHR - Extension: Youtube Ad Free! = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\mknomlkddfakhoakpmkeleifdphdfamo\2.2.4_0\
CHR - Extension: ScrewAds - Block, Skip, Remove YouTube Ads = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmbnjoljpgkhiaicaejkdcjbfjknipnc\2.1.5_0\
CHR - Extension: White Noise = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\mojghcdfgefcmgfidkgcamadlmaghfcm\1.6_0\
CHR - Extension: Download = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\nccjoeeljedbmkidebclpoabijggpbdp\0.1.7_0\
CHR - Extension: Incredible StartPage - Productive Start Page for Chrome! = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncdfeghkpohnalmpblddmnppfooljekh\1.6.2_0\
CHR - Extension: Diet Diary = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\neckeibmjhibmgoigmffjlihekefmffd\1.1_0\
CHR - Extension: WikiPreview = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlimegchokjpodijcknpbnhphchemmjm\0.3_0\
CHR - Extension: MuteTab = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmkbaaijgpppbokgnhhoakihofedkgcc\2.0.2_0\
CHR - Extension: MuteTab = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmkbaaijgpppbokgnhhoakihofedkgcc\2.0.5_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: TabCloud = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\npecfdijgoblfcgagoijgmgejmcpnhof\1.17_0\
CHR - Extension: Iconized Bookmarks Popup = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\npgonnihpamikjkfckpolamefpniicak\1.8.3_0\
CHR - Extension: Original Minimalist Email = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\npppajnlimcafecjepdjcijnoamopngp\1.6_0\
CHR - Extension: Skip video ads on Youtube = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\oanobjfgoogmilhpmlciifoaflmojigf\0.1.1_0\
CHR - Extension: Type Fu = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\okboeogmnhjpgbeaokfogelclpblaemo\2.0.0_0\
CHR - Extension: Apps Pop-up = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgmfnnibdimjiijaejcjeiannembnfca\1.4_0\
CHR - Extension: Send from Gmail (by Google) = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgphcomnlaojlmmcjmiddhdapjpbgeoc\1.16_0\
CHR - Extension: Space Planet = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppcocpoeoiajndepaaimnnglicichmbb\1.1_0\
CHR - Extension: Clearlook Scrollbar Theme = C:\Users\Dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppfdcmehpgiojcjgpclmfnbnpdmcmbgo\0.2.0_0\
O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [PSUAMain] C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe (Panda Security, S.L.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKLM..\Run: [VirtualCloneDrive] D:\Utilities\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
O4 - HKCU..\Run: [HydraVisionDesktopManager] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
O4 - HKCU..\Run: [RockMelt Update] C:\Users\Dark\AppData\Local\RockMelt\Update\RockMeltUpdate.exe (RockMelt Inc.)
O4 - HKCU..\Run: [SoniqueQuickStart] D:\Utilities\Sonique\sqstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{240FD767-8FD3-431A-99B0-1A0B4DF9265C}: DhcpNameServer = 192.168.2.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{24C41BCA-3295-408C-9740-A34101EA25EA}: DhcpNameServer = 192.168.2.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{761A5FCD-1B86-4892-B151-A80A44DF3373}: DhcpNameServer = 192.168.2.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8F95FE0D-B3D5-417F-8E9F-DF3AB98D3265}: NameServer = 93.182.182.93 93.182.132.32
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9ADB447E-906F-4B2C-9A70-FB7FE8A3C57B}: DhcpNameServer = 192.168.2.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B42D4D8C-B48D-4252-92C2-9DE65625CBC4}: DhcpNameServer = 192.168.2.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E48CBC3A-5D06-4BA3-8919-2BFAE68293E5}: DhcpNameServer = 192.168.2.254
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/09/22 23:19:35 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Dark\Desktop\OTL.exe
[2013/09/22 22:52:24 | 000,058,808 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\PSKMAD.sys
[2013/09/22 22:45:41 | 000,000,000 | ---D | C] -- C:\Windows\Profiles
[2013/09/22 22:45:41 | 000,000,000 | ---D | C] -- C:\Windows\Favorites
[2013/09/22 21:07:09 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
[2013/09/22 21:06:50 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2013/09/22 18:40:29 | 000,000,000 | ---D | C] -- C:\Users\Dark\Desktop\Monitor_Acer_1.0_Win7VistaXPx86x64_G225HQV
[2013/09/22 18:10:15 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/09/22 18:10:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/09/22 09:25:19 | 000,000,000 | ---D | C] -- C:\Users\Dark\Desktop\X - Rebirth Soundtrack
[2013/09/22 09:25:09 | 000,000,000 | ---D | C] -- C:\Users\Dark\Desktop\X3 - Albion Prelude Soundtrack
[2013/09/20 18:41:56 | 000,000,000 | ---D | C] -- C:\Users\Dark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2013/09/09 16:41:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Overwolf
[2013/09/09 16:40:27 | 000,000,000 | ---D | C] -- C:\Users\Dark\AppData\Local\Overwolf
[2013/09/05 00:42:17 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap
[2013/09/05 00:42:07 | 000,000,000 | ---D | C] -- C:\Users\Dark\Documents\Freemake
[2013/09/05 00:42:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Freemake
[2013/09/05 00:42:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Freemake
[2013/08/29 12:37:52 | 000,000,000 | ---D | C] -- C:\Users\Dark\AppData\Roaming\LolClient
[2013/08/29 11:11:06 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\AI_RecycleBin
[2013/08/29 11:10:58 | 000,000,000 | ---D | C] -- C:\Users\Dark\AppData\Local\PMB Files
[2013/08/29 11:10:58 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2013/08/29 11:09:45 | 000,000,000 | ---D | C] -- C:\Users\Dark\AppData\Roaming\Riot Games
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/09/22 23:19:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dark\Desktop\OTL.exe
[2013/09/22 23:17:29 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\RockMeltUpdateTaskUserS-1-5-21-3078208923-4164391845-252134557-1000UA.job
[2013/09/22 22:59:29 | 000,021,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/09/22 22:59:29 | 000,021,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/09/22 22:59:17 | 000,778,150 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/09/22 22:59:17 | 000,659,580 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/09/22 22:59:17 | 000,120,508 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/09/22 22:52:23 | 000,034,752 | ---- | M] () -- C:\Windows\SysNative\drivers\WPRO_41_2001.sys
[2013/09/22 22:52:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/09/22 22:52:15 | 2064,416,767 | -HS- | M] () -- C:\hiberfil.sys
[2013/09/22 22:45:41 | 000,001,048 | ---- | M] () -- C:\Users\Public\Desktop\Windows Media Player.lnk
[2013/09/22 21:48:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/09/22 21:38:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3078208923-4164391845-252134557-1000UA.job
[2013/09/22 21:07:10 | 000,001,896 | ---- | M] () -- C:\Users\Public\Desktop\HitmanPro.lnk
[2013/09/22 18:10:16 | 000,001,112 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/09/22 17:17:00 | 000,000,872 | ---- | M] () -- C:\Windows\tasks\RockMeltUpdateTaskUserS-1-5-21-3078208923-4164391845-252134557-1000Core.job
[2013/09/22 03:38:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3078208923-4164391845-252134557-1000Core.job
[2013/09/20 05:42:12 | 000,460,951 | ---- | M] () -- C:\Users\Dark\Untitled.jpg
[2013/08/28 02:19:24 | 004,681,789 | ---- | M] () -- C:\Users\Dark\Desktop\04.wmv
[2013/08/28 02:19:17 | 004,441,783 | ---- | M] () -- C:\Users\Dark\Desktop\03.wmv
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/09/22 22:45:41 | 000,001,048 | ---- | C] () -- C:\Users\Public\Desktop\Windows Media Player.lnk
[2013/09/22 21:07:10 | 000,001,896 | ---- | C] () -- C:\Users\Public\Desktop\HitmanPro.lnk
[2013/09/22 18:10:16 | 000,001,112 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/09/20 05:42:12 | 000,460,951 | ---- | C] () -- C:\Users\Dark\Untitled.jpg
[2013/08/28 02:19:20 | 004,681,789 | ---- | C] () -- C:\Users\Dark\Desktop\04.wmv
[2013/08/28 02:19:14 | 004,441,783 | ---- | C] () -- C:\Users\Dark\Desktop\03.wmv
[2013/08/22 13:11:13 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013/08/22 13:11:11 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013/06/29 17:52:00 | 000,002,740 | ---- | C] () -- C:\Windows\cdplayer.ini
[2013/06/29 17:50:17 | 000,001,534 | ---- | C] () -- C:\ProgramData\ss.ini
[2013/06/29 15:01:09 | 000,028,820 | ---- | C] () -- C:\Windows\SysWow64\sintfnt.dll
[2013/06/29 15:01:09 | 000,017,836 | ---- | C] () -- C:\Windows\SysWow64\sintf32.dll
[2013/06/29 15:01:09 | 000,012,066 | ---- | C] () -- C:\Windows\SysWow64\sintf16.dll
[2013/06/24 11:24:24 | 000,000,419 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2013/06/24 11:24:24 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2013/06/23 18:33:10 | 001,322,753 | ---- | C] () -- C:\Users\Dark\Nokia_Lumia_920_UG_en_GB.pdf
[2013/04/30 15:18:29 | 000,010,240 | ---- | C] () -- C:\Windows\SysWow64\vidx16.dll
[2013/04/03 04:39:02 | 000,079,872 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2013/02/27 11:16:40 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2012/12/22 04:25:05 | 000,000,218 | ---- | C] () -- C:\Users\Dark\.recently-used.xbel
[2012/12/04 16:49:26 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2012/12/02 21:18:33 | 000,000,193 | ---- | C] () -- C:\Windows\wordpad.INI
[2012/11/27 17:10:20 | 000,000,845 | ---- | C] () -- C:\Users\Dark\AppData\Local\recently-used.xbel
[2012/10/17 07:04:51 | 000,771,962 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/10/08 18:12:35 | 000,000,000 | ---- | C] () -- C:\ProgramData\0x0304A000.sfl
[2012/09/05 15:31:36 | 000,000,258 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2012/08/05 09:21:16 | 000,660,069 | ---- | C] () -- C:\Users\Dark\bookmarks_8_5_12.html
[2012/07/24 21:44:56 | 001,717,563 | ---- | C] () -- C:\Users\Dark\Moeder's LG Magnetron .pdf
[2012/05/31 21:49:39 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012/05/31 21:48:08 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/05/31 21:48:08 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012/05/31 21:48:07 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2012/05/31 08:44:21 | 012,978,688 | ---- | C] () -- C:\Windows\SysWow64\ig7icd32.dll
[2012/05/31 08:44:21 | 000,734,772 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin
[2012/05/31 08:44:21 | 000,557,476 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin
[2012/05/31 08:44:21 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/05/31 08:43:56 | 000,007,597 | ---- | C] () -- C:\Users\Dark\AppData\Local\resmon.resmoncfg
[2012/05/02 14:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
========== ZeroAccess Check ==========
[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2010/11/21 05:23:55 | 014,174,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010/11/21 05:24:02 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013/09/19 17:59:35 | 000,000,000 | ---D | M] -- C:\Users\Dark\AppData\Roaming\.minecraft
[2013/02/08 07:50:38 | 000,000,000 | ---D | M] -- C:\Users\Dark\AppData\Roaming\.purple
[2013/05/04 18:13:23 | 000,000,000 | ---D | M] -- C:\Users\Dark\AppData\Roaming\Bioshock
[2012/11/21 20:55:41 | 000,000,000 | ---D | M] -- C:\Users\Dark\AppData\Roaming\Carbon
[2013/07/18 08:48:15 | 000,000,000 | ---D | M] -- C:\Users\Dark\AppData\Roaming\EoN
[2012/12/21 15:41:25 | 000,000,000 | ---D | M] -- C:\Users\Dark\AppData\Roaming\gtk-2.0
[2013/07/25 16:35:47 | 000,000,000 | ---D | M] -- C:\Users\Dark\AppData\Roaming\HeidiSQL
[2012/06/12 01:49:07 | 000,000,000 | ---D | M] -- C:\Users\Dark\AppData\Roaming\Leadertech
[2013/08/29 12:37:52 | 000,000,000 | ---D | M] -- C:\Users\Dark\AppData\Roaming\LolClient
[2012/07/07 22:41:49 | 000,000,000 | ---D | M] -- C:\Users\Dark\AppData\Roaming\My Games
[2013/07/25 16:35:15 | 000,000,000 | ---D | M] -- C:\Users\Dark\AppData\Roaming\MySQL
[2012/07/15 13:03:59 | 000,000,000 | ---D | M] -- C:\Users\Dark\AppData\Roaming\OpenOffice.org
[2013/07/15 14:37:47 | 000,000,000 | ---D | M] -- C:\Users\Dark\AppData\Roaming\Opera
[2013/07/15 14:40:28 | 000,000,000 | ---D | M] -- C:\Users\Dark\AppData\Roaming\Opera Software
[2013/08/19 01:44:17 | 000,000,000 | ---D | M] -- C:\Users\Dark\AppData\Roaming\Origin
[2012/08/06 18:18:42 | 000,000,000 | ---D | M] -- C:\Users\Dark\AppData\Roaming\Panda Security
[2012/09/17 06:06:44 | 000,000,000 | ---D | M] -- C:\Users\Dark\AppData\Roaming\Radio538DesktopPlayer.by.StingR.com
[2012/09/17 15:55:21 | 000,000,000 | ---D | M] -- C:\Users\Dark\AppData\Roaming\RIFT
[2013/08/29 11:10:51 | 000,000,000 | ---D | M] -- C:\Users\Dark\AppData\Roaming\Riot Games
[2012/12/30 16:11:56 | 000,000,000 | ---D | M] -- C:\Users\Dark\AppData\Roaming\RobotSoft
[2012/12/10 21:06:14 | 000,000,000 | ---D | M] -- C:\Users\Dark\AppData\Roaming\Spotify
[2012/10/23 20:34:46 | 000,000,000 | ---D | M] -- C:\Users\Dark\AppData\Roaming\TeamViewer
[2012/09/12 10:12:47 | 000,000,000 | ---D | M] -- C:\Users\Dark\AppData\Roaming\ts3overlay
[2012/12/21 16:27:48 | 000,000,000 | ---D | M] -- C:\Users\Dark\AppData\Roaming\ts3overlay_hook_win64
[2013/09/22 19:09:13 | 000,000,000 | ---D | M] -- C:\Users\Dark\AppData\Roaming\uTorrent
[2012/12/07 02:07:33 | 000,000,000 | ---D | M] -- C:\Users\Dark\AppData\Roaming\YourFileDownloader
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:5C321E34
< End of report >
Extras log :
OTL Extras logfile created on: 22/09/13 23:21:43 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dark\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd/MM/yy
7.90 Gb Total Physical Memory | 6.24 Gb Available Physical Memory | 79.00% Memory free
15.79 Gb Paging File | 13.65 Gb Available in Paging File | 86.47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119.14 Gb Total Space | 21.40 Gb Free Space | 17.96% Space Free | Partition Type: NTFS
Drive D: | 1863.01 Gb Total Space | 779.85 Gb Free Space | 41.86% Space Free | Partition Type: NTFS
Drive E: | 1863.01 Gb Total Space | 99.33 Gb Free Space | 5.33% Space Free | Partition Type: NTFS
Computer Name: CALLIOPE | User Name: Dark | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Add to playlist] -- "D:\Utilities\Sonique\Sonique.exe" -appendonly "%1" (Terra Lycos)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Add to playlist] -- "D:\Utilities\Sonique\Sonique.exe" -appendonly "%1" (Terra Lycos)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01183C1E-B99C-4691-B1D1-5AA2FAB2A58B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{024060AB-5ABD-48AC-ABC1-6FA01F7B95B2}" = rport=139 | protocol=6 | dir=out | app=system |
"{19966A70-6FC4-4069-9611-3F1CB87941B2}" = lport=137 | protocol=17 | dir=in | app=system |
"{2442FEFE-79BD-48DE-8F03-9008A012FB16}" = rport=137 | protocol=17 | dir=out | app=system |
"{459E4AF1-C0C1-4E05-A6B1-E7E542977C22}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{51237501-3C2F-42D8-A128-B64B08CFA314}" = rport=138 | protocol=17 | dir=out | app=system |
"{8723219A-7419-4206-88E7-29811B1E036E}" = lport=53 | protocol=17 | dir=in | name=realtek ap udp prot |
"{983FA5BA-E9D7-467F-8CF9-022C05BA03BE}" = lport=138 | protocol=17 | dir=in | app=system |
"{B2DB8AC3-8CE6-4A3D-BCFD-2C2EEE71D0B8}" = lport=1542 | protocol=17 | dir=in | name=realtek wps udp prot |
"{BC61CB7E-AACF-421A-9C37-84FDFF720EDD}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{D01DB71B-38B7-47EC-893F-7AA877FBFBC7}" = lport=139 | protocol=6 | dir=in | app=system |
"{E902358C-93A1-48C6-BF33-12DF9107740A}" = lport=1542 | protocol=6 | dir=in | name=realtek wps tcp prot |
"{EAF0AEDB-78F4-4037-8A2F-0D316C918580}" = rport=445 | protocol=6 | dir=out | app=system |
"{F482D8A4-8518-4999-979D-E39DB1396E4B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FD204FA9-B3E8-4489-990A-9D70AE9CF076}" = lport=445 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02E70A7F-EA24-48B2-9B57-4D61383D4C01}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{07491576-AE55-4C15-AA1D-BAA30BAE4B4B}" = protocol=6 | dir=in | app=c:\program files (x86)\yourfiledownloader\yourfile.exe |
"{079E48F9-4287-407B-A882-F803F9554EBA}" = protocol=6 | dir=in | app=d:\utilities\avg\avgmfapx.exe |
"{0E00026E-B9B4-49DA-A18C-0F0DD6A0C458}" = protocol=6 | dir=in | app=d:\games\mass effect\binaries\masseffect.exe |
"{1417D425-8312-4896-A529-DF7E1E1E0DD3}" = protocol=6 | dir=in | app=d:\games\mass effect\masseffectlauncher.exe |
"{18BDF5E5-BEE8-4876-8ACB-96006D7D34AC}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2000\agent.exe |
"{291687DF-5A5C-4176-A7FF-B99F03A67883}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{2A338AEC-DB8B-47AB-BF1E-2B7590B39A5F}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{2DA853AD-CAE8-41C0-B634-EBC4702B3885}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2000\agent.exe |
"{31D12788-B91A-4627-9554-2631F9867385}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{32524892-1ACA-4994-8618-39637B3BF183}" = protocol=6 | dir=in | app=d:\games\civilization 4\civilization4.exe |
"{35078334-D927-40DC-8241-E96656F6FF0D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3E2CE41F-3897-4456-9F98-0CDD6BC9C7F4}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{432D174A-3A62-43CD-8E85-6AC6A751FC74}" = protocol=1 | dir=out | [email protected],-28544 |
"{48C7A438-84BF-401B-9F81-C92991994D3E}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{493A1C68-3A1E-4517-BF1B-407697E01E74}" = protocol=6 | dir=in | app=d:\games\steam\steamapps\common\terraria\terraria.exe |
"{4BFC3876-2415-4FE0-96CA-E681ECECE8AB}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{4DEDCB7B-0DC2-40E5-B9AB-80D056B08955}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{505CA3D4-87D6-4678-83A3-1CB3B9EC7AFB}" = protocol=58 | dir=in | [email protected],-28545 |
"{602A3FC8-B336-4B6C-A945-D1E69EB96221}" = protocol=17 | dir=in | app=d:\games\mass effect\masseffectlauncher.exe |
"{61F1BBA3-A75B-4773-8582-DF3BB197977F}" = protocol=58 | dir=out | [email protected],-28546 |
"{628D04FA-6F3F-40DF-8C34-2CDB19F5756A}" = protocol=58 | dir=in | app=system |
"{6385988B-E9CE-4184-B95A-11A82C188F70}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{6527DD49-EB22-4399-B839-71439F927389}" = protocol=1 | dir=in | [email protected],-28543 |
"{65D5CED6-88E3-4C34-B25A-2503582A7DB5}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2006\agent.exe |
"{6FAA5EFC-3955-4097-AEB8-9EDF9E54F1B9}" = protocol=17 | dir=in | app=d:\games\mass effect\binaries\masseffect.exe |
"{7073F015-E761-42D3-A13C-3AC7649F528D}" = protocol=6 | dir=in | app=d:\games\steam\steamapps\common\silent hunter 3\sh3.exe |
"{72D5CEA5-01D0-4BDD-B244-C40EEDA303FF}" = protocol=6 | dir=in | app=d:\utilities\ventrilo\ventrilo.exe |
"{73D7CC6B-3217-43A9-B8AF-484ED070E589}" = protocol=17 | dir=in | app=c:\program files (x86)\yourfiledownloader\downloader.exe |
"{788F7196-9E0B-4B2E-A746-C4E5DA3F953E}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{7C71C224-BA99-4C7B-BFCF-76313F17CAE7}" = protocol=17 | dir=in | app=d:\utilities\ventrilo\ventrilo.exe |
"{7FE9F1E9-1573-44DB-BE25-98394914F590}" = protocol=6 | dir=in | app=d:\games\steam\steam.exe |
"{8E45D42B-B189-4322-8961-AF83C516D1AE}" = protocol=17 | dir=in | app=d:\games\steam\steam.exe |
"{911C0537-443C-4E98-A8D2-C930E73DD7F1}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{91575EE0-55ED-4ACB-8FF9-F3055977AD3B}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{94C02AA2-191B-490E-A310-41A6EFFC97BB}" = protocol=17 | dir=in | app=c:\program files (x86)\realtek\11n usb wireless lan utility\rtwlan.exe |
"{98285855-2D75-45CE-A5FD-32D5909BF7ED}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{9FE199F6-F9EB-427B-9B21-DFC15C0E720C}" = protocol=17 | dir=in | app=e:\games\battlefield 3\bf3.exe |
"{A8B1129D-D760-414C-B9E4-DA0289514455}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{AB719D4F-F4D4-4019-A4B7-925BF3A2C63F}" = protocol=6 | dir=in | app=c:\users\dark\appdata\roaming\utorrent\utorrent.exe |
"{B0139305-B273-45BA-B1F1-BFC56F81912B}" = protocol=17 | dir=in | app=d:\games\steam\steamapps\common\terraria\terraria.exe |
"{B1C49B03-7C53-4007-84A5-1C73B4849E60}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{B31A9F0C-DD81-49F8-BE01-902D200D03CD}" = protocol=6 | dir=in | app=c:\program files (x86)\yourfiledownloader\downloader.exe |
"{B4924430-156E-4294-AAB9-C6B34D3CD287}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{B589EBB4-9500-49FB-B352-66D2C0A744A6}" = protocol=6 | dir=in | app=c:\program files (x86)\end of nations alpha\rtsclientg.exe |
"{BC5998D0-3BF9-4069-9234-C6E87F21D35A}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{C0482181-84D6-4AE8-A088-5EF8FADB2743}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{C5E9DE51-7E36-45BB-9879-E6594B3D7D15}" = protocol=17 | dir=in | app=c:\users\dark\appdata\roaming\utorrent\utorrent.exe |
"{C9183B56-A80E-4DA6-87BA-B9A4B6FFAD02}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{CB3BACC4-C9A5-4602-B3C6-5904C95B5B92}" = protocol=6 | dir=in | app=d:\games\steam\steamapps\common\airmech\airmech.exe |
"{D5DEEF23-8D02-43A8-9F92-D7FB69F9F2B2}" = protocol=17 | dir=in | app=c:\program files (x86)\yourfiledownloader\yourfile.exe |
"{D6329C19-7BEE-411C-BD58-3DEA8AC67499}" = protocol=17 | dir=in | app=d:\utilities\avg\avgmfapx.exe |
"{DACF1B7B-5A53-4BAC-ADF0-48C8616387BD}" = protocol=17 | dir=in | app=d:\games\steam\steamapps\common\airmech\airmech.exe |
"{E232C2A7-4B95-4AF3-A040-59172945F51A}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{E35892D2-CB80-43B6-B5F1-BA241FA27A0D}" = protocol=6 | dir=in | app=e:\games\battlefield 3\bf3.exe |
"{EADEFF52-6BA3-4792-AF55-2B7C3254D549}" = protocol=17 | dir=in | app=d:\games\steam\steamapps\common\silent hunter 3\sh3.exe |
"{F014DC38-B0D7-47DC-9F66-E99DEB50C35F}" = protocol=17 | dir=in | app=c:\program files (x86)\end of nations alpha\rtsclientg.exe |
"{F2407BB2-45E1-4D8D-A4EA-0EDEDA251CEA}" = protocol=58 | dir=out | [email protected],-503 |
"{F54B495B-9925-414C-928B-671141CF8A38}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2006\agent.exe |
"{F73DB617-520D-462A-8CE6-9C42AF4FFD70}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{F7B1E8EC-AD8F-4FDA-9A05-F14E6319D00B}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{F81222C6-6636-43B6-B674-5731B895D5C5}" = protocol=6 | dir=in | app=c:\program files (x86)\realtek\11n usb wireless lan utility\rtwlan.exe |
"{F927034E-82DE-4880-A051-45FCB3AEB1CE}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{FFE4B9BC-4961-4922-AFBC-CFBA2D1A49CD}" = protocol=17 | dir=in | app=d:\games\civilization 4\civilization4.exe |
"TCP Query User{5CC251FD-DC36-4D4B-AA94-6327743BF5D2}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{7EC1C162-E3AE-42B7-AB67-151322920EDD}C:\program files\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"TCP Query User{91DFBA14-6035-4EDF-BDB5-97195D0BF2A5}C:\program files (x86)\tera\tera-launcher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tera\tera-launcher.exe |
"TCP Query User{BCD5E123-B4E9-4E72-8DE6-633479471201}D:\utility\xampp\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=d:\utility\xampp\mysql\bin\mysqld.exe |
"TCP Query User{C8DCF5FB-6066-497D-BAFA-11DC5BED1F83}D:\games\star trek online\star trek online\live\gameclient.exe" = protocol=6 | dir=in | app=d:\games\star trek online\star trek online\live\gameclient.exe |
"TCP Query User{CD52FE97-A186-4519-9467-0983E0C8BA6B}E:\games\diablo iii\diablo iii.exe" = protocol=6 | dir=in | app=e:\games\diablo iii\diablo iii.exe |
"UDP Query User{003FAE54-6217-4ADB-A72A-ABA2737BB942}D:\utility\xampp\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=d:\utility\xampp\mysql\bin\mysqld.exe |
"UDP Query User{033B53DA-8D1D-4B45-B5AF-76C821FBCC23}E:\games\diablo iii\diablo iii.exe" = protocol=17 | dir=in | app=e:\games\diablo iii\diablo iii.exe |
"UDP Query User{0660E211-81C8-4DEE-8B5B-7DD00D11D43C}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{083215DE-7052-4CB5-B89E-4498D4BA3B6F}C:\program files\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"UDP Query User{81E1D8BB-E6FB-43B7-9CE3-1E054E487D89}D:\games\star trek online\star trek online\live\gameclient.exe" = protocol=17 | dir=in | app=d:\games\star trek online\star trek online\live\gameclient.exe |
"UDP Query User{83CBFC68-931B-431E-BEE6-D77FDB09D18E}C:\program files (x86)\tera\tera-launcher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tera\tera-launcher.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{008C42A1-FB22-7DB4-618F-08E2C5059C0C}" = ccc-utility64
"{04573C2A-8756-E9F0-7878-C6029F6C7F25}" = AMD Drag and Drop Transcoding
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{26A24AE4-039D-4CA4-87B4-2F86417013FF}" = Java 7 Update 13 (64-bit)
"{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1" = MPC-HC 1.6.6.6957 (3975d54) (64-bit)
"{393D3B4C-1F95-CDD2-4F0A-395D99D5F553}" = AMD Accelerated Video Transcoding
"{4A6FE9F2-F6A2-452E-89C7-C24A9E2B804D}" = Panda Cloud Antivirus
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{53A19094-2C04-A9B9-7309-3E92152D4845}" = AMD Catalyst Install Manager
"{690285C2-2481-44FB-8402-162EA970A6DD}" = Logitech Gaming Software
"{6DB5331E-20A5-C1A7-E0E5-3A023C304389}" = AMD AVIVO64 Codecs
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{C0FFB192-3484-9AA0-7505-3A5B6688752F}" = AMD Media Foundation Decoders
"{C91DCB72-F5BB-410D-A91A-314F5D1B4284}" = Broadcom NetLink Controller
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{D1B033E8-A077-4B0D-9831-5798E19E861E}" = Intel® Smart Connect Technology 2.0 x64
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}" = Ventrilo Client for Windows x64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"ASRock App Charger_is1" = ASRock App Charger v1.0.5
"GIMP-2_is1" = GIMP 2.8.2
"HitmanPro37" = HitmanPro 3.7
"Logitech Gaming Software" = Logitech Gaming Software 8.30
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Nero 11 v11.2.4.100 (x64)11.2.4.100" = Nero 11 v11.2.4.100 (x64)
"Recuva" = Recuva
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR 4.00 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{1050A3D4-BC3B-4443-BD60-68C2BAE65EF4}" = CCC Help English
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1321BDD4-C5FC-BCFA-F281-7C66D5DE187F}" = CCC Help French
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}" = Mass Effect
"{1D6DF721-54B7-6AA4-2050-7E286CCE13E8}" = Catalyst Control Center
"{1EF73F13-8A60-7910-A59D-8F62A8BCD47D}" = CCC Help Swedish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22E62B37-5D05-C5AD-F53E-691342495A45}" = CCC Help Spanish
"{23528772-43DB-1E20-E845-DB1CE00FBB10}" = CCC Help Danish
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel® USB 3.0 eXtensible Host Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 25
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{3DD2E9EA-0544-4162-B8BE-E21E994E9F3B}" = LEGO Racers 2
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{4377F918-E6C9-4ECA-A7F5-754B310B7ED8}" = Sid Meier's Civilization 4
"{476CD9DE-C45F-4443-BFA7-E51C58B7E455}" = Populous
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.6
"{501451DE-5808-4599-B544-8BD0915B6B24}_is1" = FreeRIP MP3 Converter 4.3
"{51071D66-D034-4239-94E0-723FCA10B6FE}" = OpenOffice.org 3.4
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{5F32FD5A-6F9D-50FD-1896-0AEC107DE5D0}" = CCC Help Portuguese
"{60AAE030-8621-5187-F7CF-41A241698407}" = CCC Help Dutch
"{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}" = Asmedia ASM106x SATA Host Controller Driver
"{619DC4E1-DA11-48A1-4587-4E3E3D02D103}" = Catalyst Control Center Graphics Previews Common
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65A5E87D-7A3F-4819-807D-B86990D5F369}" = inSSIDer
"{66D6F3BD-CA23-41A4-9FA3-96B26B32528C}" = Command & Conquer The First Decade
"{6F05E0AC-22D3-BE6E-05DD-623504F54FB2}" = CCC Help Chinese Standard
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{7668B02B-DDDA-A67C-F86B-9D1061DD08CD}" = CCC Help Hungarian
"{79BF4901-1EC4-4726-B3C2-A7859706C6E7}" = League of Legends
"{7BA420C3-3629-2AD6-19D0-0A6E27D6B782}" = CCC Help Thai
"{82E73E8D-E1E7-45A4-A311-6D31492AA913}_is1" = AION Free-to-Play version 1.0
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EFA9357-75F9-EF3D-B7F9-BC913BA8DAC5}" = CCC Help Norwegian
"{90157C5D-D791-4D36-8C2B-7553DC01D601}" = ASUS VGA Driver
"{91DA5EBA-C240-289B-0AB4-6604CDE6A27F}" = CCC Help Czech
"{9711CA3C-614D-5B3B-E10F-062FD292075E}" = CCC Help Italian
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C049499-055C-4a0c-A916-1D12314F45EB}" = REALTEK Wireless LAN Driver and Utility
"{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1" = Gameforge Live 1.4.0 "Legend"
"{9FCBD98D-F8B3-6ECC-5293-9C28817E3269}" = Catalyst Control Center InstallProxy
"{A0B1B905-88E8-CBBB-C936-0FFECD06BBDC}" = Catalyst Control Center Localization All
"{A2S166A0-F031-4E27-A057-C69733219434}_is1" = TERA
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.8)
"{AF749638-8C8C-84E8-DA4A-37D014824E33}" = CCC Help German
"{B0B4575E-EB62-1BDC-994A-A42ED7E8FF46}" = CCC Help Greek
"{B1504E18-0D34-1554-20FB-2BF6459D4683}" = CCC Help Russian
"{B90B9B89-2B62-B281-25C3-A59B189C249F}" = CCC Help Finnish
"{BA0F9EA0-1313-976B-4809-A5535AB8E207}" = HydraVision
"{BC4A54D6-6591-4D01-AE21-C9ABAAF69D7F}" = Microsoft Expression Encoder 4
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1" = SRWare Iron version SRWare Iron 27.0.1500.0
"{C5ED3F69-3A6D-EA6E-EE57-342C0274FE5F}" = CCC Help Japanese
"{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}" = Sid Meier's Civilization 4
"{CFEF8DB5-B45E-4b05-90BE-D02AA6F45354}" = Firefall
"{DBD353DB-F37D-3CBB-65A7-0B3BA8634263}" = CCC Help Turkish
"{DDE59617-F59A-473B-BC4E-C2B81F6CD38D}" = Command & Conquer™ Red Alert™ 3 Uprising
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{E786AE85-8A30-4CF2-BF70-57404A5CD684}" = Windows Phone app for desktop
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE6EBBD2-C278-5F48-B021-C9314ABE7593}" = CCC Help Korean
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5C1211F-8F5E-B4BE-8046-3BB6B7944BA0}" = CCC Help Polish
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{F9EC30D1-F688-4708-9850-CB5120074AAA}" = Microsoft Expression Encoder 4 Screen Capture Codec
"{FA115E3B-1A2D-F0F1-52CE-99D1BD346C08}" = CCC Help Chinese Traditional
"{FCB10DE3-E190-4A7E-B06A-FAC61567ABFC}" = MySQL Tools for 5.0
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel® OpenCL CPU Runtime
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Bass Audio Decoder" = Bass Audio Decoder (remove only)
"Battlelog Web Plugins" = Battlelog Web Plugins
"Diablo III" = Diablo III
"Encoder_4.0.3205.0" = Microsoft Expression Encoder 4
"End of Nations Alpha" = End of Nations Alpha
"ESN Sonar-0.70.4" = ESN Sonar
"ffdshow_is1" = ffdshow v1.2.4453 [2012-05-21]
"Freemake Video Downloader_is1" = Freemake Video Downloader
"HeidiSQL_is1" = HeidiSQL 8.0.0.4396
"League of Legends 3.0.1" = League of Legends
"LEGO Racers" = LEGO Racers
"MakeMKV" = MakeMKV v1.8.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Mozilla Firefox 22.0 (x86 en-US)" = Mozilla Firefox 22.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Network Stumbler" = Network Stumbler 0.4.0 (remove only)
"Open Codecs" = Xiph.Org Open Codecs 0.85.17777
"Opera 12.16.1860" = Opera 12.16
"Origin" = Origin
"Panda Universal Agent Endpoint" = Panda Cloud Antivirus
"Pidgin" = Pidgin
"PowerISO" = PowerISO
"PunkBusterSvc" = PunkBuster Services
"Sniper Elite V2_is1" = Sniper Elite V2
"Sniper Ghost Warrior_is1" = Sniper Ghost Warrior
"Sonique15" = Sonique
"SpywareBlaster_is1" = SpywareBlaster 5.0
"SQLRestore" = SQLRestore
"Star Trek Online" = Star Trek Online
"StarCraft II" = StarCraft II
"Steam App 105600" = Terraria
"Steam App 15210" = Silent Hunter III
"Steam App 201310" = X3: Albion Prelude
"Steam App 206500" = AirMech
"Steam App 2820" = X3: Terran Conflict
"TeamViewer 7" = TeamViewer 7
"uTorrent" = µTorrent
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 2.0.8
"Winamp" = Winamp
"WinPcapInst" = WinPcap 4.1.2
"World of Warcraft" = World of Warcraft
"xampp" = XAMPP
"XCC Utilities" = XCC Utilities 1.47
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"101a9f93b8f0bb6f" = Curse Client
"Google Chrome" = Google Chrome
"RIFT" = RIFT
"RockMelt" = RockMelt
"uTorrent" = µTorrent
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 05/08/13 16:17:18 | Computer Name = Calliope | Source = Google Update | ID = 20
Description =
Error - 05/08/13 17:17:18 | Computer Name = Calliope | Source = Google Update | ID = 20
Description =
Error - 05/08/13 18:17:18 | Computer Name = Calliope | Source = Google Update | ID = 20
Description =
Error - 05/08/13 19:17:18 | Computer Name = Calliope | Source = Google Update | ID = 20
Description =
Error - 05/08/13 20:17:18 | Computer Name = Calliope | Source = Google Update | ID = 20
Description =
Error - 05/08/13 21:17:18 | Computer Name = Calliope | Source = Google Update | ID = 20
Description =
Error - 05/08/13 22:17:19 | Computer Name = Calliope | Source = Google Update | ID = 20
Description =
Error - 05/08/13 23:17:18 | Computer Name = Calliope | Source = Google Update | ID = 20
Description =
Error - 06/08/13 0:17:18 | Computer Name = Calliope | Source = Google Update | ID = 20
Description =
Error - 06/08/13 1:17:19 | Computer Name = Calliope | Source = Google Update | ID = 20
Description =
[ System Events ]
Error - 08/07/13 18:12:56 | Computer Name = Calliope | Source = Service Control Manager | ID = 7031
Description = The Windows Driver Foundation - User-mode Driver Framework service
terminated unexpectedly. It has done this 1 time(s). The following corrective
action will be taken in 120000 milliseconds: Restart the service.
Error - 08/07/13 18:12:56 | Computer Name = Calliope | Source = Service Control Manager | ID = 7031
Description = The COM+ Event System service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 1000 milliseconds:
Restart the service.
Error - 08/07/13 18:12:56 | Computer Name = Calliope | Source = Service Control Manager | ID = 7034
Description = The Function Discovery Provider Host service terminated unexpectedly.
It has done this 1 time(s).
Error - 08/07/13 18:12:56 | Computer Name = Calliope | Source = Service Control Manager | ID = 7031
Description = The Network List Service service terminated unexpectedly. It has
done this 1 time(s). The following corrective action will be taken in 100 milliseconds:
Restart the service.
Error - 08/07/13 18:12:56 | Computer Name = Calliope | Source = Service Control Manager | ID = 7031
Description = The Network Store Interface Service service terminated unexpectedly.
It has done this 1 time(s). The following corrective action will be taken in
120000 milliseconds: Restart the service.
Error - 08/07/13 18:12:56 | Computer Name = Calliope | Source = Service Control Manager | ID = 7034
Description = The Diagnostic Service Host service terminated unexpectedly. It has
done this 1 time(s).
Error - 08/07/13 18:12:56 | Computer Name = Calliope | Source = Service Control Manager | ID = 7031
Description = The Cryptographic Services service terminated unexpectedly. It has
done this 1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.
Error - 08/07/13 18:12:56 | Computer Name = Calliope | Source = Service Control Manager | ID = 7031
Description = The DNS Client service terminated unexpectedly. It has done this
1 time(s). The following corrective action will be taken in 120000 milliseconds:
Restart the service.
Error - 08/07/13 18:12:56 | Computer Name = Calliope | Source = Service Control Manager | ID = 7031
Description = The Workstation service terminated unexpectedly. It has done this
1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.
Error - 08/07/13 18:14:12 | Computer Name = Calliope | Source = EventLog | ID = 6008
Description = The previous system shutdown at 12:12:46 AM on ?7/?9/?2013 was unexpected.
< End of report >
Edited by RupturedHope, 23 September 2013 - 02:07 AM.
Sign In
Create Account
