Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

CPU shoots up to 100% when viewing picture/video thumbnails in folder

Started by faburizu , Nov 12 2013 05:49 PM

Please log in to reply

#1
faburizu

Posted 12 November 2013 - 05:49 PM

Member

Member
35 posts

Hi --

My computer has this problem where about 99% of the time you're viewing image or video thumbnails in a folder, it shoots explorer.exe up to 100% and the computer runs extremely slow until I force shut down explorer.exe and re-run the process. I've googled and googled and can't find anything that has to do specifically with viewing thumbnails.

I don't know if this counts for anything but I also haven't been able to ctrl+alt+del by keyboard, I have to manually right-click the taskbar and select "task manager."

I managed to run OTL while the CPU was at 100%, if that should help.
(And it made the scan take several hours).

Thanks in advance for any help!

OTL logfile created on: 11/12/2013 4:57:29 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kyuubei\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16721)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.00 Gb Total Physical Memory | 4.20 Gb Available Physical Memory | 59.94% Memory free
8.00 Gb Paging File | 5.32 Gb Available in Paging File | 66.51% Paging File free
Paging file location(s): c:\pagefile.sys 1024 1024 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 186.31 Gb Total Space | 53.43 Gb Free Space | 28.68% Space Free | Partition Type: NTFS
Drive D: | 465.66 Gb Total Space | 81.19 Gb Free Space | 17.44% Space Free | Partition Type: NTFS

Computer Name: MEGUCA | User Name: Kyuubei | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/11/12 16:53:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kyuubei\Downloads\OTL.exe
PRC - [2013/10/16 06:29:29 | 000,237,960 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe
PRC - [2013/04/07 23:18:50 | 000,399,736 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2013/03/06 12:12:26 | 000,189,440 | ---- | M] () -- C:\Program Files (x86)\Last.fm\iPodScrobbler.exe
PRC - [2013/03/06 12:12:24 | 001,752,576 | ---- | M] (Last.fm) -- C:\Program Files (x86)\Last.fm\Last.fm Scrobbler.exe
PRC - [2012/10/08 15:15:50 | 000,039,808 | ---- | M] (Wacom Technology) -- C:\Program Files\Tablet\Pen\WacomHost.exe
PRC - [2012/09/23 19:43:48 | 003,477,640 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
PRC - [2012/03/14 07:35:02 | 000,056,832 | ---- | M] (Mike Edward Moras (e-sushi™)) -- C:\Program Files (x86)\MiniBin\minibin.exe
PRC - [2009/10/29 00:07:00 | 000,077,824 | ---- | M] (Edgemeal) -- C:\CUITX4\CUITX4.exe

========== Modules (No Company Name) ==========

MOD - [2013/03/06 12:12:26 | 000,189,440 | ---- | M] () -- C:\Program Files (x86)\Last.fm\iPodScrobbler.exe
MOD - [2013/03/06 12:11:54 | 000,126,976 | ---- | M] () -- C:\Program Files (x86)\Last.fm\listener.dll
MOD - [2013/03/06 12:11:50 | 000,757,248 | ---- | M] () -- C:\Program Files (x86)\Last.fm\unicorn.dll
MOD - [2013/03/06 12:11:24 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\Last.fm\logger.dll
MOD - [2013/03/05 12:25:40 | 000,350,720 | ---- | M] () -- C:\Program Files (x86)\Last.fm\lastfm.dll
MOD - [2013/01/18 10:49:56 | 000,182,784 | ---- | M] () -- C:\Program Files (x86)\Last.fm\plugins\phonon_backend\phonon_vlc.dll
MOD - [2013/01/18 10:39:50 | 000,302,592 | ---- | M] () -- C:\Program Files (x86)\Last.fm\phonon.dll
MOD - [2012/12/12 23:13:36 | 002,286,592 | ---- | M] () -- C:\Program Files (x86)\Last.fm\libvlccore.dll
MOD - [2012/12/12 23:13:32 | 000,049,664 | ---- | M] () -- C:\Program Files (x86)\Last.fm\plugins\audio_output\libaout_directx_plugin.dll
MOD - [2012/12/12 23:12:58 | 000,111,104 | ---- | M] () -- C:\Program Files (x86)\Last.fm\libvlc.dll
MOD - [2012/03/22 05:07:18 | 000,469,880 | ---- | M] () -- C:\Program Files (x86)\ManyCam\Bin\cximagecrt.dll
MOD - [2011/11/01 23:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/01 23:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/09/14 06:13:48 | 001,437,184 | ---- | M] () -- C:\Program Files (x86)\ManyCam\Bin\opencv_imgproc220.dll
MOD - [2011/09/14 06:13:04 | 002,128,384 | ---- | M] () -- C:\Program Files (x86)\ManyCam\Bin\opencv_core220.dll
MOD - [2010/01/21 01:34:10 | 008,793,952 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/01/09 20:18:18 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF

========== Services (SafeList) ==========

SRV:64bit: - [2013/08/12 13:11:04 | 000,366,600 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013/08/12 13:11:04 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013/05/27 00:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/03/28 21:30:42 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2013/03/28 20:34:18 | 000,241,152 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012/12/11 12:07:04 | 000,619,904 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\WTabletServiceCon.exe -- (WTabletServiceCon)
SRV:64bit: - [2012/07/11 13:54:58 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Disabled | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV:64bit: - [2009/07/13 20:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009/07/13 20:39:47 | 000,010,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\TCPSVCS.EXE -- (simptcp)
SRV:64bit: - [2009/06/26 14:56:50 | 000,119,296 | ---- | M] (WDC) [Disabled | Stopped] -- C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe -- (WDBtnMgrSvc.exe)
SRV - [2013/10/25 20:10:01 | 000,226,640 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\ramaint.exe -- (LMIMaint)
SRV - [2013/10/25 20:09:57 | 000,376,144 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2013/09/05 09:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/07/21 15:25:26 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/23 21:30:22 | 000,088,424 | ---- | M] (Perfect World Entertainment Inc) [On_Demand | Stopped] -- D:\Perfect World\ArcService.exe -- (ArcService)
SRV - [2013/03/17 19:46:52 | 000,115,608 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/12/18 09:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/09/28 09:25:54 | 000,625,304 | ---- | M] (Pandora.TV) [Disabled | Stopped] -- C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe -- (PanService)
SRV - [2012/05/18 13:57:46 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/09/16 14:10:50 | 000,407,424 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010/01/30 00:40:16 | 001,043,584 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2009/07/13 20:14:42 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\TCPSVCS.EXE -- (simptcp)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/10/25 20:09:57 | 000,107,368 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV:64bit: - [2013/06/18 20:50:08 | 000,139,616 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2013/05/15 09:12:06 | 000,039,104 | ---- | M] (Spotflux, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tapSF0901.sys -- (tapSF0901)
DRV:64bit: - [2013/03/28 21:35:02 | 011,658,752 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013/03/28 20:09:44 | 000,581,120 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013/02/14 06:41:10 | 000,096,768 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012/12/15 20:37:40 | 000,337,544 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2012/12/15 20:37:37 | 000,148,576 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fltsrv.sys -- (fltsrv)
DRV:64bit: - [2012/12/13 12:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/12/03 15:36:34 | 000,081,824 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wachidrouter.sys -- (WacHidRouter)
DRV:64bit: - [2012/12/03 15:36:34 | 000,013,728 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidkmdf.sys -- (hidkmdf)
DRV:64bit: - [2012/11/15 08:41:06 | 000,015,776 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys -- (wacomrouterfilter)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/08/13 14:30:36 | 000,025,704 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\PerformanceTest\DirectIo64.sys -- (DIRECTIO)
DRV:64bit: - [2012/04/18 22:57:38 | 000,126,912 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2012/04/09 09:13:58 | 000,057,472 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.2)
DRV:64bit: - [2012/04/09 09:13:58 | 000,057,472 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)
DRV:64bit: - [2012/03/19 15:12:38 | 001,454,896 | ---- | M] (ShiningMorning Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vasdDev.sys -- (VASDeviceDrm)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/28 00:26:10 | 000,028,160 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcaudrv_x64.sys -- (mcaudrv_simple)
DRV:64bit: - [2011/12/20 23:32:42 | 000,034,304 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys -- (ManyCam)
DRV:64bit: - [2011/11/03 02:01:00 | 000,056,208 | ---- | M] (Rovi Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2011/09/16 14:10:50 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV:64bit: - [2011/09/16 14:10:24 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lmimirr.sys -- (lmimirr)
DRV:64bit: - [2011/07/22 11:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 16:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 06:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010/08/12 12:07:50 | 000,350,952 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2010/07/01 12:11:24 | 000,012,352 | ---- | M] () [Kernel | "Start" not found. | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV:64bit: - [2010/02/18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/12/01 14:49:52 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 19:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/07/13 19:01:09 | 000,679,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xnacc.sys -- (xnacc)
DRV:64bit: - [2009/06/10 15:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV - [2013/05/25 21:43:49 | 000,016,056 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys -- (LMIInfo)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.yahoo....r=spigot-yhp-ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 10 B5 FF 77 BB E3 CC 01 [binary data]
IE - HKCU\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {89BB4A33-92FF-4405-A089-B3222EC6DDDF}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\..\SearchScopes\{89BB4A33-92FF-4405-A089-B3222EC6DDDF}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...sa&d=2012-05-04 18:02:45&v=11.0.0.9&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=937811"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: crossriderapp3491%40crossrider.com:0.88.83
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - prefs.js..keyword.URL: "http://search.yahoo....type=937811&p="
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@perfectworld.com/npArcPlayNowPlugin: D:\Perfect World\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
FF - HKLM\Software\MozillaPlugins\@raidcall.en/RCplugin: C:\Users\Kyuubei\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.10: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.0.0.1: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Kyuubei\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Kyuubei\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Kyuubei\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\thehappycloud.com/HappyCloudPlugin: C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/02/22 20:11:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2013/09/05 12:52:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Instantbird 1.1\extensions\\Components: C:\Program Files (x86)\Instantbird\components [2013/06/05 20:10:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Instantbird 1.1\extensions\\Plugins: C:\Program Files (x86)\Instantbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/10/01 09:24:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/10/01 09:24:22 | 000,000,000 | ---D | M]

[2012/06/06 19:51:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kyuubei\AppData\Roaming\Mozilla\Extensions
[2012/08/08 15:26:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kyuubei\AppData\Roaming\Mozilla\Firefox\extensions
[2012/08/08 15:26:16 | 000,000,000 | ---D | M] (uTorrentControl2) -- C:\Users\Kyuubei\AppData\Roaming\Mozilla\Firefox\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
[2013/03/17 19:44:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions
[2013/03/17 19:44:41 | 000,000,000 | ---D | M] ("Vid-Saver") -- C:\Users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]
[2013/03/17 19:44:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\chrome\content\extensionCode
[2012/12/15 20:33:03 | 000,164,324 | ---- | M] () (No name found) -- C:\Users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]
[2013/03/17 19:46:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/03/17 19:46:53 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013/08/02 19:48:41 | 000,248,192 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll
[2013/08/02 19:48:47 | 000,248,192 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll
[2013/03/17 19:46:35 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/03/17 19:46:35 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://search.yahoo....r=spigot-yhp-ch
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\PepperFlash\11.7.700.202\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Kyuubei\AppData\Local\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Kyuubei\AppData\Local\Google\Chrome\Application\30.0.1599.101\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: CouponNetwork Coupon Activator Netscape Plugin v. 5.0.0.0 (Disabled) = C:\Users\Kyuubei\AppData\Local\Google\Chrome\Application\plugins\NPcol400.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Users\Kyuubei\AppData\Local\Google\Chrome\Application\plugins\npMozCouponPrinter.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Disabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U17 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: Pando Web Plugin (Disabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: WacomTabletPlugin (Enabled) = C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll
CHR - plugin: Wacom Dynamic Link Library (Enabled) = C:\Program Files (x86)\TabletPlugins\npwacom.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Happy Cloud Plugin (Enabled) = C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Kyuubei\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Raidcall plugin (Disabled) = C:\Users\Kyuubei\AppData\Roaming\raidcall\plugins\nprcplugin.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll
CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: ArcPlugin (Enabled) = D:\Perfect World\Plugins\npArcPluginFF.dll
CHR - Extension: TrollMe = C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\akdlgapkhlaheocidecfojekgklboeeg\1.1_0\
CHR - Extension: rilakkuma-kun = C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\anbihbfhiceobhannkbbdpjjiiepnnap\1_0\
CHR - Extension: 4chan Image Browser = C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdefnakeacdpebpjdpelgdjhehbglok\1.2_0\
CHR - Extension: Missing e = C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcjbagclppcgdbpobcpoojdjdmcjhpid\2.14.3_0\
CHR - Extension: Turn Off the Lights = C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.2.0.25_0\
CHR - Extension: YouTube = C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Minimalist for Everything = C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.6.8_0\
CHR - Extension: Add to Amazon Wish List = C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\
CHR - Extension: Google Search = C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Tampermonkey = C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo\3.5.3630.66_0\
CHR - Extension: Adobe Acrobat - Create PDF = C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\11.0.0.379_0\
CHR - Extension: Genius Box = C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\engepbdmoplfpledpbjkagliinaiahch\1.0.2_0\
CHR - Extension: 4Chan Viewer = C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\eoldfiljlhnghpnaghjihgnhiiebfbdl\1.2.3_0\
CHR - Extension: Stylish = C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe\1.2_0\
CHR - Extension: XKit = C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpfgeeomkfdefkckijiabdbogjkdaecd\7.2.3_0\
CHR - Extension: AdBlock = C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.14_0\
CHR - Extension: Auto Replay for YouTube = C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\kanbnempkjnhadplbfgdaagijdbdbjeb\1.9.28_0\
CHR - Extension: Unfriend Finder = C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\kddnblacojpnmjdlpnndlcamnmmkfina\40_0\
CHR - Extension: Babblr = C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkocmgaoibklfmejhklahodlookklfjk\1.4.97_0\
CHR - Extension: Image Search Options = C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\kljmejbpilkadikecejccebmccagifhl\0.0.7.3_0\
CHR - Extension: TumTaster = C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\nanfbkacbckngfcklahdgfagjlghfbgm\0.4.10_0\
CHR - Extension: ChromeReload = C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\njoipeaphfnaplplihpbgndfojhdhmjo\0.9.3_0\
CHR - Extension: Google Wallet = C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Google Reader = C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjjhlfkghdhmijklfnahfkpgmhcmfgcm\4.4_0\
CHR - Extension: Gmail = C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2013/02/08 18:24:56 | 000,003,850 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 adobe.activate.com
O1 - Hosts: 127.0.0.1 adobeereg.com
O1 - Hosts: 127.0.0.1 www.adobeereg.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 125.252.224.90
O1 - Hosts: 127.0.0.1 125.252.224.91
O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com
O1 - Hosts: 127.0.0.1 192.150.14.69
O1 - Hosts: 127.0.0.1 192.150.18.101
O1 - Hosts: 127.0.0.1 192.150.18.108
O1 - Hosts: 127.0.0.1 192.150.22.40
O1 - Hosts: 65 more lines...
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (ATLAS Toolbar) - {3C6301ED-0F78-4AF2-8150-D9C052361A8E} - C:\Program Files (x86)\ATLAS V14\ATLIECP.DLL (FUJITSU LIMITED)
O2 - BHO: (Genius Box) - {709F3BE5-C718-4B6D-843C-95E8BE0E5E4A} - C:\Program Files (x86)\TGF Interactive\Genius Box\TGFInteractive.dll (TGF Interactive)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (ArcPluginIEBHO Class) - {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - D:\Perfect World\plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
O2 - BHO: (Adobe Acrobat Create PDF Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe Acrobat Create PDF from Selection) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (ATLAS Toolbar) - {3C6301ED-0F78-4AF2-8150-D9C052361A8E} - C:\Program Files (x86)\ATLAS V14\ATLIECP.DLL (FUJITSU LIMITED)
O3 - HKLM\..\Toolbar: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [MiniBin] C:\Program Files (x86)\MiniBin\minibin.exe (Mike Edward Moras (e-sushi™))
O4 - HKCU..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: ATLAS Translation - {B7707A72-4355-11D4-82BD-00000EBBEF8D} - C:\Program Files (x86)\ATLAS V14\atlscript.html ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.17.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{23A57C4F-1E31-4788-8063-977E7D6B2203}: DhcpNameServer = 44.0.0.253 44.0.0.3 44.0.0.4 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FCCE51CC-2ACE-4725-BD44-929A4CF4ACFB}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\ehshell.exe: Debugger - C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)
O27 - HKLM IFEO\ehshell.exe: Debugger - C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/04/09 18:29:19 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O33 - MountPoints2\{a29c8614-a95b-11e2-8090-000272abf674}\Shell - "" = AutoRun
O33 - MountPoints2\{a29c8614-a95b-11e2-8090-000272abf674}\Shell\AutoRun\command - "" = O:\LaunchU3.exe
O33 - MountPoints2\K\Shell - "" = AutoRun
O33 - MountPoints2\K\Shell\AutoRun\command - "" = K:\FalloutLauncher.exe
O33 - MountPoints2\L\Shell - "" = AutoRun
O33 - MountPoints2\L\Shell\AutoRun\command - "" = L:\_aom.exe
O33 - MountPoints2\N\Shell - "" = AutoRun
O33 - MountPoints2\N\Shell\AutoRun\command - "" = N:\Setup.exe
O33 - MountPoints2\N\Shell\setup\command - "" = N:\setup.exe
O33 - MountPoints2\O\Shell - "" = AutoRun
O33 - MountPoints2\O\Shell\AutoRun\command - "" = O:\LaunchU3.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/10/22 20:26:24 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom
[2013/10/22 20:26:17 | 000,015,776 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys
[2013/10/22 20:26:09 | 000,081,824 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wachidrouter.sys
[2013/10/22 20:26:09 | 000,013,728 | ---- | C] (Windows ® Win 7 DDK provider) -- C:\Windows\SysNative\drivers\hidkmdf.sys
[2013/10/15 21:07:49 | 000,000,000 | ---D | C] -- C:\Users\Kyuubei\AppData\Local\Macroplant_LLC
[2013/10/15 21:07:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iExplorer
[2013/10/15 21:07:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iExplorer
[7 C:\Users\Kyuubei\Documents\*.tmp files -> C:\Users\Kyuubei\Documents\*.tmp -> ]
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
[1 C:\Users\Kyuubei\Desktop\*.tmp files -> C:\Users\Kyuubei\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

File not found -- C:\Windows\SysNative\
[2013/11/12 16:09:11 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3413043463-2710680305-634011025-1000UA.job
[2013/11/12 11:25:20 | 000,021,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/11/12 11:25:20 | 000,021,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/11/11 22:09:00 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3413043463-2710680305-634011025-1000Core.job
[2013/11/10 21:54:35 | 004,627,996 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/11/10 21:54:35 | 000,738,006 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
[2013/11/10 21:54:35 | 000,717,230 | ---- | M] () -- C:\Windows\SysNative\perfh019.dat
[2013/11/10 21:54:35 | 000,655,054 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/11/10 21:54:35 | 000,422,082 | ---- | M] () -- C:\Windows\SysNative\perfh012.dat
[2013/11/10 21:54:35 | 000,418,618 | ---- | M] () -- C:\Windows\SysNative\perfh011.dat
[2013/11/10 21:54:35 | 000,394,914 | ---- | M] () -- C:\Windows\SysNative\prfh0404.dat
[2013/11/10 21:54:35 | 000,377,812 | ---- | M] () -- C:\Windows\SysNative\prfh0804.dat
[2013/11/10 21:54:35 | 000,158,056 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
[2013/11/10 21:54:35 | 000,150,212 | ---- | M] () -- C:\Windows\SysNative\perfc019.dat
[2013/11/10 21:54:35 | 000,122,052 | ---- | M] () -- C:\Windows\SysNative\perfc011.dat
[2013/11/10 21:54:35 | 000,121,926 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/11/10 21:54:35 | 000,120,214 | ---- | M] () -- C:\Windows\SysNative\perfc012.dat
[2013/11/10 21:54:35 | 000,119,786 | ---- | M] () -- C:\Windows\SysNative\prfc0804.dat
[2013/11/10 21:54:35 | 000,114,872 | ---- | M] () -- C:\Windows\SysNative\prfc0404.dat
[2013/11/07 22:22:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/10/25 20:09:57 | 000,107,368 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIRfsClientNP.dll
[2013/10/25 20:09:57 | 000,092,488 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIinit.dll
[2013/10/25 20:09:57 | 000,035,656 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIport.dll
[2013/10/21 20:09:56 | 000,107,368 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIRfsClientNP.dll.000.bak
[2013/10/19 09:08:19 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/10/19 09:08:18 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/10/19 09:05:05 | 000,000,132 | ---- | M] () -- C:\Users\Kyuubei\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2013/10/16 02:01:00 | 000,002,155 | ---- | M] () -- C:\Windows\epplauncher.mif
[7 C:\Users\Kyuubei\Documents\*.tmp files -> C:\Users\Kyuubei\Documents\*.tmp -> ]
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
[1 C:\Users\Kyuubei\Desktop\*.tmp files -> C:\Users\Kyuubei\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

File not found -- C:\Windows\SysNative\
[2013/09/05 12:45:02 | 000,216,064 | ---- | C] () -- C:\Windows\SysWow64\gcapi_dll.dll
[2013/06/05 20:01:52 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI
[2013/05/23 17:27:58 | 000,087,040 | ---- | C] () -- C:\Windows\UnGins.exe
[2013/05/23 17:27:57 | 000,473,600 | ---- | C] () -- C:\Windows\SysWow64\Harmony.dll
[2013/05/23 17:27:57 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\Unlha32.dll
[2013/05/23 17:19:45 | 000,778,752 | ---- | C] () -- C:\Windows\SysWow64\RGSS102E.dll
[2013/05/23 17:19:45 | 000,758,272 | ---- | C] () -- C:\Windows\SysWow64\RGSS104E.dll
[2013/05/23 17:19:44 | 000,781,312 | ---- | C] () -- C:\Windows\SysWow64\RGSS102J.dll
[2013/05/23 17:19:44 | 000,771,584 | ---- | C] () -- C:\Windows\SysWow64\RGSS100J.dll
[2013/05/23 17:19:44 | 000,761,856 | ---- | C] () -- C:\Windows\SysWow64\RGSS104J.dll
[2013/05/23 17:19:44 | 000,685,056 | ---- | C] () -- C:\Windows\SysWow64\RGSS103J.dll
[2013/03/28 21:13:14 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2013/03/28 21:13:12 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2013/03/25 22:36:23 | 000,000,132 | ---- | C] () -- C:\Users\Kyuubei\AppData\Roaming\Adobe GIF Format CS6 Prefs
[2013/03/17 20:26:19 | 000,001,783 | ---- | C] () -- C:\Users\Kyuubei\iTunes.lnk
[2012/12/14 16:55:53 | 000,007,626 | ---- | C] () -- C:\Users\Kyuubei\AppData\Local\Resmon.ResmonCfg
[2012/11/29 15:58:54 | 000,000,256 | -H-- | C] () -- C:\Windows\SysWow64\FJLTAFOU.BIN
[2012/11/29 15:58:53 | 000,000,256 | -H-- | C] () -- C:\Windows\SysWow64\LTAW14FN.BIN
[2012/11/27 00:18:46 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012/09/06 14:44:00 | 000,008,704 | ---- | C] () -- C:\Users\Kyuubei\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/08/14 21:02:07 | 000,173,809 | ---- | C] () -- C:\Windows\hpoins43.dat.temp
[2012/08/14 21:02:07 | 000,000,601 | ---- | C] () -- C:\Windows\hpomdl43.dat.temp
[2012/05/24 13:12:23 | 000,001,456 | ---- | C] () -- C:\Users\Kyuubei\AppData\Local\Adobe Save for Web 13.0 Prefs
[2012/05/21 15:39:03 | 000,000,132 | ---- | C] () -- C:\Users\Kyuubei\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2012/03/27 20:18:35 | 000,001,456 | ---- | C] () -- C:\Users\Kyuubei\AppData\Local\Adobe Save for Web 12.0 Prefs
[2012/03/08 23:31:26 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/03/08 23:31:26 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012/02/12 01:56:39 | 000,000,132 | ---- | C] () -- C:\Users\Kyuubei\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012/02/05 16:16:40 | 000,173,837 | ---- | C] () -- C:\Windows\hpoins43.dat
[2012/02/05 16:16:40 | 000,000,601 | ---- | C] () -- C:\Windows\hpomdl43.dat
[2012/02/05 02:14:46 | 000,198,364 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2012/02/04 23:29:01 | 004,564,674 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/02/04 23:25:20 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012/02/04 23:25:20 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012/02/04 23:25:19 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012/02/04 23:25:19 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012/02/04 23:14:02 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

========== ZeroAccess Check ==========

[2013/04/07 21:26:33 | 000,000,000 | -HSD | M] -- C:\Windows\Installer\{0cf162e8-399c-ca3c-7bde-2e9a5e464ab9}\L
[2013/08/15 05:15:31 | 000,000,000 | -HSD | M] -- C:\Windows\Installer\{0cf162e8-399c-ca3c-7bde-2e9a5e464ab9}\U
[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 21:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 20:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/06/27 09:04:19 | 000,000,000 | ---D | M] -- C:\Users\Kyuubei\AppData\Roaming\.spotflux
[2012/02/04 23:29:47 | 000,000,000 | ---D | M] -- C:\Users\Kyuubei\AppData\Roaming\acccore
[2013/05/26 17:39:59 | 000,000,000 | ---D | M] -- C:\Users\Kyuubei\AppData\Roaming\Arc
[2012/06/17 18:23:57 | 000,000,000 | ---D | M] -- C:\Users\Kyuubei\AppData\Roaming\Atari
[2013/07/19 23:13:57 | 000,000,000 | ---D | M] -- C:\Users\Kyuubei\AppData\Roaming\Audacity
[2012/04/09 18:32:27 | 000,000,000 | ---D | M] -- C:\Users\Kyuubei\AppData\Roaming\Autodesk
[2013/07/28 20:50:59 | 000,000,000 | ---D | M] -- C:\Users\Kyuubei\AppData\Roaming\Azureus
[2013/04/04 21:17:47 | 000,000,000 | ---D | M] -- C:\Users\Kyuubei\AppData\Roaming\Babylon
[2012/02/06 18:15:22 | 000,000,000 | ---D | M] -- C:\Users\Kyuubei\AppData\Roaming\calibre
[2012/05/03 18:30:28 | 000,000,000 | ---D | M] -- C:\Users\Kyuubei\AppData\Roaming\Catalina Marketing Corp
[2012/05/28 02:30:21 | 000,000,000 | ---D | M] -- C:\Users\Kyuubei\AppData\Roaming\cYo
[2013/07/27 21:05:48 | 000,000,000 | ---D | M] -- C:\Users\Kyuubei\AppData\Roaming\DVDVideoSoft
[2012/07/12 01:43:39 | 000,000,000 | ---D | M] -- C:\Users\Kyuubei\AppData\Roaming\FastCopy
[2012/02/06 20:56:40 | 000,000,000 | ---D | M] -- C:\Users\Kyuubei\AppData\Roaming\FileZilla
[2013/09/05 12:45:30 | 000,000,000 | ---D | M] -- C:\Users\Kyuubei\AppData\Roaming\Foxit Software
[2012/11/29 16:31:57 | 000,000,000 | ---D | M] -- C:\Users\Kyuubei\AppData\Roaming\Fujitsu
[2013/04/04 21:17:45 | 000,000,000 | ---D | M] -- C:\Users\Kyuubei\AppData\Roaming\Greenshot
[2012/05/01 22:21:54 | 000,000,000 | ---D | M] -- C:\Users\Kyuubei\AppData\Roaming\HD Tune Pro
[2013/01/25 17:02:42 | 000,000,000 | ---D | M] -- C:\Users\Kyuubei\AppData\Roaming\iFunbox_UserCache
[2012/05/07 06:57:06 | 000,000,000 | ---D | M] -- C:\Users\Kyuubei\AppData\Roaming\ImgBurn
[2012/06/06 19:51:31 | 000,000,000 | ---D | M] -- C:\Users\Kyuubei\AppData\Roaming\Instantbird
[2012/06/13 22:29:55 | 000,000,000 | ---D | M] -- C:\Users\Kyuubei\AppData\Roaming\JAM Software
[2013/05/20 02:46:09 | 000,000,000 | ---D | M] -- C:\Users\Kyuubei\AppData\Roaming\LolClient
[2012/03/29 20:35:13 | 000,000,000 | ---D | M] -- C:\Users\Kyuubei\AppData\Roaming\ManyCam
[2013/07/21 14:00:37 | 000,000,000 | ---D | M] -- C:\Users\Kyuubei\AppData\Roaming\Notepad++
[2013/07/27 21:04:19 | 000,000,000 | ---D | M] -- C:\Users\Kyuubei\AppData\Roaming\OpenCandy
[2012/02/06 20:27:04 | 000,000,000 | ---D | M] -- C:\Users\Kyuubei\AppData\Roaming\Opera
[2013/06/05 20:01:52 | 000,000,000 | ---D | M] -- C:\Users\Kyuubei\AppData\Roaming\PACE Anti-Piracy
[2013/09/05 13:00:48 | 000,000,000 | ---D | M] -- C:\Users\Kyuubei\AppData\Roaming\PDAppFlex
[2012/02/04 23:25:32 | 000,000,000 | ---D | M] -- C:\Users\Kyuubei\AppData\Roaming\pdfforge
[2012/05/06 21:07:18 | 000,000,000 | ---D | M] -- C:\Users\Kyuubei\AppData\Roaming\PowerISO
[2013/05/22 01:52:36 | 000,000,000 | ---D | M] -- C:\Users\Kyuubei\AppData\Roaming\raidcall
[2013/05/18 22:39:26 | 000,000,000 | ---D | M] -- C:\Users\Kyuubei\AppData\Roaming\redsn0w
[2013/05/09 20:53:23 | 000,000,000 | ---D | M] -- C:\Users\Kyuubei\AppData\Roaming\Riot Games
[2012/03/11 21:10:21 | 000,000,000 | ---D | M] -- C:\Users\Kyuubei\AppData\Roaming\Screaming Bee
[2012/07/09 13:32:28 | 000,000,000 | ---D | M] -- C:\Users\Kyuubei\AppData\Roaming\Spotify
[2012/05/24 13:16:27 | 000,000,000 | ---D | M] -- C:\Users\Kyuubei\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012/02/24 13:58:10 | 000,000,000 | ---D | M] -- C:\Users\Kyuubei\AppData\Roaming\StepMania 5
[2012/04/04 03:41:07 | 000,000,000 | ---D | M] -- C:\Users\Kyuubei\AppData\Roaming\SYSTEMAX Software Development
[2013/05/25 14:43:21 | 000,000,000 | ---D | M] -- C:\Users\Kyuubei\AppData\Roaming\SystemRequirementsLab
[2012/08/12 00:07:46 | 000,000,000 | ---D | M] -- C:\Users\Kyuubei\AppData\Roaming\transmission
[2013/11/12 17:51:59 | 000,000,000 | ---D | M] -- C:\Users\Kyuubei\AppData\Roaming\uTorrent
[2012/12/11 18:23:49 | 000,000,000 | ---D | M] -- C:\Users\Kyuubei\AppData\Roaming\Wacom
[2012/08/16 16:49:24 | 000,000,000 | ---D | M] -- C:\Users\Kyuubei\AppData\Roaming\WhatPulse
[2013/09/20 18:35:53 | 000,000,000 | ---D | M] -- C:\Users\Kyuubei\AppData\Roaming\Xilisoft

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 1221 bytes -> C:\ProgramData\Microsoft:MTSUEwYG5vHW0APX
@Alternate Data Stream - 1107 bytes -> C:\Program Files\Common Files\Microsoft Shared:9fV6Jdo1zAZkvqGbKCt
@Alternate Data Stream - 1031 bytes -> C:\ProgramData\Microsoft:4cMMbtAxrc5F3tLq
@Alternate Data Stream - 1011 bytes -> C:\ProgramData\Microsoft:mdk9Lf2I6JbWjYjHrqnzk

< End of report >

#2
RKinner

Posted 13 November 2013 - 12:21 PM

Malware Expert

Expert
24,625 posts

Download and Save this file -- to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Rightclick on ComboFix and select Run As Administrator to start the program.

* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.

* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix.

Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

A file will be created at => C:\Combofix\Combofix.txt. I'll need to see that in your reply.

As this is a Zero Access infection you may not get a log after the first run. If you do not get a log then run Combofix a second time.

If you get an error about a registry key scheduled for deletion then just reboot and that should fix it.

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
Press Scan button.
It will produce a log called FRST.txt in the same directory the tool is run from.
Please copy and paste log back here.
The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

#3
faburizu

Posted 13 November 2013 - 06:30 PM

Member

Topic Starter
Member
35 posts

Let me start by saying thank you for the speedy reply!

I also wanted to add that I noticed some suspicious files on my desktop, such as some word documents dated as 2053, faded with the $~ symbols, and titled things like "RESUME" and "CELL LAB REPORT" and finally Desktop.ini (which I see in the scan under Zeroaccess, so maybe that's related.) However, after the combofix scan, they're gone, not sure if they only show up periodically or anything.

COMBOFIX LOG:

ComboFix 13-11-12.01 - Kyuubei 3/2013 Wed 18:41:13.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.932.81.1033.18.7167.4918 [GMT -5:00]
Running from: c:\users\Kyuubei\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Kyuubei\AppData\Local\Vid-Saver
c:\users\Kyuubei\AppData\Local\Vid-Saver\Chrome\Vid-Saver.crx
c:\users\Kyuubei\AppData\Local\WideSearch
c:\users\Kyuubei\AppData\Local\WideSearch\unins000.dat
c:\users\Kyuubei\AppData\Roaming\mIRC\logs\status.log
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\chrome.manifest
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\chrome\content\api\background.js
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\chrome\content\api\browserAction.js
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\chrome\content\api\contextMenu.js
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\chrome\content\api\dbManager.js
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\chrome\content\api\dns.js
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\chrome\content\api\fileManager.js
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\chrome\content\api\firefox.js
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\chrome\content\api\firefoxNotifications.js
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\chrome\content\api\firefoxOmnibox.js
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\chrome\content\api\message.js
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\chrome\content\api\mysite.js
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\chrome\content\api\request.js
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\chrome\content\api\tabs.js
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\chrome\content\api\webRequest.js
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\chrome\content\background.html
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\chrome\content\browser.xul
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\chrome\content\core\console.js
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\chrome\content\core\consts.js
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\chrome\content\core\delegate.js
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\chrome\content\core\httpObserver.js
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\chrome\content\core\pluginsManager.js
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\chrome\content\core\prefs.js
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\chrome\content\core\progressListenerObserver.js
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\chrome\content\core\registry.js
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\chrome\content\core\reports.js
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\chrome\content\core\requestObject.js
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\chrome\content\core\searchSettings.js
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\chrome\content\core\uninstallObserver.js
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\chrome\content\core\updateManager.js
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\chrome\content\core\utils.js
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\chrome\content\core\xhr.js
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\chrome\content\crossrider.js
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\chrome\content\crossriderapi.js
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\chrome\content\CrossriderEXT.js
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\chrome\content\dialog.js
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\chrome\content\extensionCode\backgroundCode.js
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\chrome\content\extensionCode\pageCode.js
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\chrome\content\options.js
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\chrome\content\options.xul
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\chrome\content\search_dialog.xul
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\defaults\preferences\prefs.js
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\install.rdf
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\locale\en-US\translations.dtd
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\skin\button1.png
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\skin\button2.png
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\skin\button3.png
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\skin\button4.png
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\skin\button5.png
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\skin\crossrider_statusbar.png
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\skin\icon128.png
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\skin\icon16.png
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\skin\icon24.png
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\skin\icon48.png
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\skin\panelarrow-up.png
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\skin\popup.html
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\skin\skin.css
c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\extensions\[email protected]\skin\update.css
c:\users\Kyuubei\Documents\~WRL0212.tmp
c:\users\Kyuubei\Documents\~WRL1133.tmp
c:\users\Kyuubei\Documents\~WRL2642.tmp
c:\users\Kyuubei\Documents\~WRL2645.tmp
c:\users\Kyuubei\Documents\~WRL3611.tmp
c:\windows\SysWow64\DEBUG.log
c:\windows\SysWow64\FlashPlayerApp.exe
c:\windows\XSxS
.
.
((((((((((((((((((((((((( Files Created from 2013-10-13 to 2013-11-13 )))))))))))))))))))))))))))))))
.
.
2013-11-13 23:57 . 2013-11-13 23:57 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-11-13 03:32 . 2013-10-14 07:12 10280728 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4D6A64B1-93C4-4F46-89AE-5B46ACF4BEB8}\mpengine.dll
2013-11-12 03:33 . 2013-10-14 07:12 10280728 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-11-06 13:10 . 2013-10-18 07:30 965000 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8AE37959-56AF-42AC-90F9-E09F07C2F7F8}\gapaengine.dll
2013-10-23 01:26 . 2012-11-15 13:41 15776 ----a-w- c:\windows\system32\drivers\wacomrouterfilter.sys
2013-10-23 01:26 . 2012-12-03 20:36 81824 ----a-w- c:\windows\system32\drivers\wachidrouter.sys
2013-10-23 01:26 . 2012-12-03 20:36 13728 ----a-w- c:\windows\system32\drivers\hidkmdf.sys
2013-10-19 14:41 . 2013-09-04 12:11 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-10-19 14:41 . 2013-09-04 12:12 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-10-19 14:41 . 2013-09-04 12:11 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-10-19 14:41 . 2013-09-04 12:11 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-10-19 14:41 . 2013-09-04 12:11 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-10-19 14:41 . 2013-09-04 12:11 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-10-19 14:41 . 2013-09-04 12:11 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-10-16 02:07 . 2013-10-16 02:07 -------- d-----w- c:\users\Kyuubei\AppData\Local\Macroplant_LLC
2013-10-16 02:07 . 2013-10-16 02:07 -------- d-----w- c:\program files (x86)\iExplorer
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-26 01:09 . 2012-02-05 05:07 35656 ----a-w- c:\windows\system32\LMIport.dll
2013-10-26 01:09 . 2012-02-05 05:07 107368 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2013-10-26 01:09 . 2012-02-05 05:07 92488 ----a-w- c:\windows\system32\LMIinit.dll
2013-10-22 01:09 . 2012-02-05 05:07 107368 ----a-w- c:\windows\system32\LMIRfsClientNP.dll.000.bak
2013-10-18 07:30 . 2013-08-22 18:10 965000 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-10-11 07:06 . 2012-02-05 02:43 80541720 ----a-w- c:\windows\system32\MRT.exe
2013-09-22 23:28 . 2013-10-11 07:20 1767936 ----a-w- c:\windows\SysWow64\wininet.dll
2013-09-22 23:27 . 2013-10-11 07:20 2876928 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-09-22 23:27 . 2013-10-11 07:20 61440 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-09-22 23:27 . 2013-10-11 07:20 109056 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-09-22 22:55 . 2013-10-11 07:20 51712 ----a-w- c:\windows\system32\ie4uinit.exe
2013-09-22 22:55 . 2013-10-11 07:20 2241024 ----a-w- c:\windows\system32\wininet.dll
2013-09-22 22:55 . 2013-10-11 07:20 1365504 ----a-w- c:\windows\system32\urlmon.dll
2013-09-22 22:54 . 2013-10-11 07:20 603136 ----a-w- c:\windows\system32\msfeeds.dll
2013-09-22 22:54 . 2013-10-11 07:20 19252224 ----a-w- c:\windows\system32\mshtml.dll
2013-09-22 22:54 . 2013-10-11 07:20 855552 ----a-w- c:\windows\system32\jscript.dll
2013-09-22 22:54 . 2013-10-11 07:20 3959296 ----a-w- c:\windows\system32\jscript9.dll
2013-09-22 22:54 . 2013-10-11 07:20 53248 ----a-w- c:\windows\system32\jsproxy.dll
2013-09-22 22:54 . 2013-10-11 07:20 526336 ----a-w- c:\windows\system32\ieui.dll
2013-09-22 22:54 . 2013-10-11 07:20 67072 ----a-w- c:\windows\system32\iesetup.dll
2013-09-22 22:54 . 2013-10-11 07:20 39936 ----a-w- c:\windows\system32\iernonce.dll
2013-09-22 22:54 . 2013-10-11 07:20 136704 ----a-w- c:\windows\system32\iesysprep.dll
2013-09-22 22:54 . 2013-10-11 07:20 2647552 ----a-w- c:\windows\system32\iertutil.dll
2013-09-22 22:54 . 2013-10-11 07:20 15404544 ----a-w- c:\windows\system32\ieframe.dll
2013-09-21 03:38 . 2013-10-11 07:20 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-09-21 03:30 . 2013-10-11 07:20 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-09-21 02:48 . 2013-10-11 07:20 89600 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-09-21 02:39 . 2013-10-11 07:20 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-09-14 01:10 . 2013-10-10 20:01 497152 ----a-w- c:\windows\system32\drivers\afd.sys
2013-09-08 02:30 . 2013-10-10 20:01 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-09-08 02:27 . 2013-10-10 20:01 327168 ----a-w- c:\windows\system32\mswsock.dll
2013-09-08 02:03 . 2013-10-10 20:01 231424 ----a-w- c:\windows\SysWow64\mswsock.dll
2013-08-29 02:17 . 2013-10-10 20:01 5549504 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-08-29 02:16 . 2013-10-10 20:00 1732032 ----a-w- c:\windows\system32\ntdll.dll
2013-08-29 02:16 . 2013-10-10 20:00 243712 ----a-w- c:\windows\system32\wow64.dll
2013-08-29 02:16 . 2013-10-10 20:00 859648 ----a-w- c:\windows\system32\tdh.dll
2013-08-29 02:13 . 2013-10-10 20:01 878080 ----a-w- c:\windows\system32\advapi32.dll
2013-08-29 01:51 . 2013-10-10 20:00 3969472 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-08-29 01:51 . 2013-10-10 20:00 3914176 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-08-29 01:50 . 2013-10-10 20:00 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-08-29 01:50 . 2013-10-10 20:00 1292192 ----a-w- c:\windows\SysWow64\ntdll.dll
2013-08-29 01:50 . 2013-10-10 20:00 619520 ----a-w- c:\windows\SysWow64\tdh.dll
2013-08-29 01:48 . 2013-10-10 20:00 640512 ----a-w- c:\windows\SysWow64\advapi32.dll
2013-08-29 01:48 . 2013-10-10 20:00 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-08-29 00:49 . 2013-10-10 20:00 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-08-29 00:49 . 2013-10-10 20:00 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-08-29 00:49 . 2013-10-10 20:00 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-08-29 00:49 . 2013-10-10 20:00 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-08-28 01:21 . 2013-10-10 20:01 3155968 ----a-w- c:\windows\system32\win32k.sys
2013-08-28 01:12 . 2013-10-10 20:00 461312 ----a-w- c:\windows\system32\scavengeui.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{709F3BE5-C718-4B6D-843C-95E8BE0E5E4A}]
2012-09-21 21:11 42944 ----a-w- c:\program files (x86)\TGF Interactive\Genius Box\TGFInteractive.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MiniBin"="c:\program files (x86)\MiniBin\minibin.exe" [2012-03-14 56832]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2013-04-08 399736]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-03-29 642656]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe" [2012-09-24 3477640]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
CUITX4.exe - Shortcut.lnk - c:\cuitx4\CUITX4.exe [2012-5-30 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 dzgbzkbn;dzgbzkbn;c:\windows\system32\drivers\dzgbzkbn.sys;c:\windows\SYSNATIVE\drivers\dzgbzkbn.sys [x]
R2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ArcService;Arc Service;d:\perfect world\ArcService.exe;d:\perfect world\ArcService.exe [x]
R3 DIRECTIO;DIRECTIO;c:\program files\PerformanceTest\DirectIo64.sys;c:\program files\PerformanceTest\DirectIo64.sys [x]
R3 hidkmdf;KMDF Driver;c:\windows\system32\DRIVERS\hidkmdf.sys;c:\windows\SYSNATIVE\DRIVERS\hidkmdf.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VASDeviceDrm;Virtual Audio Streaming with Drm (WDM);c:\windows\system32\drivers\vasdDev.sys;c:\windows\SYSNATIVE\drivers\vasdDev.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WacHidRouter;Wacom Hid Router;c:\windows\system32\DRIVERS\wachidrouter.sys;c:\windows\SYSNATIVE\DRIVERS\wachidrouter.sys [x]
R3 wacomrouterfilter;Wacom Router Filter Driver;c:\windows\system32\DRIVERS\wacomrouterfilter.sys;c:\windows\SYSNATIVE\DRIVERS\wacomrouterfilter.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
R4 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
R4 PanService;PandoraService;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe [x]
R4 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R4 WDBtnMgrSvc.exe;WD Drive Manager Service;c:\program files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe;c:\program files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [x]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys;c:\windows\SYSNATIVE\DRIVERS\fltsrv.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [x]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S2 WTabletServiceCon;Wacom Consumer Service;c:\program files\Tablet\Pen\WTabletServiceCon.exe;c:\program files\Tablet\Pen\WTabletServiceCon.exe [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv_x64.sys;c:\windows\SYSNATIVE\DRIVERS\mcvidrv_x64.sys [x]
S3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv_x64.sys;c:\windows\SYSNATIVE\drivers\mcaudrv_x64.sys [x]
S3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
S3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys;c:\windows\SYSNATIVE\drivers\ScreamingBAudio64.sys [x]
S3 tapSF0901;Spotflux Virtual Network Device Driver;c:\windows\system32\DRIVERS\tapSF0901.sys;c:\windows\SYSNATIVE\DRIVERS\tapSF0901.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2013-07-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-24 20:25]
.
2012-10-29 c:\windows\Tasks\AutoKMS.job
- c:\windows\AutoKMS\AutoKMS.exe [2012-03-04 23:32]
.
2013-10-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-17 01:50]
.
2013-10-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-17 01:50]
.
2013-11-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3413043463-2710680305-634011025-1000Core.job
- c:\users\Kyuubei\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-05 06:15]
.
2013-11-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3413043463-2710680305-634011025-1000UA.job
- c:\users\Kyuubei\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-05 06:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LogMeIn GUI"="c:\program files (x86)\LogMeIn\x64\LogMeInSystray.exe" [2011-09-16 57928]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-08-12 1356240]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-09-20 444904]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.yahoo.com?type=937811&fr=spigot-yhp-ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;<local>
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{687578b9-7132-4a7a-80e4-30ee31099e03} - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]
"Version"=hex:2e,73,0b,7d,97,e2,7d,9e,82,b0,fe,05,bf,f1,ac,7a,88,ac,62,0e,2b,
fc,30,61,86,5c,53,45,20,00,0c,81,e6,34,34,2b,95,f8,f3,bb,bd,ea,3b,6f,36,b7,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version]
"Version"=hex:2e,73,0b,7d,97,e2,7d,9e,82,b0,fe,05,bf,f1,ac,7a,88,ac,62,0e,2b,
fc,30,61,86,5c,53,45,20,00,0c,81,e6,34,34,2b,95,f8,f3,bb,bd,ea,3b,6f,36,b7,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-11-13 19:11:50
ComboFix-quarantined-files.txt 2013-11-14 00:11
.
Pre-Run: 56,960,638,976 bytes free
Post-Run: 56,792,485,888 bytes free
.
- - End Of File - - 70B1212DA6AB16DE8624D5E326F57AC1
A36C5E4F47E84449FF07ED3517B43A31

FRST.TXT

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-11-2013
Ran by Kyuubei (administrator) on MEGUCA on 13-11-2013 19:17:03
Running from C:\Users\Kyuubei\Downloads
Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
(Microsoft Corporation) C:\Windows\System32\tcpsvcs.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
(Mike Edward Moras (e-sushi™)) C:\Program Files (x86)\MiniBin\minibin.exe
(Edgemeal) C:\CUITX4\CUITX4.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Last.fm) C:\Program Files (x86)\Last.fm\Last.fm Scrobbler.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [LogMeIn GUI] - C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2011-09-16] (LogMeIn, Inc.)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-08-12] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKCU\...\Run: [MiniBin] - C:\Program Files (x86)\MiniBin\minibin.exe [56832 2012-03-14] (Mike Edward Moras (e-sushi™))
HKCU\...\Run: [uTorrent] - C:\Program Files (x86)\uTorrent\uTorrent.exe [399736 2013-04-07] (BitTorrent, Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe [3477640 2012-09-23] (Adobe Systems Inc.)
HKU\Default\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\Default User\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
IMEO\ehshell.exe: [Debugger] "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe" -MceShellRedirect

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.yahoo....r=spigot-yhp-ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x10B5FF77BBE3CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {89BB4A33-92FF-4405-A089-B3222EC6DDDF} URL = http://search.yahoo....p={searchTerms}
SearchScopes: HKCU - {89BB4A33-92FF-4405-A089-B3222EC6DDDF} URL = http://search.yahoo....p={searchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.c...sa&d=2012-05-04 18:02:45&v=11.0.0.9&sap=dsp&q={searchTerms}
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: ATLAS Toolbar - {3C6301ED-0F78-4AF2-8150-D9C052361A8E} - C:\Program Files (x86)\ATLAS V14\ATLIECP.DLL (FUJITSU LIMITED)
BHO-x32: Genius Box - {709F3BE5-C718-4B6D-843C-95E8BE0E5E4A} - C:\Program Files (x86)\TGF Interactive\Genius Box\TGFInteractive.dll (TGF Interactive)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: ArcPluginIEBHO Class - {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - D:\Perfect World\plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe Acrobat Create PDF Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - No Name - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No File
Toolbar: HKLM-x32 - ATLAS Toolbar - {3C6301ED-0F78-4AF2-8150-D9C052361A8E} - C:\Program Files (x86)\ATLAS V14\ATLIECP.DLL (FUJITSU LIMITED)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 01 %SystemRoot%\System32\mswsock.dll [327168] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default
FF DefaultSearchEngine: Yahoo
FF SelectedSearchEngine: Yahoo
FF Homepage: about:home
FF Keyword.URL: hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin - D:\Perfect World\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
FF Plugin-x32: @raidcall.en/RCplugin - C:\Users\Kyuubei\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.10 - C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.0.0.1 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Kyuubei\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Kyuubei\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Kyuubei\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: thehappycloud.com/HappyCloudPlugin - C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Extension: geniusbox - C:\Users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\Extensions\[email protected]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn

Chrome:
=======
CHR HomePage: hxxp://search.yahoo.com?type=937811&fr=spigot-yhp-ch
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\PepperFlash\11.7.700.202\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (CouponNetwork Coupon Activator Netscape Plugin v. 5.0.0.0) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\Application\plugins\NPcol400.dll (Catalina Marketing Corporation)
CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\Application\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java™ Platform SE 7 U17) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (WacomTabletPlugin) - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
CHR Plugin: ( Wacom Dynamic Link Library) - C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Happy Cloud Plugin) - C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)
CHR Plugin: (Unity Player) - C:\Users\Kyuubei\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Raidcall plugin) - C:\Users\Kyuubei\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (ArcPlugin) - D:\Perfect World\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
CHR Extension: (TrollMe) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\akdlgapkhlaheocidecfojekgklboeeg\1.1_0
CHR Extension: (rilakkuma-kun) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\anbihbfhiceobhannkbbdpjjiiepnnap\1_0
CHR Extension: (4chan Image Browser) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdefnakeacdpebpjdpelgdjhehbglok\1.2_0
CHR Extension: (Missing e) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcjbagclppcgdbpobcpoojdjdmcjhpid\2.14.3_0
CHR Extension: (Turn Off the Lights) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.2.0.26_0
CHR Extension: (YouTube) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Minimalist for Everything) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.6.8_0
CHR Extension: (Add to Amazon Wish List) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0
CHR Extension: (Google Search) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Tampermonkey) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo\3.5.3630.66_0
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\11.0.0.379_0
CHR Extension: (Genius Box) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\engepbdmoplfpledpbjkagliinaiahch\1.0.2_0
CHR Extension: (4Chan Viewer) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\eoldfiljlhnghpnaghjihgnhiiebfbdl\1.2.3_0
CHR Extension: (Stylish) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe\1.2_0
CHR Extension: (XKit) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpfgeeomkfdefkckijiabdbogjkdaecd\7.2.3_0
CHR Extension: (AdBlock) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.14_0
CHR Extension: (Auto Replay for YouTube) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\kanbnempkjnhadplbfgdaagijdbdbjeb\1.9.28_0
CHR Extension: (Unfriend Finder) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\kddnblacojpnmjdlpnndlcamnmmkfina\40_0
CHR Extension: (Babblr) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkocmgaoibklfmejhklahodlookklfjk\1.4.97_0
CHR Extension: (Image Search Options) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\kljmejbpilkadikecejccebmccagifhl\0.0.7.3_0
CHR Extension: (TumTaster) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\nanfbkacbckngfcklahdgfagjlghfbgm\0.4.10_0
CHR Extension: (ChromeReload) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\njoipeaphfnaplplihpbgndfojhdhmjo\0.9.3_0
CHR Extension: (Google Wallet) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0
CHR Extension: (Google Reader) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjjhlfkghdhmijklfnahfkpgmhcmfgcm\4.4_0
CHR Extension: (Gmail) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx
CHR HKLM-x32\...\Chrome\Extension: [engepbdmoplfpledpbjkagliinaiahch] - C:\Program Files (x86)\TGF Interactive\Genius Box\GeniusBox.crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx
CHR HKLM-x32\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\Kyuubei\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx
CHR HKLM-x32\...\Chrome\Extension: [pgmfkblbflahhponhjmkcnpjinenhlnc] - C:\Users\Kyuubei\AppData\Local\Vid-Saver\Chrome\Vid-Saver.crx
CHR StartMenuInternet: Google Chrome - C:\Users\Kyuubei\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-07-11] (SUPERAntiSpyware.com)
S4 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2012-03-11] (Adobe Systems)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-03-28] (Advanced Micro Devices, Inc.)
S3 ArcService; D:\Perfect World\ArcService.exe [88424 2013-05-23] (Perfect World Entertainment Inc)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [376144 2013-10-25] (LogMeIn, Inc.)
R2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [226640 2013-10-25] (LogMeIn, Inc.)
R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2011-09-16] (LogMeIn, Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-08-12] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-08-12] (Microsoft Corporation)
S4 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [625304 2012-09-28] (Pandora.TV)
S4 WDBtnMgrSvc.exe; C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [119296 2009-06-26] (WDC)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [619904 2012-12-11] (Wacom Technology, Corp.)

==================== Drivers (Whitelisted) ====================

R2 AODDriver4.01; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
S2 AODDriver4.2; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
S3 DIRECTIO; C:\Program Files\PerformanceTest\DirectIo64.sys [25704 2012-08-13] ()
R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2013-05-25] (LogMeIn, Inc.)
S4 LMIRfsClientNP; No ImagePath
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv_x64.sys [34304 2011-12-20] (ManyCam LLC)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [28160 2012-02-28] (ManyCam LLC)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 tapSF0901; C:\Windows\System32\DRIVERS\tapSF0901.sys [39104 2013-05-15] (Spotflux, Inc.)
S3 VASDeviceDrm; C:\Windows\System32\drivers\vasdDev.sys [1454896 2012-03-19] (ShiningMorning Inc.)
U3 catchme; \??\C:\ComboFix\catchme.sys [x]
S1 dzgbzkbn; \??\C:\Windows\system32\drivers\dzgbzkbn.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
S3 wacommousefilter; system32\DRIVERS\wacommousefilter.sys [x]
S3 wacomvhid; system32\DRIVERS\wacomvhid.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

Error(0) reading file: "C:\Windows\system32\ "
2013-11-13 19:17 - 2013-11-13 19:19 - 00026387 _____ C:\Users\Kyuubei\Downloads\FRST.txt
2013-11-13 19:16 - 2013-11-13 19:16 - 01957794 _____ (Farbar) C:\Users\Kyuubei\Downloads\FRST64.exe
2013-11-13 19:16 - 2013-11-13 19:16 - 00000000 ____D C:\FRST
2013-11-13 19:12 - 2013-11-13 19:12 - 00031979 _____ C:\ComboFix.txt
2013-11-13 18:39 - 2011-06-26 01:45 - 00256000 _____ C:\Windows\PEV.exe
2013-11-13 18:39 - 2010-11-07 12:20 - 00208896 _____ C:\Windows\MBR.exe
2013-11-13 18:39 - 2009-04-19 23:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-11-13 18:39 - 2000-08-30 19:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-11-13 18:39 - 2000-08-30 19:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-11-13 18:39 - 2000-08-30 19:00 - 00098816 _____ C:\Windows\sed.exe
2013-11-13 18:39 - 2000-08-30 19:00 - 00080412 _____ C:\Windows\grep.exe
2013-11-13 18:39 - 2000-08-30 19:00 - 00068096 _____ C:\Windows\zip.exe
2013-11-13 18:38 - 2013-11-13 19:12 - 00000000 ____D C:\Qoobox
2013-11-13 18:38 - 2013-11-13 19:08 - 00000000 ____D C:\Windows\erdnt
2013-11-13 18:31 - 2013-11-13 18:31 - 05147957 ____R (Swearware) C:\Users\Kyuubei\Downloads\ComboFix.exe
2013-11-12 20:07 - 2013-11-12 20:07 - 00010298 _____ C:\Users\Kyuubei\Downloads\Lady Gaga - ARTPOP - 2013 (CD - MP3 - V0 (VBR)).torrent
2013-11-12 18:50 - 2013-11-12 18:50 - 00071290 _____ C:\Users\Kyuubei\Downloads\Extras.Txt
2013-11-12 17:55 - 2013-11-12 17:55 - 00124708 _____ C:\Users\Kyuubei\Downloads\OTL.Txt
2013-11-12 16:53 - 2013-11-12 16:53 - 00602112 _____ (OldTimer Tools) C:\Users\Kyuubei\Downloads\OTL.exe
2013-11-12 11:57 - 2013-11-12 23:43 - 00001025 _____ C:\Users\Kyuubei\Desktop\IMPORTANT INFO.txt
2013-11-12 00:50 - 2013-11-12 00:50 - 00233808 _____ C:\Users\Kyuubei\Downloads\CrucialScan.exe
2013-11-12 00:19 - 2013-11-12 00:20 - 38309906 _____ C:\Users\Kyuubei\Downloads\Phoenix Wright - Ace Attorney.zip
2013-11-11 14:23 - 2013-11-11 14:23 - 31666373 _____ C:\Users\Kyuubei\Downloads\635.PBP
2013-11-11 14:22 - 2013-11-11 14:22 - 01320276 _____ C:\Users\Kyuubei\Downloads\Downgrader.zip
2013-11-11 14:13 - 2013-11-11 14:14 - 27538810 _____ C:\Users\Kyuubei\Downloads\PSP_550_FW_UPDATE.RAR
2013-11-11 14:09 - 2013-11-11 14:09 - 00924536 _____ C:\Users\Kyuubei\Downloads\xgen-v5-5-50gen-d3-release.zip
2013-11-11 14:05 - 2013-11-11 14:05 - 00000201 _____ C:\Users\Kyuubei\Downloads\127604_cfw550gend3final.rar
2013-11-11 14:03 - 2013-11-11 14:03 - 32608261 _____ C:\Users\Kyuubei\Downloads\EBOOT (1).PBP
2013-11-11 13:58 - 2013-11-11 13:58 - 32608261 _____ C:\Users\Kyuubei\Downloads\EBOOT.PBP
2013-11-11 13:56 - 2013-11-11 13:56 - 00787749 _____ C:\Users\Kyuubei\Downloads\6.60 LME-1.8.zip
2013-11-11 13:53 - 2013-11-11 13:53 - 00484885 _____ C:\Users\Kyuubei\Downloads\6.60 ME-1.8.zip
2013-11-11 13:48 - 2013-11-11 13:48 - 28355979 _____ C:\Users\Kyuubei\Downloads\27812_xgeninstallerfor550genc_1255909988.zip
2013-11-11 13:48 - 2013-11-11 13:48 - 27046464 _____ C:\Users\Kyuubei\Downloads\PSPFirmware5.03Update.zip
2013-11-11 13:47 - 2013-11-11 13:47 - 00193605 _____ C:\Users\Kyuubei\Downloads\ChickHENR2.rar
2013-11-11 13:26 - 2013-11-11 13:32 - 529707818 _____ C:\Users\Kyuubei\Downloads\Valkyrie_Profile_Lenneth_USA_PSP-ARTiSAN.rar
2013-11-11 13:16 - 2013-11-11 13:16 - 01072809 _____ C:\Users\Kyuubei\Downloads\660PRO-C2.rar
2013-11-10 21:58 - 2013-11-10 21:59 - 54861450 _____ C:\Users\Kyuubei\Downloads\Radiant Historia.zip
2013-11-10 21:53 - 2013-11-10 21:53 - 28243959 _____ C:\Users\Kyuubei\Downloads\Harvest Moon DS.zip
2013-11-10 21:18 - 2013-11-10 21:21 - 75282450 _____ C:\Users\Kyuubei\Downloads\World Ends With You, The.zip
2013-11-09 22:52 - 2013-11-09 22:52 - 03698590 _____ C:\Users\Kyuubei\Downloads\heretic_mansion_v1_2.zip
2013-11-03 17:27 - 2013-11-03 17:33 - 536010902 _____ C:\Users\Kyuubei\Downloads\jane_eyre_ver03_0809_librivox_64kb_mp3.zip
2013-10-27 22:56 - 2013-10-27 22:56 - 00019163 _____ C:\Users\Kyuubei\Downloads\Katy Perry - Prism - 2013 (CD - MP3 - V0 (VBR)).torrent
2013-10-27 22:56 - 2013-10-27 22:56 - 00015345 _____ C:\Users\Kyuubei\Downloads\Placebo - Loud Like Love - 2013 (CD - MP3 - V0 (VBR)).torrent
2013-10-23 06:42 - 2013-10-23 06:44 - 197730583 _____ C:\Users\Kyuubei\Downloads\JaneEyre-48kb-Part1.m4b
2013-10-22 20:26 - 2012-12-03 15:36 - 00081824 _____ (Wacom Technology) C:\Windows\system32\Drivers\wachidrouter.sys
2013-10-22 20:26 - 2012-12-03 15:36 - 00013728 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\hidkmdf.sys
2013-10-22 20:26 - 2012-11-15 08:41 - 00015776 _____ (Wacom Technology) C:\Windows\system32\Drivers\wacomrouterfilter.sys
2013-10-22 20:25 - 2013-10-22 20:25 - 38455200 _____ C:\Users\Kyuubei\Downloads\PenTablet_532-1.exe
2013-10-20 21:14 - 2013-10-22 20:26 - 00001542 _____ C:\Users\Kyuubei\Documents\userinfo.txt
2013-10-19 09:41 - 2013-09-04 07:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-19 09:41 - 2013-09-04 07:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-19 09:41 - 2013-09-04 07:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-19 09:41 - 2013-09-04 07:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-19 09:41 - 2013-09-04 07:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-19 09:41 - 2013-09-04 07:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-10-19 09:41 - 2013-09-04 07:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-19 09:05 - 2013-10-25 09:58 - 00000579 _____ C:\Users\Kyuubei\Documents\dsfvdsfsdf.txt
2013-10-19 09:05 - 2013-10-19 09:05 - 00000065 _____ C:\Users\Kyuubei\Documents\dfdsaf.txt
2013-10-17 08:27 - 2013-10-19 09:05 - 00010123 _____ C:\Users\Kyuubei\Documents\TAROT DAILY MASTER'.xlsx
2013-10-16 20:52 - 2013-10-16 20:52 - 00058910 _____ C:\Users\Kyuubei\Downloads\Sound Horizon.torrent
2013-10-15 21:07 - 2013-10-15 21:07 - 00000000 ____D C:\Users\Kyuubei\AppData\Local\Macroplant_LLC
2013-10-15 21:07 - 2013-10-15 21:07 - 00000000 ____D C:\Program Files (x86)\iExplorer
2013-10-15 21:06 - 2013-10-15 21:07 - 09674944 _____ (Macroplant LLC ) C:\Users\Kyuubei\Downloads\iExplorer_3_Setup_3242 (1).exe
2013-10-15 21:06 - 2013-10-15 21:06 - 09674944 _____ (Macroplant LLC ) C:\Users\Kyuubei\Downloads\iExplorer_3_Setup_3242.exe
2013-10-14 23:01 - 2013-10-14 23:02 - 07020387 _____ C:\Users\Kyuubei\Downloads\DrawSomethingFree_v1.1.18.apk
2013-10-14 23:00 - 2013-10-14 23:00 - 01680752 _____ C:\Users\Kyuubei\Downloads\Draw Something - FULL - Premium - Android APK.exe

==================== One Month Modified Files and Folders =======

2013-11-13 19:19 - 2013-11-13 19:17 - 00026387 _____ C:\Users\Kyuubei\Downloads\FRST.txt
2013-11-13 19:16 - 2013-11-13 19:16 - 01957794 _____ (Farbar) C:\Users\Kyuubei\Downloads\FRST64.exe
2013-11-13 19:16 - 2013-11-13 19:16 - 00000000 ____D C:\FRST
2013-11-13 19:12 - 2013-11-13 19:12 - 00031979 _____ C:\ComboFix.txt
2013-11-13 19:12 - 2013-11-13 18:38 - 00000000 ____D C:\Qoobox
2013-11-13 19:12 - 2009-07-13 22:20 - 00000000 __RHD C:\Users\Default
2013-11-13 19:10 - 2012-02-05 00:03 - 01825135 _____ C:\Windows\WindowsUpdate.log
2013-11-13 19:09 - 2012-02-04 23:23 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3413043463-2710680305-634011025-1000UA.job
2013-11-13 19:08 - 2013-11-13 18:38 - 00000000 ____D C:\Windows\erdnt
2013-11-13 18:58 - 2009-07-13 21:34 - 00000215 _____ C:\Windows\system.ini
2013-11-13 18:37 - 2012-02-04 23:41 - 00000000 ____D C:\Users\Kyuubei\AppData\Roaming\uTorrent
2013-11-13 18:36 - 2012-08-01 12:31 - 00000000 ____D C:\Users\Kyuubei\AppData\Roaming\Skype
2013-11-13 18:36 - 2012-02-05 02:53 - 00000000 ____D C:\Users\Kyuubei\AppData\Local\Last.fm
2013-11-13 18:31 - 2013-11-13 18:31 - 05147957 ____R (Swearware) C:\Users\Kyuubei\Downloads\ComboFix.exe
2013-11-13 18:31 - 2012-02-05 00:07 - 00000000 ____D C:\ProgramData\LogMeIn
2013-11-12 23:43 - 2013-11-12 11:57 - 00001025 _____ C:\Users\Kyuubei\Desktop\IMPORTANT INFO.txt
2013-11-12 22:09 - 2012-02-04 23:23 - 00000864 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3413043463-2710680305-634011025-1000Core.job
2013-11-12 20:07 - 2013-11-12 20:07 - 00010298 _____ C:\Users\Kyuubei\Downloads\Lady Gaga - ARTPOP - 2013 (CD - MP3 - V0 (VBR)).torrent
2013-11-12 18:50 - 2013-11-12 18:50 - 00071290 _____ C:\Users\Kyuubei\Downloads\Extras.Txt
2013-11-12 17:55 - 2013-11-12 17:55 - 00124708 _____ C:\Users\Kyuubei\Downloads\OTL.Txt
2013-11-12 16:53 - 2013-11-12 16:53 - 00602112 _____ (OldTimer Tools) C:\Users\Kyuubei\Downloads\OTL.exe
2013-11-12 16:04 - 2012-11-27 16:28 - 00000000 ____D C:\Users\Kyuubei\AppData\Roaming\Media Player Classic
2013-11-12 11:25 - 2009-07-13 23:45 - 00021024 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-12 11:25 - 2009-07-13 23:45 - 00021024 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-12 11:22 - 2012-12-14 07:38 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-11-12 11:17 - 2013-08-05 12:39 - 00000000 ____D C:\Users\Kyuubei\Desktop\outfit inspiration
2013-11-12 10:56 - 2012-02-05 01:13 - 00000000 ____D C:\Users\Kyuubei\AppData\Local\PMB Files
2013-11-12 10:56 - 2012-02-05 01:13 - 00000000 ____D C:\ProgramData\PMB Files
2013-11-12 01:10 - 2012-02-06 16:07 - 00000000 ____D C:\Users\Kyuubei\AppData\Roaming\vlc
2013-11-12 00:50 - 2013-11-12 00:50 - 00233808 _____ C:\Users\Kyuubei\Downloads\CrucialScan.exe
2013-11-12 00:20 - 2013-11-12 00:19 - 38309906 _____ C:\Users\Kyuubei\Downloads\Phoenix Wright - Ace Attorney.zip
2013-11-11 14:23 - 2013-11-11 14:23 - 31666373 _____ C:\Users\Kyuubei\Downloads\635.PBP
2013-11-11 14:22 - 2013-11-11 14:22 - 01320276 _____ C:\Users\Kyuubei\Downloads\Downgrader.zip
2013-11-11 14:14 - 2013-11-11 14:13 - 27538810 _____ C:\Users\Kyuubei\Downloads\PSP_550_FW_UPDATE.RAR
2013-11-11 14:09 - 2013-11-11 14:09 - 00924536 _____ C:\Users\Kyuubei\Downloads\xgen-v5-5-50gen-d3-release.zip
2013-11-11 14:05 - 2013-11-11 14:05 - 00000201 _____ C:\Users\Kyuubei\Downloads\127604_cfw550gend3final.rar
2013-11-11 14:03 - 2013-11-11 14:03 - 32608261 _____ C:\Users\Kyuubei\Downloads\EBOOT (1).PBP
2013-11-11 13:58 - 2013-11-11 13:58 - 32608261 _____ C:\Users\Kyuubei\Downloads\EBOOT.PBP
2013-11-11 13:56 - 2013-11-11 13:56 - 00787749 _____ C:\Users\Kyuubei\Downloads\6.60 LME-1.8.zip
2013-11-11 13:53 - 2013-11-11 13:53 - 00484885 _____ C:\Users\Kyuubei\Downloads\6.60 ME-1.8.zip
2013-11-11 13:48 - 2013-11-11 13:48 - 28355979 _____ C:\Users\Kyuubei\Downloads\27812_xgeninstallerfor550genc_1255909988.zip
2013-11-11 13:48 - 2013-11-11 13:48 - 27046464 _____ C:\Users\Kyuubei\Downloads\PSPFirmware5.03Update.zip
2013-11-11 13:47 - 2013-11-11 13:47 - 00193605 _____ C:\Users\Kyuubei\Downloads\ChickHENR2.rar
2013-11-11 13:32 - 2013-11-11 13:26 - 529707818 _____ C:\Users\Kyuubei\Downloads\Valkyrie_Profile_Lenneth_USA_PSP-ARTiSAN.rar
2013-11-11 13:16 - 2013-11-11 13:16 - 01072809 _____ C:\Users\Kyuubei\Downloads\660PRO-C2.rar
2013-11-10 21:59 - 2013-11-10 21:58 - 54861450 _____ C:\Users\Kyuubei\Downloads\Radiant Historia.zip
2013-11-10 21:54 - 2012-02-05 08:42 - 00738006 _____ C:\Windows\system32\perfh00A.dat
2013-11-10 21:54 - 2012-02-05 08:42 - 00717230 _____ C:\Windows\system32\perfh019.dat
2013-11-10 21:54 - 2012-02-05 08:42 - 00422082 _____ C:\Windows\system32\perfh012.dat
2013-11-10 21:54 - 2012-02-05 08:42 - 00418618 _____ C:\Windows\system32\perfh011.dat
2013-11-10 21:54 - 2012-02-05 08:42 - 00394914 _____ C:\Windows\system32\prfh0404.dat
2013-11-10 21:54 - 2012-02-05 08:42 - 00377812 _____ C:\Windows\system32\prfh0804.dat
2013-11-10 21:54 - 2012-02-05 08:42 - 00158056 _____ C:\Windows\system32\perfc00A.dat
2013-11-10 21:54 - 2012-02-05 08:42 - 00150212 _____ C:\Windows\system32\perfc019.dat
2013-11-10 21:54 - 2012-02-05 08:42 - 00122052 _____ C:\Windows\system32\perfc011.dat
2013-11-10 21:54 - 2012-02-05 08:42 - 00120214 _____ C:\Windows\system32\perfc012.dat
2013-11-10 21:54 - 2012-02-05 08:42 - 00119786 _____ C:\Windows\system32\prfc0804.dat
2013-11-10 21:54 - 2012-02-05 08:42 - 00114872 _____ C:\Windows\system32\prfc0404.dat
2013-11-10 21:54 - 2009-07-14 00:13 - 04627996 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-10 21:53 - 2013-11-10 21:53 - 28243959 _____ C:\Users\Kyuubei\Downloads\Harvest Moon DS.zip
2013-11-10 21:51 - 2013-07-23 18:22 - 00003466 _____ C:\Windows\setupact.log
2013-11-10 21:21 - 2013-11-10 21:18 - 75282450 _____ C:\Users\Kyuubei\Downloads\World Ends With You, The.zip
2013-11-09 22:52 - 2013-11-09 22:52 - 03698590 _____ C:\Users\Kyuubei\Downloads\heretic_mansion_v1_2.zip
2013-11-07 22:22 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-03 17:33 - 2013-11-03 17:27 - 536010902 _____ C:\Users\Kyuubei\Downloads\jane_eyre_ver03_0809_librivox_64kb_mp3.zip
2013-10-31 22:43 - 2012-02-24 12:56 - 00000000 ____D C:\Program Files (x86)\StepMania
2013-10-27 22:56 - 2013-10-27 22:56 - 00019163 _____ C:\Users\Kyuubei\Downloads\Katy Perry - Prism - 2013 (CD - MP3 - V0 (VBR)).torrent
2013-10-27 22:56 - 2013-10-27 22:56 - 00015345 _____ C:\Users\Kyuubei\Downloads\Placebo - Loud Like Love - 2013 (CD - MP3 - V0 (VBR)).torrent
2013-10-26 22:22 - 2013-08-09 16:47 - 00005104 _____ C:\Windows\PFRO.log
2013-10-25 20:10 - 2012-02-05 00:07 - 00000000 ____D C:\Program Files (x86)\LogMeIn
2013-10-25 20:09 - 2012-02-05 00:07 - 00107368 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIRfsClientNP.dll
2013-10-25 20:09 - 2012-02-05 00:07 - 00092488 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIinit.dll
2013-10-25 20:09 - 2012-02-05 00:07 - 00035656 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIport.dll
2013-10-25 09:58 - 2013-10-19 09:05 - 00000579 _____ C:\Users\Kyuubei\Documents\dsfvdsfsdf.txt
2013-10-23 06:44 - 2013-10-23 06:42 - 197730583 _____ C:\Users\Kyuubei\Downloads\JaneEyre-48kb-Part1.m4b
2013-10-22 21:55 - 2012-04-09 16:59 - 00000000 ____D C:\Program Files (x86)\PaintTool SAI English Pack
2013-10-22 20:26 - 2013-10-20 21:14 - 00001542 _____ C:\Users\Kyuubei\Documents\userinfo.txt
2013-10-22 20:26 - 2012-12-11 18:27 - 00000000 ____D C:\Program Files (x86)\TabletPlugins
2013-10-22 20:26 - 2012-12-11 18:26 - 00000000 ____D C:\Program Files\Tablet
2013-10-22 20:26 - 2012-12-11 17:41 - 00000000 ____D C:\Program Files\TabletPlugins
2013-10-22 20:25 - 2013-10-22 20:25 - 38455200 _____ C:\Users\Kyuubei\Downloads\PenTablet_532-1.exe
2013-10-21 20:09 - 2012-02-05 00:07 - 00107368 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIRfsClientNP.dll.000.bak
2013-10-19 09:21 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\NDF
2013-10-19 09:08 - 2012-06-16 20:50 - 00000900 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-19 09:08 - 2012-06-16 20:50 - 00000896 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-19 09:05 - 2013-10-19 09:05 - 00000065 _____ C:\Users\Kyuubei\Documents\dfdsaf.txt
2013-10-19 09:05 - 2013-10-17 08:27 - 00010123 _____ C:\Users\Kyuubei\Documents\TAROT DAILY MASTER'.xlsx
2013-10-19 09:05 - 2012-05-21 15:39 - 00000132 _____ C:\Users\Kyuubei\AppData\Roaming\Adobe PNG Format CS6 Prefs
2013-10-16 20:52 - 2013-10-16 20:52 - 00058910 _____ C:\Users\Kyuubei\Downloads\Sound Horizon.torrent
2013-10-16 19:41 - 2013-01-29 08:34 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-10-16 19:41 - 2012-02-04 23:25 - 00000000 ____D C:\ProgramData\Skype
2013-10-16 06:29 - 2012-06-16 20:50 - 00003898 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-16 06:29 - 2012-06-16 20:50 - 00003646 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-16 02:01 - 2012-02-04 23:29 - 00002155 _____ C:\Windows\epplauncher.mif
2013-10-16 02:00 - 2013-08-09 17:11 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-10-16 02:00 - 2013-08-09 17:11 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-10-15 21:07 - 2013-10-15 21:07 - 00000000 ____D C:\Users\Kyuubei\AppData\Local\Macroplant_LLC
2013-10-15 21:07 - 2013-10-15 21:07 - 00000000 ____D C:\Program Files (x86)\iExplorer
2013-10-15 21:07 - 2013-10-15 21:06 - 09674944 _____ (Macroplant LLC ) C:\Users\Kyuubei\Downloads\iExplorer_3_Setup_3242 (1).exe
2013-10-15 21:06 - 2013-10-15 21:06 - 09674944 _____ (Macroplant LLC ) C:\Users\Kyuubei\Downloads\iExplorer_3_Setup_3242.exe
2013-10-14 23:02 - 2013-10-14 23:01 - 07020387 _____ C:\Users\Kyuubei\Downloads\DrawSomethingFree_v1.1.18.apk
2013-10-14 23:00 - 2013-10-14 23:00 - 01680752 _____ C:\Users\Kyuubei\Downloads\Draw Something - FULL - Premium - Android APK.exe
2013-10-14 20:59 - 2013-10-13 20:24 - 00005838 _____ C:\Users\Kyuubei\Documents\poemsmsm.txt
2013-10-14 08:19 - 2012-02-05 02:12 - 00000000 ____D C:\Users\Kyuubei\AppData\Roaming\mIRC
2013-10-14 07:23 - 2013-09-12 09:42 - 00014595 _____ C:\Users\Kyuubei\Documents\dskfjkldsf.txt

ZeroAccess:
C:\Windows\Installer\{0cf162e8-399c-ca3c-7bde-2e9a5e464ab9}
C:\Windows\Installer\{0cf162e8-399c-ca3c-7bde-2e9a5e464ab9}\L\76603ac3

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-11-10 01:35

==================== End Of Log ============================

ADDITION.TXT

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-11-2013
Ran by Kyuubei at 2013-11-13 19:19:37
Running from C:\Users\Kyuubei\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

µTorrent (x32 Version: 2.2.1)
4chan Image Downloader (x32)
64 Bit HP CIO Components Installer (Version: 6.2.2)
7-Zip 9.22 (x64 edition) (Version: 9.22.00.0)
Action Replay Code Manager (x32)
Adobe Acrobat XI Pro (x32 Version: 11.0.00)
Adobe AIR (x32 Version: 3.7.0.1530)
Adobe Audition 3.0 (x32 Version: 3.0)
Adobe Creative Suite 6 Master Collection (x32 Version: 6)
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.169)
Adobe Media Player (x32 Version: 1.8)
Adobe Reader X (10.1.6) (x32 Version: 10.1.6)
Adobe Widget Browser (x32 Version: 2.0 Build 348)
Adobe Widget Browser (x32 Version: 2.0.348)
Age of Mythology - The Titans Expansion (x32)
Age of Mythology (x32)
Akamai NetSession Interface (HKCU)
AMD Accelerated Video Transcoding (Version: 12.10.100.30328)
AMD APP SDK Runtime (Version: 10.0.1084.4)
AMD Catalyst Install Manager (Version: 8.0.911.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Fuel (Version: 2013.0328.2218.38225)
AMD Media Foundation Decoders (Version: 1.0.80328.2204)
AMD VISION Engine Control Center (x32 Version: 2013.0328.2218.38225)
American McGee's Alice™ (x32)
Apple Application Support (x32 Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Arc (x32 Version: 1.0.0.5510)
ATLAS Translation Standard V14.0 Trial Version (x32 Version: 14.00.2000)
Audacity 1.3.14 (Unicode) (x32)
Autodesk SketchBook Copic Edition (x32 Version: 1.00.0000)
Bamboo Dock (x32 Version: 4.1)
Bamboo Dock (x32 Version: 4.1.0)
BIMP Lite 1.62 (x32)
bl (x32 Version: 1.0.0)
Bonjour (Version: 3.0.0.10)
BufferChm (x32 Version: 140.0.212.000)
C4700 (x32 Version: 140.0.690.000)
calibre (x32 Version: 0.8.38)
CamStudio OSS Desktop Recorder (x32 Version: 2.6 Beta r294)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0328.2218.38225)
Catalyst Control Center InstallProxy (x32 Version: 2013.0328.2218.38225)
Catalyst Control Center Localization All (x32 Version: 2013.0328.2218.38225)
CBR Reader (x32)
CCC Help Chinese Standard (x32 Version: 2013.0328.2217.38225)
CCC Help Chinese Traditional (x32 Version: 2013.0328.2217.38225)
CCC Help Czech (x32 Version: 2013.0328.2217.38225)
CCC Help Danish (x32 Version: 2013.0328.2217.38225)
CCC Help Dutch (x32 Version: 2013.0328.2217.38225)
CCC Help English (x32 Version: 2013.0328.2217.38225)
CCC Help Finnish (x32 Version: 2013.0328.2217.38225)
CCC Help French (x32 Version: 2013.0328.2217.38225)
CCC Help German (x32 Version: 2013.0328.2217.38225)
CCC Help Greek (x32 Version: 2013.0328.2217.38225)
CCC Help Hungarian (x32 Version: 2013.0328.2217.38225)
CCC Help Italian (x32 Version: 2013.0328.2217.38225)
CCC Help Japanese (x32 Version: 2013.0328.2217.38225)
CCC Help Korean (x32 Version: 2013.0328.2217.38225)
CCC Help Norwegian (x32 Version: 2013.0328.2217.38225)
CCC Help Polish (x32 Version: 2013.0328.2217.38225)
CCC Help Portuguese (x32 Version: 2013.0328.2217.38225)
CCC Help Russian (x32 Version: 2013.0328.2217.38225)
CCC Help Spanish (x32 Version: 2013.0328.2217.38225)
CCC Help Swedish (x32 Version: 2013.0328.2217.38225)
CCC Help Thai (x32 Version: 2013.0328.2217.38225)
CCC Help Turkish (x32 Version: 2013.0328.2217.38225)
ccc-utility64 (Version: 2013.0328.2218.38225)
CCleaner (Version: 4.03)
CDisplay 1.8 (x32)
Cheat Engine 6.2 (x32)
ClipGrab 3.2.0.11 (x32)
Comical 0.8 (x32)
ComicRack v0.9.155 (Version: v0.9.155)
Coupon Printer for Windows (x32 Version: 5.0.0.4)
D3DX10 (x32 Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Destinations (x32 Version: 140.0.77.000)
DeviceDiscovery (x32 Version: 140.0.212.000)
DivX Setup (x32 Version: 2.6.1.5)
EasyDuplicateFinder v4.2
Fallout 3 (x32 Version: 1.00.0000)
FileHippo.com Update Checker (x32)
FileZilla Client 3.5.3 (x32 Version: 3.5.3)
Foxit Reader (x32 Version: 6.0.6.722)
Free M4a to MP3 Converter 7.1 (x32)
Free Video to iPod Converter version 5.0.27.725 (x32 Version: 5.0.27.725)
FrostWire 5.6.2 (x32 Version: 5.6.2.1)
Genius Box (x32 Version: 1.0.9)
Google Chrome (HKCU Version: 30.0.1599.101)
Google Earth (x32 Version: 7.1.1.1888)
Google Talk (remove only) (x32)
Google Update Helper (x32 Version: 1.3.21.165)
GoPut.IT Uploader (x32 Version: 1.5.1)
GPBaseService2 (x32 Version: 140.0.211.000)
Greenshot (HKCU)
Half-Life 2 (x32)
Happy Cloud Client (HKCU Version: 1.386)
HD Tune Pro 5.00 (x32)
HGST Align Tool (x32 Version: 2.0.154)
HP Imaging Device Functions 14.0 (Version: 14.0)
HP Photo Creations (x32 Version: 1.0.0.2024)
HP Photosmart C4700 All-in-One Driver Software 14.0 Rel. 6 (Version: 14.0)
HP Solution Center 14.0 (Version: 14.0)
HPPhotoGadget (x32 Version: 140.0.524.000)
HPProductAssistant (x32 Version: 140.0.212.000)
iExplorer 3.2.4.2 (x32)
iFunbox (v2.1.2228.731), iFunbox DevTeam (x32 Version: v2.1.2228.731)
ImgBurn (x32 Version: 2.5.7.0)
Instantbird (1.1) (x32 Version: 1.1 (en-US))
IPFilter Updater (HKCU Version: 1.0.0.7)
iTunes (Version: 11.0.4.4)
Java 7 Update 17 (x32 Version: 7.0.170)
Java Auto Updater (x32 Version: 2.1.9.0)
Java™ 6 Update 30 (x32 Version: 6.0.300)
JavaFX 2.1.1 (x32 Version: 2.1.1)
K-Lite Codec Pack 8.2.0 (Full) (x32 Version: 8.2.0)
Last.fm Scrobbler 2.1.35 (x32)
League of Legends (x32 Version: 3.0.0)
Livestream Procaster (x32 Version: 20.2.69)
LogMeIn (x32 Version: 4.1.2138)
Malwarebytes Anti-Malware version 1.61.0.1400 (x32 Version: 1.61.0.1400)
ManyCam 3.0.53 (remove only) (x32 Version: 3.0.53)
MeCab 0.993 (x32 Version: 0.993)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0)
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.4734.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4734.1000)
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.4734.1000)
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.4734.1000)
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.4734.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4734.1000)
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.4734.1000)
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.4734.1000)
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.4734.1000)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.4734.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.4734.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.4734.1000)
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.4734.1000)
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.4734.1000)
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.4734.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.4734.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4734.1000)
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.4734.1000)
Microsoft Security Client (Version: 4.3.0219.0)
Microsoft Security Essentials (Version: 4.3.219.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000)
MiniBin 3.8.3.0 (HKCU Version: 3.8.3.0)
mIRC (x32 Version: 7.14)
Mobile Mouse Server (x32 Version: 2.6.5)
Mobipocket Creator 4.2 (x32 Version: 4.2.41)
MorphVOX Junior (x32 Version: 2.7.5)
Movie Maker (x32 Version: 16.4.3505.0912)
Mozilla Firefox 19.0.2 (x86 en-US) (x32 Version: 19.0.2)
Mozilla Maintenance Service (x32 Version: 19.0.2)
MPC-HC 1.6.4.6052 (x32 Version: 1.6.4.6052)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
Network64 (Version: 140.0.215.000)
Notepad++ (x32 Version: 5.9.8)
NVIDIA Drivers (Version: 1.7)
OCCT 4.4.0 (x32 Version: 4.4.0)
ONAIR 4.0.0.837
Opera 12.15 (x32 Version: 12.15.1748)
Pando Media Booster (x32 Version: 2.6.0.2)
Pandora Service (x32)
Pazera Free MOV to AVI Converter 1.6 (x32 Version: 1.6)
Pazera Free MP4 to AVI Converter 1.6 (x32 Version: 1.6)
PCSX2 - Playstation 2 Emulator (x32)
PDF Settings CS5 (x32 Version: 10.0)
PDF Settings CS6 (x32 Version: 11.0)
PDFCreator (x32 Version: 1.2.3)
PerformanceTest v8.0 (Version: 8.0.1018.0)
PESTERCHUM (x32)
ph (x32 Version: 1.0.0)
Photo Gallery (x32 Version: 16.4.3505.0912)
Portal (x32)
Portal 2 (x32)
PowerISO (x32 Version: 5.1)
PS_AIO_06_C4700_SW_Min (x32 Version: 140.0.690.000)
PuTTY version 0.62 (x32 Version: 0.62)
QuickTime (x32 Version: 7.74.80.86)
QuickTransfer (x32 Version: 140.0.98.000)
RaidCall (x32 Version: 7.2.2-1.0.6555.3)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6662)
Recuva (Version: 1.44)
RGSS-RTP Standard (x32 Version: 1.04)
RollerCoaster Tycoon 3 1.00 (x32)
RPG Maker 2000 1.05 (x32)
RPG Maker 2003 v1.08 (x32)
RPG MAKER VX Ace RTP (x32 Version: 1.00)
RPG Maker VX RTP (x32 Version: 1.02)
Scan (x32 Version: 140.0.80.000)
Skype™ 6.9 (x32 Version: 6.9.106)
SolutionCenter (x32 Version: 140.0.213.000)
Speccy (Version: 1.20)
SpeedFan (remove only) (x32)
Spotflux (x32 Version: 2.9.10)
Spotify (HKCU Version: 0.8.3.222.g317ab79d)
Status (x32 Version: 140.0.212.000)
StepMania 3.9b (remove only) (x32)
SUPERAntiSpyware (Version: 5.6.1014)
System Requirements Lab CYRI (x32 Version: 5.0.6.0)
System Requirements Lab Detection (x32 Version: 1.0.5.0)
TechPowerUp GPU-Z (x32)
TERA (HKCU)
The KMPlayer (remove only) (x32 Version: 3.4.0.59)
Toolbox (x32 Version: 140.0.428.000)
Transmission-Qt (x32 Version: 2.61)
TrayApp (x32 Version: 140.0.212.000)
TreeSize Free V2.7 (x32 Version: 2.7)
Ultra Defragmenter (x32 Version: 6.0.0)
Unity Web Player (HKCU Version: 2.6.1f3_31223)
Unlocker 1.9.1-x64 (Version: 1.9.1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3)
Update for Microsoft Office 2010 (KB2494150) (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (x32)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0)
VLC media player 2.0.6 (x32 Version: 2.0.6)
VNC Free Edition 4.1.3 (x32 Version: 4.1.3)
Wacom (Version: 5.3.2-1)
WBFS Manager 3.0 (x32 Version: 3.0)
WD Drive Manager (x64) (Version: 2.115)
WebReg (x32 Version: 140.0.212.017)
WebTablet FB Plugin 32 bit (x32 Version: 2.1.0.2)
WebTablet FB Plugin 64 bit (Version: 2.1.0.2)
WebTablet IE Plugin (x32 Version: 1.1.0.12)
WebTablet Netscape Plugin (x32 Version: 1.1.0.10)
Wii Media Center X 0.92 (x32 Version: 0.92)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912)
Windows Live Essentials (x32 Version: 16.4.3505.0912)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (x32 Version: 16.4.3505.0912)
Windows Live Photo Common (x32 Version: 16.4.3505.0912)
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912)
Windows Live SOXE (x32 Version: 16.4.3505.0912)
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912)
Windows Live UX Platform (x32 Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912)
Windows Movie Maker 2.6 (x32 Version: 2.6.4037.0)
WinImage (HKCU)
Xilisoft Video Converter Standard (x32 Version: 7.7.2.20130122)
YTD Video Downloader 3.9.6 (x32 Version: 3.9.6)
妹びらいざー (x32)
聖もんむす学園 (x32)

==================== Restore Points =========================

Could not list Restore Points. Check WMI.

==================== Hosts content: ==========================

2009-07-13 21:34 - 2013-11-13 18:57 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {03896760-C3D8-412B-A104-A5B37116FB8C} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2012-03-04] ()
Task: {56B2CE09-6845-4D96-BD32-FCFE74CCC271} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-16] (Google Inc.)
Task: {5ADDD8B4-034E-4166-A97D-B2D2C40A6FB4} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-20] (Microsoft Corporation)
Task: {5EF5BFDC-359D-4D4F-A202-D25F39C2B1C3} - System32\Tasks\launchspotflux => C:\Program Files (x86)\Spotflux\spotflux.exe [2013-05-28] ()
Task: {6926420D-9293-4464-88DD-45400A33CA65} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-21] (Adobe Systems Incorporated)
Task: {779B6F4E-FBBC-4894-9418-1F79E6600C48} - System32\Tasks\{6E2406E7-4931-4A7C-A88F-DD984ED5C347} => Chrome.exe http://ui.skype.com/...;LastError=1618
Task: {8AEA5A0C-D2DA-4778-B4D3-A762B9D61F9A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3413043463-2710680305-634011025-1000UA => C:\Users\Kyuubei\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-01] (Google Inc.)
Task: {99980DA4-FC29-4668-AA3E-332B7EF14128} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {9D439561-8493-4BAC-8117-96D0B5B77FDE} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: {A0BA379D-1EB0-4B04-B3A7-CBADE45A02AF} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
Task: {D56B287A-2FB6-4B25-A80E-093B92F2B8A6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd)
Task: {E142B6F9-D9CB-43D7-81EC-23FAB9EEDAC7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3413043463-2710680305-634011025-1000Core => C:\Users\Kyuubei\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-01] (Google Inc.)
Task: {FF892B2A-3307-4EEC-9BAC-6D298A20D72B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-16] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3413043463-2710680305-634011025-1000Core.job => C:\Users\Kyuubei\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3413043463-2710680305-634011025-1000UA.job => C:\Users\Kyuubei\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-12-11 18:26 - 2012-12-11 12:07 - 01184640 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2013-03-28 21:30 - 2013-03-28 21:30 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2010-01-09 20:17 - 2010-01-09 20:17 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 01:40 - 2010-01-21 01:40 - 08794464 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2011-11-01 23:26 - 2011-11-01 23:26 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-11-01 23:26 - 2011-11-01 23:26 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-02-08 16:12 - 2013-03-06 12:11 - 00757248 _____ () C:\Program Files (x86)\Last.fm\unicorn.dll
2013-02-08 16:12 - 2013-03-06 12:11 - 00032768 _____ () C:\Program Files (x86)\Last.fm\logger.dll
2013-02-08 16:12 - 2013-03-05 12:25 - 00350720 _____ () C:\Program Files (x86)\Last.fm\lastfm.dll
2013-02-08 16:12 - 2013-03-06 12:11 - 00126976 _____ () C:\Program Files (x86)\Last.fm\listener.dll
2013-02-08 16:12 - 2013-01-18 10:39 - 00302592 _____ () C:\Program Files (x86)\Last.fm\phonon.dll
2013-04-07 22:23 - 2013-01-18 10:49 - 00182784 _____ () C:\Program Files (x86)\Last.fm\plugins\phonon_backend\phonon_vlc.dll
2013-02-08 16:12 - 2012-12-12 23:12 - 00111104 _____ () C:\Program Files (x86)\Last.fm\libvlc.dll
2013-02-08 16:12 - 2012-12-12 23:13 - 02286592 _____ () C:\Program Files (x86)\Last.fm\libvlccore.dll
2013-04-07 22:23 - 2012-12-12 23:13 - 00049664 _____ () C:\Program Files (x86)\Last.fm\plugins\audio_output\libaout_directx_plugin.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Program Files\Common Files\Microsoft Shared:9fV6Jdo1zAZkvqGbKCt
AlternateDataStreams: C:\ProgramData\Microsoft:4cMMbtAxrc5F3tLq
AlternateDataStreams: C:\ProgramData\Microsoft:mdk9Lf2I6JbWjYjHrqnzk
AlternateDataStreams: C:\ProgramData\Microsoft:MTSUEwYG5vHW0APX

==================== Safe Mode (whitelisted) ===================

==================== Faulty Device Manager Devices =============

Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Photosmart C4700 series
Description: Photosmart C4700 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (11/13/2013 07:19:39 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
.

Operation:
Instantiating VSS server

Error: (11/13/2013 07:19:39 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} and name IVssCoordinatorEx2 cannot be started. [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
]

Operation:
Instantiating VSS server

Error: (11/13/2013 06:39:21 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
.

Operation:
Instantiating VSS server

Error: (11/13/2013 06:39:21 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} and name IVssCoordinatorEx2 cannot be started. [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
]

Operation:
Instantiating VSS server

Error: (10/07/2013 07:00:56 AM) (Source: Microsoft-Windows-RestartManager) (User: Meguca)
Description: Application or service 'Adobe Photoshop CS6' could not be shut down.

Error: (07/28/2013 08:49:18 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (07/28/2013 08:49:17 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (07/22/2013 02:59:45 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (07/22/2013 02:59:45 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (07/21/2013 03:59:00 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762" could not be found.
Please use sxstrace.exe for detailed diagnosis.

System errors:
=============
Error: (11/13/2013 06:58:07 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (11/13/2013 06:49:46 PM) (Source: Application Popup) (User: )
Description: \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (11/13/2013 06:45:51 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (11/13/2013 06:38:11 PM) (Source: Service Control Manager) (User: )
Description: The HP CUE DeviceDiscovery Service service terminated unexpectedly. It has done this 1 time(s).

Error: (11/12/2013 08:12:09 PM) (Source: DCOM) (User: )
Description: {DC0C2640-1415-4644-875C-6F4D769839BA}

Error: (11/11/2013 01:10:17 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk7\DR13.

Error: (11/11/2013 01:10:17 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk7\DR13.

Error: (11/11/2013 01:10:16 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk7\DR13.

Error: (11/11/2013 01:08:40 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk7\DR12.

Error: (11/11/2013 01:08:39 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk7\DR12.

Microsoft Office Sessions:
=========================
Error: (11/13/2013 07:19:39 PM) (Source: VSS)(User: )
Description: CoCreateInstance0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Operation:
Instantiating VSS server

Error: (11/13/2013 07:19:39 PM) (Source: VSS)(User: )
Description: {e579ab5f-1cc4-44b4-bed9-de0991ff0623}IVssCoordinatorEx20x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Operation:
Instantiating VSS server

Error: (11/13/2013 06:39:21 PM) (Source: VSS)(User: )
Description: CoCreateInstance0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Operation:
Instantiating VSS server

Error: (11/13/2013 06:39:21 PM) (Source: VSS)(User: )
Description: {e579ab5f-1cc4-44b4-bed9-de0991ff0623}IVssCoordinatorEx20x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Operation:
Instantiating VSS server

Error: (10/07/2013 07:00:56 AM) (Source: Microsoft-Windows-RestartManager)(User: Meguca)
Description: 1C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exeAdobe Photoshop CS60111756160

Error: (07/28/2013 08:49:18 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Users\Kyuubei\Downloads\SoftonicDownloader_for_bimp-lite.exe

Error: (07/28/2013 08:49:17 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Users\Kyuubei\Downloads\SoftonicDownloader_for_bimp-lite (1).exe

Error: (07/22/2013 02:59:45 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"c:\program files (x86)\Last.fm\ext_skypenotify.dll

Error: (07/22/2013 02:59:45 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"c:\program files (x86)\Last.fm\ext_messengernotify.dll

Error: (07/21/2013 03:59:00 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"c:\program files (x86)\Last.fm\ext_skypenotify.dll

CodeIntegrity Errors:
===================================
Date: 2013-11-13 18:49:46.856
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-11-13 18:49:46.276
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2009-01-01 11:41:08.472
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

Date: 2012-02-04 22:35:09.165
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Percentage of memory in use: 34%
Total physical RAM: 7167.37 MB
Available physical RAM: 4692.18 MB
Total Pagefile: 8189.55 MB
Available Pagefile: 6161.25 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:186.31 GB) (Free:52.77 GB) NTFS
Drive d: (465GB Drive) (Fixed) (Total:465.66 GB) (Free:75.24 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 186 GB) (Disk ID: 73C273C2)
Partition 1: (Not Active) - (Size=186 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 8D399BC0)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

==================== End Of Log ============================

#4
RKinner

Posted 13 November 2013 - 07:18 PM

Malware Expert

Expert
24,625 posts

Download the attached fixlist.txt to the same location as FRST
Run FRST and press Fix
A fix log will be generated please post that

I expect it will reboot if not please do so then run FRST again and just do a Scan and post the log.

#5
faburizu

Posted 13 November 2013 - 07:48 PM

Member

Topic Starter
Member
35 posts

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-11-2013
Ran by Kyuubei at 2013-11-13 20:39:13 Run:1
Running from C:\Users\Kyuubei\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
IMEO\ehshell.exe: [Debugger] "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe" -MceShellRedirect
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.c...sa&d=2012-05-04 18:02:45&v=11.0.0.9&sap=dsp&q={searchTerms}
BHO-x32: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO-x32: Genius Box - {709F3BE5-C718-4B6D-843C-95E8BE0E5E4A} - C:\Program Files (x86)\TGF Interactive\Genius Box\TGFInteractive.dll (TGF Interactive)
Toolbar: HKLM-x32 - No Name - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No File
FF Plugin HKCU: thehappycloud.com/HappyCloudPlugin - C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)
FF Extension: geniusbox - C:\Users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\Extensions\[email protected]
S1 dzgbzkbn; \??\C:\Windows\system32\drivers\dzgbzkbn.sys [x]
C:\Windows\system32\drivers\dzgbzkbn.sys
C:\Windows\Installer\{0cf162e8-399c-ca3c-7bde-2e9a5e464ab9}
C:\Windows\Installer\{0cf162e8-399c-ca3c-7bde-2e9a5e464ab9}\L\76603ac3
AlternateDataStreams: C:\Program Files\Common Files\Microsoft Shared:9fV6Jdo1zAZkvqGbKCt
AlternateDataStreams: C:\ProgramData\Microsoft:4cMMbtAxrc5F3tLq
AlternateDataStreams: C:\ProgramData\Microsoft:mdk9Lf2I6JbWjYjHrqnzk
AlternateDataStreams: C:\ProgramData\Microsoft:MTSUEwYG5vHW0APX
Winsock: Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 01 %SystemRoot%\System32\mswsock.dll [327168] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
CMD: netsh winsock reset

*****************

HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ehshell.exe => Key deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key deleted successfully.
HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{709F3BE5-C718-4B6D-843C-95E8BE0E5E4A} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{709F3BE5-C718-4B6D-843C-95E8BE0E5E4A} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{DE9C389F-3316-41A7-809B-AA305ED9D922} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{DE9C389F-3316-41A7-809B-AA305ED9D922} => Key not found.
HKCU\Software\MozillaPlugins\thehappycloud.com/HappyCloudPlugin => Key deleted successfully.
C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll => Moved successfully.
C:\Users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default\Extensions\[email protected] => Moved successfully.
dzgbzkbn => Service deleted successfully.
"C:\Windows\system32\drivers\dzgbzkbn.sys" => File/Directory not found.
C:\Windows\Installer\{0cf162e8-399c-ca3c-7bde-2e9a5e464ab9} => Moved successfully.
"C:\Windows\Installer\{0cf162e8-399c-ca3c-7bde-2e9a5e464ab9}\L\76603ac3" => File/Directory not found.
C:\Program Files\Common Files\Microsoft Shared => ":9fV6Jdo1zAZkvqGbKCt" ADS removed successfully.
C:\ProgramData\Microsoft => ":4cMMbtAxrc5F3tLq" ADS removed successfully.
C:\ProgramData\Microsoft => ":mdk9Lf2I6JbWjYjHrqnzk" ADS removed successfully.
C:\ProgramData\Microsoft => ":MTSUEwYG5vHW0APX" ADS removed successfully.
Winsock: Catalog5 entry 000000000001\\LibraryPath was set successfully to %SystemRoot%\system32\NLAapi.dll
Winsock: Catalog5-x64 entry 000000000001\\LibraryPath was set successfully to %SystemRoot%\system32\NLAapi.dll

========= netsh winsock reset =========

Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.

========= End of CMD: =========

==== End of Fixlog ====

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-11-2013
Ran by Kyuubei (administrator) on MEGUCA on 13-11-2013 20:46:02
Running from C:\Users\Kyuubei\Downloads
Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
(Microsoft Corporation) C:\Windows\System32\tcpsvcs.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Mike Edward Moras (e-sushi™)) C:\Program Files (x86)\MiniBin\minibin.exe
(BitTorrent, Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe
(Edgemeal) C:\CUITX4\CUITX4.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [LogMeIn GUI] - C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2011-09-16] (LogMeIn, Inc.)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-08-12] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKCU\...\Run: [MiniBin] - C:\Program Files (x86)\MiniBin\minibin.exe [56832 2012-03-14] (Mike Edward Moras (e-sushi™))
HKCU\...\Run: [uTorrent] - C:\Program Files (x86)\uTorrent\uTorrent.exe [399736 2013-04-07] (BitTorrent, Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe [3477640 2012-09-23] (Adobe Systems Inc.)
HKU\Default\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\Default User\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.yahoo....r=spigot-yhp-ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x10B5FF77BBE3CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {89BB4A33-92FF-4405-A089-B3222EC6DDDF} URL = http://search.yahoo....p={searchTerms}
SearchScopes: HKCU - {89BB4A33-92FF-4405-A089-B3222EC6DDDF} URL = http://search.yahoo....p={searchTerms}
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: ATLAS Toolbar - {3C6301ED-0F78-4AF2-8150-D9C052361A8E} - C:\Program Files (x86)\ATLAS V14\ATLIECP.DLL (FUJITSU LIMITED)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: ArcPluginIEBHO Class - {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - D:\Perfect World\plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe Acrobat Create PDF Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - ATLAS Toolbar - {3C6301ED-0F78-4AF2-8150-D9C052361A8E} - C:\Program Files (x86)\ATLAS V14\ATLIECP.DLL (FUJITSU LIMITED)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Kyuubei\AppData\Roaming\Mozilla\Firefox\Profiles\004o9wru.default
FF DefaultSearchEngine: Yahoo
FF SelectedSearchEngine: Yahoo
FF Homepage: about:home
FF Keyword.URL: hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin - D:\Perfect World\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
FF Plugin-x32: @raidcall.en/RCplugin - C:\Users\Kyuubei\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.10 - C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.0.0.1 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Kyuubei\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Kyuubei\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Kyuubei\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn

Chrome:
=======
CHR HomePage: hxxp://search.yahoo.com?type=937811&fr=spigot-yhp-ch
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\PepperFlash\11.7.700.202\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (CouponNetwork Coupon Activator Netscape Plugin v. 5.0.0.0) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\Application\plugins\NPcol400.dll (Catalina Marketing Corporation)
CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\Application\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java™ Platform SE 7 U17) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (WacomTabletPlugin) - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
CHR Plugin: ( Wacom Dynamic Link Library) - C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Happy Cloud Plugin) - C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll No File
CHR Plugin: (Unity Player) - C:\Users\Kyuubei\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Raidcall plugin) - C:\Users\Kyuubei\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (ArcPlugin) - D:\Perfect World\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
CHR Extension: (TrollMe) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\akdlgapkhlaheocidecfojekgklboeeg\1.1_0
CHR Extension: (rilakkuma-kun) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\anbihbfhiceobhannkbbdpjjiiepnnap\1_0
CHR Extension: (4chan Image Browser) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdefnakeacdpebpjdpelgdjhehbglok\1.2_0
CHR Extension: (Missing e) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcjbagclppcgdbpobcpoojdjdmcjhpid\2.14.3_0
CHR Extension: (Turn Off the Lights) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.2.0.26_0
CHR Extension: (YouTube) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Minimalist for Everything) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek\0.6.8_0
CHR Extension: (Add to Amazon Wish List) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0
CHR Extension: (Google Search) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Tampermonkey) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo\3.5.3630.66_0
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\11.0.0.379_0
CHR Extension: (Genius Box) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\engepbdmoplfpledpbjkagliinaiahch\1.0.2_0
CHR Extension: (4Chan Viewer) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\eoldfiljlhnghpnaghjihgnhiiebfbdl\1.2.3_0
CHR Extension: (Stylish) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe\1.2_0
CHR Extension: (XKit) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpfgeeomkfdefkckijiabdbogjkdaecd\7.2.3_0
CHR Extension: (AdBlock) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.14_0
CHR Extension: (Auto Replay for YouTube) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\kanbnempkjnhadplbfgdaagijdbdbjeb\1.9.28_0
CHR Extension: (Unfriend Finder) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\kddnblacojpnmjdlpnndlcamnmmkfina\40_0
CHR Extension: (Babblr) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkocmgaoibklfmejhklahodlookklfjk\1.4.97_0
CHR Extension: (Image Search Options) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\kljmejbpilkadikecejccebmccagifhl\0.0.7.3_0
CHR Extension: (TumTaster) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\nanfbkacbckngfcklahdgfagjlghfbgm\0.4.10_0
CHR Extension: (ChromeReload) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\njoipeaphfnaplplihpbgndfojhdhmjo\0.9.3_0
CHR Extension: (Google Wallet) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0
CHR Extension: (Google Reader) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjjhlfkghdhmijklfnahfkpgmhcmfgcm\4.4_0
CHR Extension: (Gmail) - C:\Users\Kyuubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx
CHR HKLM-x32\...\Chrome\Extension: [engepbdmoplfpledpbjkagliinaiahch] - C:\Program Files (x86)\TGF Interactive\Genius Box\GeniusBox.crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx
CHR HKLM-x32\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\Kyuubei\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx
CHR HKLM-x32\...\Chrome\Extension: [pgmfkblbflahhponhjmkcnpjinenhlnc] - C:\Users\Kyuubei\AppData\Local\Vid-Saver\Chrome\Vid-Saver.crx
CHR StartMenuInternet: Google Chrome - C:\Users\Kyuubei\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-07-11] (SUPERAntiSpyware.com)
S4 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2012-03-11] (Adobe Systems)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-03-28] (Advanced Micro Devices, Inc.)
S3 ArcService; D:\Perfect World\ArcService.exe [88424 2013-05-23] (Perfect World Entertainment Inc)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [376144 2013-10-25] (LogMeIn, Inc.)
R2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [226640 2013-10-25] (LogMeIn, Inc.)
R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2011-09-16] (LogMeIn, Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-08-12] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-08-12] (Microsoft Corporation)
S4 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [625304 2012-09-28] (Pandora.TV)
S4 WDBtnMgrSvc.exe; C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [119296 2009-06-26] (WDC)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [619904 2012-12-11] (Wacom Technology, Corp.)

==================== Drivers (Whitelisted) ====================

R2 AODDriver4.01; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
S2 AODDriver4.2; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
S3 DIRECTIO; C:\Program Files\PerformanceTest\DirectIo64.sys [25704 2012-08-13] ()
R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2013-05-25] (LogMeIn, Inc.)
S4 LMIRfsClientNP; No ImagePath
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv_x64.sys [34304 2011-12-20] (ManyCam LLC)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [28160 2012-02-28] (ManyCam LLC)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 tapSF0901; C:\Windows\System32\DRIVERS\tapSF0901.sys [39104 2013-05-15] (Spotflux, Inc.)
S3 VASDeviceDrm; C:\Windows\System32\drivers\vasdDev.sys [1454896 2012-03-19] (ShiningMorning Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
S3 wacommousefilter; system32\DRIVERS\wacommousefilter.sys [x]
S3 wacomvhid; system32\DRIVERS\wacomvhid.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

Error(0) reading file: "C:\Windows\system32\ "
2013-11-13 19:19 - 2013-11-13 19:20 - 00033502 _____ C:\Users\Kyuubei\Downloads\Addition.txt
2013-11-13 19:17 - 2013-11-13 20:46 - 00025000 _____ C:\Users\Kyuubei\Downloads\FRST.txt
2013-11-13 19:16 - 2013-11-13 19:16 - 01957794 _____ (Farbar) C:\Users\Kyuubei\Downloads\FRST64.exe
2013-11-13 19:16 - 2013-11-13 19:16 - 00000000 ____D C:\FRST
2013-11-13 19:12 - 2013-11-13 19:12 - 00031979 _____ C:\ComboFix.txt
2013-11-13 18:39 - 2011-06-26 01:45 - 00256000 _____ C:\Windows\PEV.exe
2013-11-13 18:39 - 2010-11-07 12:20 - 00208896 _____ C:\Windows\MBR.exe
2013-11-13 18:39 - 2009-04-19 23:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-11-13 18:39 - 2000-08-30 19:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-11-13 18:39 - 2000-08-30 19:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-11-13 18:39 - 2000-08-30 19:00 - 00098816 _____ C:\Windows\sed.exe
2013-11-13 18:39 - 2000-08-30 19:00 - 00080412 _____ C:\Windows\grep.exe
2013-11-13 18:39 - 2000-08-30 19:00 - 00068096 _____ C:\Windows\zip.exe
2013-11-13 18:38 - 2013-11-13 19:12 - 00000000 ____D C:\Qoobox
2013-11-13 18:38 - 2013-11-13 19:08 - 00000000 ____D C:\Windows\erdnt
2013-11-13 18:31 - 2013-11-13 18:31 - 05147957 ____R (Swearware) C:\Users\Kyuubei\Downloads\ComboFix.exe
2013-11-12 20:07 - 2013-11-12 20:07 - 00010298 _____ C:\Users\Kyuubei\Downloads\Lady Gaga - ARTPOP - 2013 (CD - MP3 - V0 (VBR)).torrent
2013-11-12 18:50 - 2013-11-12 18:50 - 00071290 _____ C:\Users\Kyuubei\Downloads\Extras.Txt
2013-11-12 17:55 - 2013-11-12 17:55 - 00124708 _____ C:\Users\Kyuubei\Downloads\OTL.Txt
2013-11-12 16:53 - 2013-11-12 16:53 - 00602112 _____ (OldTimer Tools) C:\Users\Kyuubei\Downloads\OTL.exe
2013-11-12 11:57 - 2013-11-12 23:43 - 00001025 _____ C:\Users\Kyuubei\Desktop\IMPORTANT INFO.txt
2013-11-12 00:50 - 2013-11-12 00:50 - 00233808 _____ C:\Users\Kyuubei\Downloads\CrucialScan.exe
2013-11-12 00:19 - 2013-11-12 00:20 - 38309906 _____ C:\Users\Kyuubei\Downloads\Phoenix Wright - Ace Attorney.zip
2013-11-11 14:23 - 2013-11-11 14:23 - 31666373 _____ C:\Users\Kyuubei\Downloads\635.PBP
2013-11-11 14:22 - 2013-11-11 14:22 - 01320276 _____ C:\Users\Kyuubei\Downloads\Downgrader.zip
2013-11-11 14:13 - 2013-11-11 14:14 - 27538810 _____ C:\Users\Kyuubei\Downloads\PSP_550_FW_UPDATE.RAR
2013-11-11 14:09 - 2013-11-11 14:09 - 00924536 _____ C:\Users\Kyuubei\Downloads\xgen-v5-5-50gen-d3-release.zip
2013-11-11 14:05 - 2013-11-11 14:05 - 00000201 _____ C:\Users\Kyuubei\Downloads\127604_cfw550gend3final.rar
2013-11-11 14:03 - 2013-11-11 14:03 - 32608261 _____ C:\Users\Kyuubei\Downloads\EBOOT (1).PBP
2013-11-11 13:58 - 2013-11-11 13:58 - 32608261 _____ C:\Users\Kyuubei\Downloads\EBOOT.PBP
2013-11-11 13:56 - 2013-11-11 13:56 - 00787749 _____ C:\Users\Kyuubei\Downloads\6.60 LME-1.8.zip
2013-11-11 13:53 - 2013-11-11 13:53 - 00484885 _____ C:\Users\Kyuubei\Downloads\6.60 ME-1.8.zip
2013-11-11 13:48 - 2013-11-11 13:48 - 28355979 _____ C:\Users\Kyuubei\Downloads\27812_xgeninstallerfor550genc_1255909988.zip
2013-11-11 13:48 - 2013-11-11 13:48 - 27046464 _____ C:\Users\Kyuubei\Downloads\PSPFirmware5.03Update.zip
2013-11-11 13:47 - 2013-11-11 13:47 - 00193605 _____ C:\Users\Kyuubei\Downloads\ChickHENR2.rar
2013-11-11 13:26 - 2013-11-11 13:32 - 529707818 _____ C:\Users\Kyuubei\Downloads\Valkyrie_Profile_Lenneth_USA_PSP-ARTiSAN.rar
2013-11-11 13:16 - 2013-11-11 13:16 - 01072809 _____ C:\Users\Kyuubei\Downloads\660PRO-C2.rar
2013-11-10 21:58 - 2013-11-10 21:59 - 54861450 _____ C:\Users\Kyuubei\Downloads\Radiant Historia.zip
2013-11-10 21:53 - 2013-11-10 21:53 - 28243959 _____ C:\Users\Kyuubei\Downloads\Harvest Moon DS.zip
2013-11-10 21:18 - 2013-11-10 21:21 - 75282450 _____ C:\Users\Kyuubei\Downloads\World Ends With You, The.zip
2013-11-09 22:52 - 2013-11-09 22:52 - 03698590 _____ C:\Users\Kyuubei\Downloads\heretic_mansion_v1_2.zip
2013-11-03 17:27 - 2013-11-03 17:33 - 536010902 _____ C:\Users\Kyuubei\Downloads\jane_eyre_ver03_0809_librivox_64kb_mp3.zip
2013-10-27 22:56 - 2013-10-27 22:56 - 00019163 _____ C:\Users\Kyuubei\Downloads\Katy Perry - Prism - 2013 (CD - MP3 - V0 (VBR)).torrent
2013-10-27 22:56 - 2013-10-27 22:56 - 00015345 _____ C:\Users\Kyuubei\Downloads\Placebo - Loud Like Love - 2013 (CD - MP3 - V0 (VBR)).torrent
2013-10-23 06:42 - 2013-10-23 06:44 - 197730583 _____ C:\Users\Kyuubei\Downloads\JaneEyre-48kb-Part1.m4b
2013-10-22 20:26 - 2012-12-03 15:36 - 00081824 _____ (Wacom Technology) C:\Windows\system32\Drivers\wachidrouter.sys
2013-10-22 20:26 - 2012-12-03 15:36 - 00013728 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\hidkmdf.sys
2013-10-22 20:26 - 2012-11-15 08:41 - 00015776 _____ (Wacom Technology) C:\Windows\system32\Drivers\wacomrouterfilter.sys
2013-10-22 20:25 - 2013-10-22 20:25 - 38455200 _____ C:\Users\Kyuubei\Downloads\PenTablet_532-1.exe
2013-10-20 21:14 - 2013-10-22 20:26 - 00001542 _____ C:\Users\Kyuubei\Documents\userinfo.txt
2013-10-19 09:41 - 2013-09-04 07:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-19 09:41 - 2013-09-04 07:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-19 09:41 - 2013-09-04 07:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-19 09:41 - 2013-09-04 07:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-19 09:41 - 2013-09-04 07:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-19 09:41 - 2013-09-04 07:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-10-19 09:41 - 2013-09-04 07:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-19 09:05 - 2013-10-25 09:58 - 00000579 _____ C:\Users\Kyuubei\Documents\dsfvdsfsdf.txt
2013-10-19 09:05 - 2013-10-19 09:05 - 00000065 _____ C:\Users\Kyuubei\Documents\dfdsaf.txt
2013-10-17 08:27 - 2013-10-19 09:05 - 00010123 _____ C:\Users\Kyuubei\Documents\TAROT DAILY MASTER'.xlsx
2013-10-16 20:52 - 2013-10-16 20:52 - 00058910 _____ C:\Users\Kyuubei\Downloads\Sound Horizon.torrent
2013-10-15 21:07 - 2013-10-15 21:07 - 00000000 ____D C:\Users\Kyuubei\AppData\Local\Macroplant_LLC
2013-10-15 21:07 - 2013-10-15 21:07 - 00000000 ____D C:\Program Files (x86)\iExplorer
2013-10-15 21:06 - 2013-10-15 21:07 - 09674944 _____ (Macroplant LLC ) C:\Users\Kyuubei\Downloads\iExplorer_3_Setup_3242 (1).exe
2013-10-15 21:06 - 2013-10-15 21:06 - 09674944 _____ (Macroplant LLC ) C:\Users\Kyuubei\Downloads\iExplorer_3_Setup_3242.exe
2013-10-14 23:01 - 2013-10-14 23:02 - 07020387 _____ C:\Users\Kyuubei\Downloads\DrawSomethingFree_v1.1.18.apk
2013-10-14 23:00 - 2013-10-14 23:00 - 01680752 _____ C:\Users\Kyuubei\Downloads\Draw Something - FULL - Premium - Android APK.exe

==================== One Month Modified Files and Folders =======

2013-11-13 20:48 - 2013-11-13 19:17 - 00025000 _____ C:\Users\Kyuubei\Downloads\FRST.txt
2013-11-13 20:46 - 2012-02-05 00:03 - 01253553 _____ C:\Windows\WindowsUpdate.log
2013-11-13 20:45 - 2012-02-04 23:41 - 00000000 ____D C:\Users\Kyuubei\AppData\Roaming\uTorrent
2013-11-13 20:41 - 2013-08-09 16:47 - 00005662 _____ C:\Windows\PFRO.log
2013-11-13 20:41 - 2013-07-23 18:22 - 00003522 _____ C:\Windows\setupact.log
2013-11-13 20:41 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-13 20:09 - 2012-02-04 23:23 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3413043463-2710680305-634011025-1000UA.job
2013-11-13 19:20 - 2013-11-13 19:19 - 00033502 _____ C:\Users\Kyuubei\Downloads\Addition.txt
2013-11-13 19:16 - 2013-11-13 19:16 - 01957794 _____ (Farbar) C:\Users\Kyuubei\Downloads\FRST64.exe
2013-11-13 19:16 - 2013-11-13 19:16 - 00000000 ____D C:\FRST
2013-11-13 19:12 - 2013-11-13 19:12 - 00031979 _____ C:\ComboFix.txt
2013-11-13 19:12 - 2013-11-13 18:38 - 00000000 ____D C:\Qoobox
2013-11-13 19:12 - 2009-07-13 22:20 - 00000000 __RHD C:\Users\Default
2013-11-13 19:08 - 2013-11-13 18:38 - 00000000 ____D C:\Windows\erdnt
2013-11-13 18:58 - 2009-07-13 21:34 - 00000215 _____ C:\Windows\system.ini
2013-11-13 18:36 - 2012-08-01 12:31 - 00000000 ____D C:\Users\Kyuubei\AppData\Roaming\Skype
2013-11-13 18:36 - 2012-02-05 02:53 - 00000000 ____D C:\Users\Kyuubei\AppData\Local\Last.fm
2013-11-13 18:31 - 2013-11-13 18:31 - 05147957 ____R (Swearware) C:\Users\Kyuubei\Downloads\ComboFix.exe
2013-11-13 18:31 - 2012-02-05 00:07 - 00000000 ____D C:\ProgramData\LogMeIn
2013-11-12 23:43 - 2013-11-12 11:57 - 00001025 _____ C:\Users\Kyuubei\Desktop\IMPORTANT INFO.txt
2013-11-12 22:09 - 2012-02-04 23:23 - 00000864 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3413043463-2710680305-634011025-1000Core.job
2013-11-12 20:07 - 2013-11-12 20:07 - 00010298 _____ C:\Users\Kyuubei\Downloads\Lady Gaga - ARTPOP - 2013 (CD - MP3 - V0 (VBR)).torrent
2013-11-12 18:50 - 2013-11-12 18:50 - 00071290 _____ C:\Users\Kyuubei\Downloads\Extras.Txt
2013-11-12 17:55 - 2013-11-12 17:55 - 00124708 _____ C:\Users\Kyuubei\Downloads\OTL.Txt
2013-11-12 16:53 - 2013-11-12 16:53 - 00602112 _____ (OldTimer Tools) C:\Users\Kyuubei\Downloads\OTL.exe
2013-11-12 16:04 - 2012-11-27 16:28 - 00000000 ____D C:\Users\Kyuubei\AppData\Roaming\Media Player Classic
2013-11-12 11:25 - 2009-07-13 23:45 - 00021024 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-12 11:25 - 2009-07-13 23:45 - 00021024 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-12 11:22 - 2012-12-14 07:38 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-11-12 11:17 - 2013-08-05 12:39 - 00000000 ____D C:\Users\Kyuubei\Desktop\outfit inspiration
2013-11-12 10:56 - 2012-02-05 01:13 - 00000000 ____D C:\Users\Kyuubei\AppData\Local\PMB Files
2013-11-12 10:56 - 2012-02-05 01:13 - 00000000 ____D C:\ProgramData\PMB Files
2013-11-12 01:10 - 2012-02-06 16:07 - 00000000 ____D C:\Users\Kyuubei\AppData\Roaming\vlc
2013-11-12 00:50 - 2013-11-12 00:50 - 00233808 _____ C:\Users\Kyuubei\Downloads\CrucialScan.exe
2013-11-12 00:20 - 2013-11-12 00:19 - 38309906 _____ C:\Users\Kyuubei\Downloads\Phoenix Wright - Ace Attorney.zip
2013-11-11 14:23 - 2013-11-11 14:23 - 31666373 _____ C:\Users\Kyuubei\Downloads\635.PBP
2013-11-11 14:22 - 2013-11-11 14:22 - 01320276 _____ C:\Users\Kyuubei\Downloads\Downgrader.zip
2013-11-11 14:14 - 2013-11-11 14:13 - 27538810 _____ C:\Users\Kyuubei\Downloads\PSP_550_FW_UPDATE.RAR
2013-11-11 14:09 - 2013-11-11 14:09 - 00924536 _____ C:\Users\Kyuubei\Downloads\xgen-v5-5-50gen-d3-release.zip
2013-11-11 14:05 - 2013-11-11 14:05 - 00000201 _____ C:\Users\Kyuubei\Downloads\127604_cfw550gend3final.rar
2013-11-11 14:03 - 2013-11-11 14:03 - 32608261 _____ C:\Users\Kyuubei\Downloads\EBOOT (1).PBP
2013-11-11 13:58 - 2013-11-11 13:58 - 32608261 _____ C:\Users\Kyuubei\Downloads\EBOOT.PBP
2013-11-11 13:56 - 2013-11-11 13:56 - 00787749 _____ C:\Users\Kyuubei\Downloads\6.60 LME-1.8.zip
2013-11-11 13:53 - 2013-11-11 13:53 - 00484885 _____ C:\Users\Kyuubei\Downloads\6.60 ME-1.8.zip
2013-11-11 13:48 - 2013-11-11 13:48 - 28355979 _____ C:\Users\Kyuubei\Downloads\27812_xgeninstallerfor550genc_1255909988.zip
2013-11-11 13:48 - 2013-11-11 13:48 - 27046464 _____ C:\Users\Kyuubei\Downloads\PSPFirmware5.03Update.zip
2013-11-11 13:47 - 2013-11-11 13:47 - 00193605 _____ C:\Users\Kyuubei\Downloads\ChickHENR2.rar
2013-11-11 13:32 - 2013-11-11 13:26 - 529707818 _____ C:\Users\Kyuubei\Downloads\Valkyrie_Profile_Lenneth_USA_PSP-ARTiSAN.rar
2013-11-11 13:16 - 2013-11-11 13:16 - 01072809 _____ C:\Users\Kyuubei\Downloads\660PRO-C2.rar
2013-11-10 21:59 - 2013-11-10 21:58 - 54861450 _____ C:\Users\Kyuubei\Downloads\Radiant Historia.zip
2013-11-10 21:54 - 2012-02-05 08:42 - 00738006 _____ C:\Windows\system32\perfh00A.dat
2013-11-10 21:54 - 2012-02-05 08:42 - 00717230 _____ C:\Windows\system32\perfh019.dat
2013-11-10 21:54 - 2012-02-05 08:42 - 00422082 _____ C:\Windows\system32\perfh012.dat
2013-11-10 21:54 - 2012-02-05 08:42 - 00418618 _____ C:\Windows\system32\perfh011.dat
2013-11-10 21:54 - 2012-02-05 08:42 - 00394914 _____ C:\Windows\system32\prfh0404.dat
2013-11-10 21:54 - 2012-02-05 08:42 - 00377812 _____ C:\Windows\system32\prfh0804.dat
2013-11-10 21:54 - 2012-02-05 08:42 - 00158056 _____ C:\Windows\system32\perfc00A.dat
2013-11-10 21:54 - 2012-02-05 08:42 - 00150212 _____ C:\Windows\system32\perfc019.dat
2013-11-10 21:54 - 2012-02-05 08:42 - 00122052 _____ C:\Windows\system32\perfc011.dat
2013-11-10 21:54 - 2012-02-05 08:42 - 00120214 _____ C:\Windows\system32\perfc012.dat
2013-11-10 21:54 - 2012-02-05 08:42 - 00119786 _____ C:\Windows\system32\prfc0804.dat
2013-11-10 21:54 - 2012-02-05 08:42 - 00114872 _____ C:\Windows\system32\prfc0404.dat
2013-11-10 21:54 - 2009-07-14 00:13 - 04627996 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-10 21:53 - 2013-11-10 21:53 - 28243959 _____ C:\Users\Kyuubei\Downloads\Harvest Moon DS.zip
2013-11-10 21:21 - 2013-11-10 21:18 - 75282450 _____ C:\Users\Kyuubei\Downloads\World Ends With You, The.zip
2013-11-09 22:52 - 2013-11-09 22:52 - 03698590 _____ C:\Users\Kyuubei\Downloads\heretic_mansion_v1_2.zip
2013-11-03 17:33 - 2013-11-03 17:27 - 536010902 _____ C:\Users\Kyuubei\Downloads\jane_eyre_ver03_0809_librivox_64kb_mp3.zip
2013-10-31 22:43 - 2012-02-24 12:56 - 00000000 ____D C:\Program Files (x86)\StepMania
2013-10-27 22:56 - 2013-10-27 22:56 - 00019163 _____ C:\Users\Kyuubei\Downloads\Katy Perry - Prism - 2013 (CD - MP3 - V0 (VBR)).torrent
2013-10-27 22:56 - 2013-10-27 22:56 - 00015345 _____ C:\Users\Kyuubei\Downloads\Placebo - Loud Like Love - 2013 (CD - MP3 - V0 (VBR)).torrent
2013-10-25 20:10 - 2012-02-05 00:07 - 00000000 ____D C:\Program Files (x86)\LogMeIn
2013-10-25 20:09 - 2012-02-05 00:07 - 00107368 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIRfsClientNP.dll
2013-10-25 20:09 - 2012-02-05 00:07 - 00092488 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIinit.dll
2013-10-25 20:09 - 2012-02-05 00:07 - 00035656 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIport.dll
2013-10-25 09:58 - 2013-10-19 09:05 - 00000579 _____ C:\Users\Kyuubei\Documents\dsfvdsfsdf.txt
2013-10-23 06:44 - 2013-10-23 06:42 - 197730583 _____ C:\Users\Kyuubei\Downloads\JaneEyre-48kb-Part1.m4b
2013-10-22 21:55 - 2012-04-09 16:59 - 00000000 ____D C:\Program Files (x86)\PaintTool SAI English Pack
2013-10-22 20:26 - 2013-10-20 21:14 - 00001542 _____ C:\Users\Kyuubei\Documents\userinfo.txt
2013-10-22 20:26 - 2012-12-11 18:27 - 00000000 ____D C:\Program Files (x86)\TabletPlugins
2013-10-22 20:26 - 2012-12-11 18:26 - 00000000 ____D C:\Program Files\Tablet
2013-10-22 20:26 - 2012-12-11 17:41 - 00000000 ____D C:\Program Files\TabletPlugins
2013-10-22 20:25 - 2013-10-22 20:25 - 38455200 _____ C:\Users\Kyuubei\Downloads\PenTablet_532-1.exe
2013-10-21 20:09 - 2012-02-05 00:07 - 00107368 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIRfsClientNP.dll.000.bak
2013-10-19 09:21 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\NDF
2013-10-19 09:08 - 2012-06-16 20:50 - 00000900 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-19 09:08 - 2012-06-16 20:50 - 00000896 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-19 09:05 - 2013-10-19 09:05 - 00000065 _____ C:\Users\Kyuubei\Documents\dfdsaf.txt
2013-10-19 09:05 - 2013-10-17 08:27 - 00010123 _____ C:\Users\Kyuubei\Documents\TAROT DAILY MASTER'.xlsx
2013-10-19 09:05 - 2012-05-21 15:39 - 00000132 _____ C:\Users\Kyuubei\AppData\Roaming\Adobe PNG Format CS6 Prefs
2013-10-16 20:52 - 2013-10-16 20:52 - 00058910 _____ C:\Users\Kyuubei\Downloads\Sound Horizon.torrent
2013-10-16 19:41 - 2013-01-29 08:34 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-10-16 19:41 - 2012-02-04 23:25 - 00000000 ____D C:\ProgramData\Skype
2013-10-16 06:29 - 2012-06-16 20:50 - 00003898 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-16 06:29 - 2012-06-16 20:50 - 00003646 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-16 02:01 - 2012-02-04 23:29 - 00002155 _____ C:\Windows\epplauncher.mif
2013-10-16 02:00 - 2013-08-09 17:11 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-10-16 02:00 - 2013-08-09 17:11 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-10-15 21:07 - 2013-10-15 21:07 - 00000000 ____D C:\Users\Kyuubei\AppData\Local\Macroplant_LLC
2013-10-15 21:07 - 2013-10-15 21:07 - 00000000 ____D C:\Program Files (x86)\iExplorer
2013-10-15 21:07 - 2013-10-15 21:06 - 09674944 _____ (Macroplant LLC ) C:\Users\Kyuubei\Downloads\iExplorer_3_Setup_3242 (1).exe
2013-10-15 21:06 - 2013-10-15 21:06 - 09674944 _____ (Macroplant LLC ) C:\Users\Kyuubei\Downloads\iExplorer_3_Setup_3242.exe
2013-10-14 23:02 - 2013-10-14 23:01 - 07020387 _____ C:\Users\Kyuubei\Downloads\DrawSomethingFree_v1.1.18.apk
2013-10-14 23:00 - 2013-10-14 23:00 - 01680752 _____ C:\Users\Kyuubei\Downloads\Draw Something - FULL - Premium - Android APK.exe
2013-10-14 20:59 - 2013-10-13 20:24 - 00005838 _____ C:\Users\Kyuubei\Documents\poemsmsm.txt
2013-10-14 08:19 - 2012-02-05 02:12 - 00000000 ____D C:\Users\Kyuubei\AppData\Roaming\mIRC
2013-10-14 07:23 - 2013-09-12 09:42 - 00014595 _____ C:\Users\Kyuubei\Documents\dskfjkldsf.txt

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-11-10 01:35

==================== End Of Log ============================

#6
RKinner

Posted 13 November 2013 - 08:19 PM

Malware Expert

Expert
24,625 posts

Log looks clean now. Are you still seeing 100% CPU?

#7
faburizu

Posted 13 November 2013 - 08:36 PM

Member

Topic Starter
Member
35 posts

I am, actually. It just happened, and I wasn't even viewing thumbnails or anything. I had to end explorer.exe and then re-run the process.

#8
RKinner

Posted 13 November 2013 - 08:45 PM

Malware Expert

Expert
24,625 posts

Let's see if it did any damage:

Right click on (My) Computer and select Manage (Continue) Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on System and Clear Log, Clear. Repeat for Application.

Reboot.

Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator. Then type (with an Enter after each line).

sfc  /scannow

(This will check your critical system files. Does this finish without complaint? IF it says it couldn't fix everything then:

Copy the next two lines:

findstr /c:"[SR]" \windows\logs\cbs\cbs.log > \windows\logs\cbs\junk.txt
notepad \windows\logs\cbs\junk.txt

Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue. Right click and Paste or Edit then Paste and the copied line should appear.
Hit Enter. Copy and paste the text from notepad or if it is too big, just attach the file.)

1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning

Then use the 'Number of events' as follows:

1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.

Please post the Output log in your next reply then repeat but select Application.

Zero Access often attacks your anti-virus and Microsoft Security Essentials is very vulnerable. Let's uninstall it and install the free Avast:

http://www.avast.com/index
Click on Download then choose the free version.

(Uncheck the Chrome and Google Toolbars that they offer you and stick with the Basic free anti-virus)
Save the installer program.

Uninstall Microsoft Security Essentials (If you have problems uninstalling it see: http://support.micro....com/kb/2435760 )

Reboot

Install Avast. (Right click and Run As Admin)

Once you get it installed and it is updated then tonight while you sleep let's let it do a full boot-time scan. This can take 6 hours so I usually let it run while I sleep.

First mute the speakers so it won't wake you up when Windows loads. Click on the Orange ball. Click on Scans. Change Quickscan to Boot-time Scan. Click on Settings. Where it says Heuristic Sensitivity click on the last rectangle so that all of them are orange and it says High. Check both boxes. Then change When a threat is found ... to: Move to Chest. OK. Now click on Start. Close the Avast window and then reboot. The scan will start. It will tell you where it will save the report. Usually it's
C:\ProgramData\AVAST Software\Avast\report\aswBoot.txt but it might change so verify the location. When Windows loads Click on the Orange Ball then Scan, Then Scan History (at the bottom of the page). Click on the last scan and then Detailed Report. If it found anything then open the aswBoot.txt file and copy and paste it. If you can't find it then take a screen shot of the Detailed Report:

Press the Alt + the Print Screen key on your keyboard. It may be labeled [PrtScn].

Open Microsoft Paint (All Programs, Accessories,Paint).

Go to the Edit menu and choose Paste (or just do Ctrl + v) and the image should appear.

Go to the File Menu and choose Save As.

Navigate to the folder where you want to save the image. (Desktop)

Type a file name for the image: Avast

Select a file type. jpeg

Click the Save button.

Attach Avast.jpg to your Reply.

(Start a Reply. Click on the Browse button, point it at your desktop and click on Avast.jpg then Open. Now click on Attach this File)

#9
faburizu

Posted 14 November 2013 - 07:15 AM

Member

Topic Starter
Member
35 posts

Avast may or may not have run a boot-time scan. When I set it to run, and it rebooted, the computer would freeze mid-start-up. It froze when it said "please wait" as it listed the main .sys drivers being loaded. The first time it froze here, I was worried and manually rebooted. Then, I ran avast again and went to bed. When I woke up, it was still frozen at the "please wait" screen. I manually rebooted again and logged into my computer. Upon opening the aswBoot.txt file, there was a report, but it was short and it looks like the scan may not have finished. I will post the report at the end after the two VEW logs.

VEW 1:

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 13/11/2013 11:32:20 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 14/11/2013 4:26:12 AM
Type: Error Category: 0
Event: 20 Source: Microsoft-Windows-WHEA-Logger
A fatal hardware error has occurred. Component: AMD Northbridge Error Source: Machine Check Exception Error Type: Sync Error Processor ID: 0 The details view of this entry contains further information.

Log: 'System' Date/Time: 14/11/2013 4:25:51 AM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The AODDriver4.2 service failed to start due to the following error: The system cannot find the file specified.

Log: 'System' Date/Time: 14/11/2013 3:15:46 AM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The AODDriver4.2 service failed to start due to the following error: The system cannot find the file specified.

Log: 'System' Date/Time: 14/11/2013 3:15:46 AM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The AMD FUEL Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 14/11/2013 3:15:46 AM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the AMD FUEL Service service to connect.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 14/11/2013 4:26:12 AM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC&PROD_COMPACT_FLASH&REV_0.00#00000000000006&0#.

Log: 'System' Date/Time: 14/11/2013 3:16:39 AM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC&PROD_COMPACT_FLASH&REV_0.00#00000000000006&0#.

VEW 2:

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 13/11/2013 11:33:20 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 14/11/2013 4:30:52 AM
Type: Warning Category: 3
Event: 3036 Source: Microsoft-Windows-Search
The content source <csc://{S-1-5-21-3413043463-2710680305-634011025-1000}/> cannot be accessed.

Context: Application, SystemIndex Catalog

Details:
The object was not found. (HRESULT : 0x80041201) (0x80041201)

Log: 'Application' Date/Time: 14/11/2013 4:27:32 AM
Type: Warning Category: 3
Event: 3086 Source: Microsoft-Windows-Search
The system locale has changed. Existing data will be deleted and the index must be recreated.

Context: Application, SystemIndex Catalog

Log: 'Application' Date/Time: 14/11/2013 3:17:03 AM
Type: Warning Category: 3
Event: 3036 Source: Microsoft-Windows-Search
The content source <csc://{S-1-5-21-3413043463-2710680305-634011025-1000}/> cannot be accessed.

Context: Application, SystemIndex Catalog

Details:
The object was not found. (HRESULT : 0x80041201) (0x80041201)

AVAST:

11/13/2013 23:40
Scan of all local drives

----------------------------------------
11/13/2013 23:51
Scan of all local drives

File C:\Windows\AutoKMS\AutoKMS.exe is infected by Win32:PUP-gen [PUP]

Edited by faburizu, 14 November 2013 - 07:17 AM.

#10
RKinner

Posted 14 November 2013 - 09:44 AM

Malware Expert

Expert
24,625 posts

This error:

Event: 20 Source: Microsoft-Windows-WHEA-Logger
A fatal hardware error has occurred. Component: AMD Northbridge Error Source: Machine Check Exception Error Type: Sync Error Processor ID: 0 The details view of this entry contains further information.

is not good. The only time when I can find someone with this error it was overheating. It appears you already have Speccy so:

Run Speccy. (right click and Run As Admin) When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File, (to your desktop) note the name it gives. OK. Open the file in notepad and delete the line that gives the serial number of your Operating System. (It will be near the top about 10 lines down.) Attach the file to your next post.

This will tell me the temps (as well as the condition of your hard drive) so make sure it has been on for a while before generating the speccy log.

The other errors:

Log: 'System' Date/Time: 14/11/2013 4:25:51 AM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The AODDriver4.2 service failed to start due to the following error: The system cannot find the file specified.

Log: 'System' Date/Time: 14/11/2013 3:15:46 AM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The AODDriver4.2 service failed to start due to the following error: The system cannot find the file specified.

Log: 'System' Date/Time: 14/11/2013 3:15:46 AM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The AMD FUEL Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 14/11/2013 3:15:46 AM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the AMD FUEL Service service to connect.

are all related to your graphics driver so see if you have the latest driver:

http://support.amd.c...ftWindows7.aspx

If you have the latest then you may need to drop back to the previous driver (or reinstall the latest).

For the Search errors:

a. Go to Start > Control Panel.
b. Double click on the Indexing Options.
c. Click on the Advanced button.
d. Click on on Restore Defaults.

#11
faburizu

Posted 14 November 2013 - 10:44 AM

Member

Topic Starter
Member
35 posts

I updated my driver, but the search indexing had no 'restore' option. Did you mean rebuild?

Summary
Operating System
Microsoft Windows 7 Ultimate 64-bit SP1
CPU
AMD Athlon II X2 235 23 °C
Regor 45nm Technology
RAM
7.00 GB Dual-Channel DDR2 @ 334MHz (5-5-5-15)
Motherboard
eMachines MCP61PM-GM (CPU 1) 33 °C
Graphics
HP x20LED (1600x900@60Hz)
AMD Radeon HD 6670 (Gigabyte)
Hard Drives
186GB Western Digital WDC WD2000BB-00GUC0 ATA Device (PATA) 40 °C
466GB Western Digital WDC WD50 00AAVS-00G9B SCSI Disk Device (ATA)
Optical Drives
ASUS DRW-24B1ST SCSI CdRom Device
Audio
Realtek High Definition Audio
Operating System
Microsoft Windows 7 Ultimate 64-bit SP1
Computer type: Desktop
Installation Date : 2012/02/05 12:04:18 AM
Serial Number:
Windows Security Center
User Account Control (UAC) Disabled
Firewall Enabled
Windows Update
AutoUpdate Not configured
Windows Defender
Windows Defender Enabled
Antivirus
Antivirus Enabled
Company Name AVAST Software
Display Name avast! Antivirus
Product Version 9.0.2008
Virus Signature Database Up to date
.NET Frameworks installed
v4.0 Full
v4.0 Client
v3.5 SP1
v3.0 SP2
v2.0 SP2
Internet Explorer
Version 10.0.9200.16736
PowerShell
Version 2.0
Java
Java Runtime Environment
Path C:\Program Files (x86)\Java\jre6\bin\java.exe
Version 6.0
Update 30
Build 12
Java Runtime Environment
Path C:\Program Files (x86)\Java\jre7\bin\java.exe
Version 7.0
Update 17
Build 02
Environment Variables
USERPROFILE C:\Users\Kyuubei
SystemRoot C:\Windows
User Variables
TEMP C:\Users\Kyuubei\AppData\Local\Temp
TMP C:\Users\Kyuubei\AppData\Local\Temp
UD_DISABLE_USAGE_TRACKING 1
MOZ_PLUGIN_PATH C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\
Machine Variables
ComSpec C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK NO
OS Windows_NT
Path C:\Windows\system32
C:\Windows
C:\Windows\system32\wbem
C:\Program Files (x86)\AMD APP\bin\x86_64
C:\Program Files (x86)\AMD APP\bin\x86
C:\Program Files\Common Files\Microsoft Shared\Windows Live
C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live
%SYSTEMROOT%\System32\WindowsPowerShell\v1.0
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static
C:\Program Files (x86)\Calibre2
C:\Program Files (x86)\Common Files\Acronis\SnapAPI
C:\Program Files (x86)\Windows Live\Shared
C:\Program Files (x86)\QuickTime\QTSystem
PATHEXT .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE AMD64
TEMP C:\Windows\TEMP
TMP C:\Windows\TEMP
USERNAME SYSTEM
windir C:\Windows
PSModulePath C:\Windows\system32\WindowsPowerShell\v1.0\Modules\
NUMBER_OF_PROCESSORS 2
PROCESSOR_LEVEL 16
PROCESSOR_IDENTIFIER AMD64 Family 16 Model 6 Stepping 2, AuthenticAMD
PROCESSOR_REVISION 0602
asl.log Destination=file
UD_DISABLE_USAGE_TRACKING 1
UD_INSTALL_DIR C:\Windows\UltraDefrag
AMDAPPSDKROOT C:\Program Files (x86)\AMD APP\
CLASSPATH .;C:\Program Files (x86)\Java\jre7\lib\ext\QTJava.zip
QTJAVA C:\Program Files (x86)\Java\jre7\lib\ext\QTJava.zip
Power Profile
Active power scheme Balanced
Hibernation Disabled
Turn Off Monitor after: (On AC Power) Never
Turn Off Hard Disk after: (On AC Power) 20 min
Suspend after: (On AC Power) Never
Screen saver Disabled
Uptime
Current Session
Current Time 2013/11/14 11:17:16 AM
Current Uptime 9,485 sec (0 d, 02 h, 38 m, 05 s)
Last Boot Time 2013/11/14 8:39:11 AM
TimeZone
TimeZone GMT -5:00 Hours
Language English (United States)
Location United States
Format English (United States)
Currency $
Date Format yyyy/MM/dd
Time Format h:mm:ss tt
Scheduler
2013/11/14 11:09 AM; GoogleUpdateTaskUserS-1-5-21-3413043463-2710680305-634011025-1000UA
2013/11/14 10:09 PM; GoogleUpdateTaskUserS-1-5-21-3413043463-2710680305-634011025-1000Core
Adobe Flash Player Updater
AutoKMS
CCleanerSkipUAC
GoogleUpdateTaskMachineCore
GoogleUpdateTaskMachineUA
launchspotflux
Process List
acrotray.exe
Process ID 4056
User Kyuubei
Domain Meguca
Path C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
Memory Usage 5.52 MB
Peak Memory Usage 5.54 MB
applemobiledeviceservice.exe
Process ID 1996
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
Memory Usage 9.21 MB
Peak Memory Usage 9.27 MB
atieclxx.exe
Process ID 4084
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\atieclxx.exe
Memory Usage 7.17 MB
Peak Memory Usage 7.17 MB
atiesrxx.exe
Process ID 1004
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\atiesrxx.exe
Memory Usage 4.16 MB
Peak Memory Usage 4.20 MB
audiodg.exe
Process ID 3824
avastsvc.exe
Process ID 1448
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\AVAST Software\Avast\AvastSvc.exe
Memory Usage 14 MB
Peak Memory Usage 71 MB
avastui.exe
Process ID 3496
User Kyuubei
Domain Meguca
Path C:\Program Files\AVAST Software\Avast\AvastUI.exe
Memory Usage 15 MB
Peak Memory Usage 22 MB
ccc.exe
Process ID 3388
User Kyuubei
Domain Meguca
Path C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Memory Usage 4.55 MB
Peak Memory Usage 113MB
chrome.exe
Process ID 4508
User Kyuubei
Domain Meguca
Path C:\Users\Kyuubei\AppData\Local\Google\Chrome\Application\chrome.exe
Memory Usage 94 MB
Peak Memory Usage 128MB
chrome.exe
Process ID 4468
User Kyuubei
Domain Meguca
Path C:\Users\Kyuubei\AppData\Local\Google\Chrome\Application\chrome.exe
Memory Usage 108MB
Peak Memory Usage 143MB
chrome.exe
Process ID 3272
User Kyuubei
Domain Meguca
Path C:\Users\Kyuubei\AppData\Local\Google\Chrome\Application\chrome.exe
Memory Usage 69 MB
Peak Memory Usage 69 MB
chrome.exe
Process ID 4736
User Kyuubei
Domain Meguca
Path C:\Users\Kyuubei\AppData\Local\Google\Chrome\Application\chrome.exe
Memory Usage 98 MB
Peak Memory Usage 145MB
chrome.exe
Process ID 4620
User Kyuubei
Domain Meguca
Path C:\Users\Kyuubei\AppData\Local\Google\Chrome\Application\chrome.exe
Memory Usage 49 MB
Peak Memory Usage 50 MB
chrome.exe
Process ID 4796
User Kyuubei
Domain Meguca
Path C:\Users\Kyuubei\AppData\Local\Google\Chrome\Application\chrome.exe
Memory Usage 131MB
Peak Memory Usage 133MB
chrome.exe
Process ID 1336
User Kyuubei
Domain Meguca
Path C:\Users\Kyuubei\AppData\Local\Google\Chrome\Application\chrome.exe
Memory Usage 60 MB
Peak Memory Usage 73 MB
chrome.exe
Process ID 4048
User Kyuubei
Domain Meguca
Path C:\Users\Kyuubei\AppData\Local\Google\Chrome\Application\chrome.exe
Memory Usage 69 MB
Peak Memory Usage 100MB
chrome.exe
Process ID 4784
User Kyuubei
Domain Meguca
Path C:\Users\Kyuubei\AppData\Local\Google\Chrome\Application\chrome.exe
Memory Usage 47 MB
Peak Memory Usage 47 MB
chrome.exe
Process ID 4776
User Kyuubei
Domain Meguca
Path C:\Users\Kyuubei\AppData\Local\Google\Chrome\Application\chrome.exe
Memory Usage 56 MB
Peak Memory Usage 66 MB
chrome.exe
Process ID 4764
User Kyuubei
Domain Meguca
Path C:\Users\Kyuubei\AppData\Local\Google\Chrome\Application\chrome.exe
Memory Usage 104MB
Peak Memory Usage 171MB
chrome.exe
Process ID 4292
User Kyuubei
Domain Meguca
Path C:\Users\Kyuubei\AppData\Local\Google\Chrome\Application\chrome.exe
Memory Usage 179MB
Peak Memory Usage 202MB
csrss.exe
Process ID 556
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\csrss.exe
Memory Usage 4.57 MB
Peak Memory Usage 4.57 MB
csrss.exe
Process ID 636
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\csrss.exe
Memory Usage 17 MB
Peak Memory Usage 17 MB
cuitx4.exe
Process ID 2588
User Kyuubei
Domain Meguca
Path C:\CUITX4\CUITX4.exe
Memory Usage 9.71 MB
Peak Memory Usage 9.72 MB
dllhost.exe
Process ID 5580
User Kyuubei
Domain Meguca
Path C:\Windows\system32\DllHost.exe
Memory Usage 7.22 MB
Peak Memory Usage 7.22 MB
dwm.exe
Process ID 2764
User Kyuubei
Domain Meguca
Path C:\Windows\system32\Dwm.exe
Memory Usage 4.66 MB
Peak Memory Usage 34 MB
explorer.exe
Process ID 2584
User Kyuubei
Domain Meguca
Path C:\Windows\Explorer.EXE
Memory Usage 59 MB
Peak Memory Usage 62 MB
fuel.service.exe
Process ID 1964
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
Memory Usage 5.60 MB
Peak Memory Usage 7.34 MB
googlecrashhandler.exe
Process ID 3660
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe
Memory Usage 528KB
Peak Memory Usage 4.38 MB
googlecrashhandler64.exe
Process ID 3732
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe
Memory Usage 528KB
Peak Memory Usage 4.46 MB
googleupdate.exe
Process ID 3684
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Memory Usage 668KB
Peak Memory Usage 6.30 MB
lmiguardiansvc.exe
Process ID 1648
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
Memory Usage 6.76 MB
Peak Memory Usage 6.79 MB
logmein.exe
Process ID 2352
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
Memory Usage 41 MB
Peak Memory Usage 41 MB
logmein.exe
Process ID 1552
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
Memory Usage 29 MB
Peak Memory Usage 34 MB
logmeinsystray.exe
Process ID 3704
User Kyuubei
Domain Meguca
Path C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
Memory Usage 12 MB
Peak Memory Usage 14 MB
lsass.exe
Process ID 744
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\lsass.exe
Memory Usage 11 MB
Peak Memory Usage 11 MB
lsm.exe
Process ID 752
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\lsm.exe
Memory Usage 4.14 MB
Peak Memory Usage 4.16 MB
mdnsresponder.exe
Process ID 2044
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Bonjour\mDNSResponder.exe
Memory Usage 5.43 MB
Peak Memory Usage 5.43 MB
minibin.exe
Process ID 2112
User Kyuubei
Domain Meguca
Path C:\Program Files (x86)\MiniBin\minibin.exe
Memory Usage 6.86 MB
Peak Memory Usage 6.86 MB
mom.exe
Process ID 1532
User Kyuubei
Domain Meguca
Path C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
Memory Usage 4.20 MB
Peak Memory Usage 28 MB
pen_tablet.exe
Process ID 1456
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Tablet\Pen\Pen_Tablet.exe
Memory Usage 21 MB
Peak Memory Usage 21 MB
pen_tabletuser.exe
Process ID 1616
User Kyuubei
Domain Meguca
Path C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
Memory Usage 5.25 MB
Peak Memory Usage 5.29 MB
pen_touchuser.exe
Process ID 3536
User Kyuubei
Domain Meguca
Path C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
Memory Usage 11 MB
Peak Memory Usage 11 MB
ramaint.exe
Process ID 1680
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
Memory Usage 4.60 MB
Peak Memory Usage 4.62 MB
searchindexer.exe
Process ID 3248
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\SearchIndexer.exe
Memory Usage 13 MB
Peak Memory Usage 15 MB
services.exe
Process ID 684
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\services.exe
Memory Usage 10 MB
Peak Memory Usage 15 MB
smss.exe
Process ID 412
User SYSTEM
Domain NT AUTHORITY
Path \SystemRoot\System32\smss.exe
Memory Usage 1.08 MB
Peak Memory Usage 1.11 MB
speccy64.exe
Process ID 5396
User Kyuubei
Domain Meguca
Path C:\Program Files\Speccy\Speccy64.exe
Memory Usage 39 MB
Peak Memory Usage 41 MB
spoolsv.exe
Process ID 1752
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\spoolsv.exe
Memory Usage 22 MB
Peak Memory Usage 30 MB
svchost.exe
Process ID 860
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 9.48 MB
Peak Memory Usage 9.80 MB
svchost.exe
Process ID 956
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 7.86 MB
Peak Memory Usage 7.89 MB
svchost.exe
Process ID 464
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 19 MB
Peak Memory Usage 20 MB
svchost.exe
Process ID 2900
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 7.95 MB
Peak Memory Usage 7.98 MB
svchost.exe
Process ID 620
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 187MB
Peak Memory Usage 207MB
svchost.exe
Process ID 748
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 12 MB
Peak Memory Usage 12 MB
svchost.exe
Process ID 2292
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 26 MB
Peak Memory Usage 61 MB
svchost.exe
Process ID 1496
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\SysWOW64\svchost.exe
Memory Usage 5.98 MB
Peak Memory Usage 6.07 MB
svchost.exe
Process ID 1200
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 8.67 MB
Peak Memory Usage 8.75 MB
svchost.exe
Process ID 1788
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 11 MB
Peak Memory Usage 112MB
svchost.exe
Process ID 1052
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 50 MB
Peak Memory Usage 690MB
svchost.exe
Process ID 1372
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 15 MB
Peak Memory Usage 15 MB
svchost.exe
Process ID 3376
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 6.46 MB
Peak Memory Usage 6.46 MB
system
Process ID 4
system idle process
Process ID 0
taskhost.exe
Process ID 2100
User Kyuubei
Domain Meguca
Path C:\Windows\system32\taskhost.exe
Memory Usage 11 MB
Peak Memory Usage 11 MB
tcpsvcs.exe
Process ID 2120
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\tcpsvcs.exe
Memory Usage 4.50 MB
Peak Memory Usage 4.54 MB
utorrent.exe
Process ID 1300
User Kyuubei
Domain Meguca
Path C:\Program Files (x86)\uTorrent\uTorrent.exe
Memory Usage 57 MB
Peak Memory Usage 60 MB
wacomhost.exe
Process ID 3048
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Tablet\Pen\WacomHost.exe
Memory Usage 5.80 MB
Peak Memory Usage 6.61 MB
wininit.exe
Process ID 624
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\wininit.exe
Memory Usage 4.40 MB
Peak Memory Usage 4.48 MB
winlogon.exe
Process ID 716
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\winlogon.exe
Memory Usage 7.03 MB
Peak Memory Usage 8.25 MB
wmiapsrv.exe
Process ID 1568
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\wbem\WmiApSrv.exe
Memory Usage 5.86 MB
Peak Memory Usage 5.86 MB
wmiprvse.exe
Process ID 5104
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\wbem\wmiprvse.exe
Memory Usage 17 MB
Peak Memory Usage 17 MB
wmiprvse.exe
Process ID 4996
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\wbem\wmiprvse.exe
Memory Usage 28 MB
Peak Memory Usage 28 MB
wmiprvse.exe
Process ID 2432
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\wbem\wmiprvse.exe
Memory Usage 8.68 MB
Peak Memory Usage 8.88 MB
wtabletservicecon.exe
Process ID 1320
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
Memory Usage 4.73 MB
Peak Memory Usage 4.87 MB
wuauclt.exe
Process ID 5044
User Kyuubei
Domain Meguca
Path C:\Windows\system32\wuauclt.exe
Memory Usage 6.07 MB
Peak Memory Usage 6.14 MB
wudfhost.exe
Process ID 1888
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\WUDFHost.exe
Memory Usage 6.00 MB
Peak Memory Usage 6.02 MB
Hotfixes
2013/11/14 Definition Update for Windows Defender - KB915597 (Definition 1.161.1906.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
2013/11/14 Cumulative Security Update for Internet Explorer 10 for Windows 7 Service Pack 1 for x64-based Systems (KB2888505)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/11/14 Security Update for Windows 7 for x64-based Systems (KB2868626)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/11/14 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
This update provides the latest junk email and malicious links
filter definitions for Microsoft Office 2010 32-Bit Edition.
2013/11/14 Security Update for Windows 7 for x64-based Systems (KB2875783)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/11/14 Cumulative Security Update for ActiveX Killbits for Windows 7 for x64-based Systems (KB2900986)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/11/14 Update for Windows 7 for x64-based Systems (KB2893519)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
2013/11/14 Security Update for Windows 7 for x64-based Systems (KB2868725)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/11/14 Windows Malicious Software Removal Tool x64 - November 2013 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
2013/11/14 Security Update for Windows 7 for x64-based Systems (KB2876331)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/11/14 Security Update for Windows 7 for x64-based Systems (KB2862152)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/11/13 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.161.1990.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/11/12 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.161.1896.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/11/11 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.161.1834.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/11/10 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.161.1803.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/11/10 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.161.1798.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/11/09 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.161.1745.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/11/07 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.161.1624.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/11/06 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.161.1547.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/11/05 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.161.1453.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/11/04 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.161.1375.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/11/03 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.161.1332.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/11/03 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.161.1325.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/11/02 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.161.1273.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/11/01 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.161.1207.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/10/31 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.161.1109.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/10/30 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.161.1037.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/10/29 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.161.947.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/10/28 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.161.859.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/10/27 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.161.825.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/10/26 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.161.766.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/10/25 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.161.683.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/10/24 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.161.583.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/10/22 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.161.426.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/10/21 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.161.328.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/10/20 Security Update for Windows 7 for x64-based Systems (KB2862330)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/10/19 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.161.244.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/10/18 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.161.150.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/10/17 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.161.67.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/10/16 Update for Microsoft Security Essentials - KB2866337 (4.3.219.0)
This package will update Microsoft Security Essentials client
on the user's machine.
2013/10/15 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.159.2225.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/10/14 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.159.2127.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/10/13 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.159.2102.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/10/12 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.159.2054.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/10/11 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.159.1955.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/10/11 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
This update provides the latest junk email and malicious links
filter definitions for Microsoft Office 2010 32-Bit Edition.
2013/10/11 Security Update for Windows 7 for x64-based Systems (KB2864058)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/10/11 Security Update for Windows 7 for x64-based Systems (KB2884256)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/10/11 Security Update for Windows 7 for x64-based Systems (KB2847311)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/10/11 Cumulative Security Update for Internet Explorer 10 for Windows 7 Service Pack 1 for x64-based Systems (KB2879017)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/10/11 Security Update for Windows 7 for x64-based Systems (KB2864202)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/10/11 Security Update for Microsoft Silverlight (KB2890788)
This security update to Silverlight includes fixes outlined in
KB 2890788. This update is backward compatible with web applications
built using previous versions of Silverlight.
2013/10/11 Security Update for Windows 7 for x64-based Systems (KB2868038)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/10/11 Security Update for Windows 7 for x64-based Systems (KB2862335)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/10/11 Update for Windows 7 for x64-based Systems (KB2846960)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
2013/10/11 Update for Windows 7 for x64-based Systems (KB2888049)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
2013/10/11 Security Update for Windows 7 for x64-based Systems (KB2883150)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/10/11 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2858302)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/10/11 Update for Windows 7 for x64-based Systems (KB2882822)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
2013/10/11 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2863240)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/10/11 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2861698)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/10/11 Windows Malicious Software Removal Tool x64 - October 2013 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
2013/10/11 Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2836939)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
2013/10/11 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2861191)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/10/11 Security Update for Windows 7 for x64-based Systems (KB2876284)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/10/11 Update for Windows 7 for x64-based Systems (KB2852386)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
2013/10/10 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.159.1865.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/10/09 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.159.1788.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/10/08 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.159.1697.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/10/07 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.159.1596.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/10/06 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.159.1547.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/10/05 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.159.1503.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/10/04 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.159.1409.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/10/03 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.159.1315.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/10/02 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.159.1192.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/10/01 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.159.1110.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/09/30 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.159.1016.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/09/29 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.159.988.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/09/28 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.159.940.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/09/27 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.159.851.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/09/26 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.159.760.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/09/25 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.159.663.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/09/24 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.159.573.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/09/23 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.159.480.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/09/22 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.159.444.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/09/21 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.159.393.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/09/20 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.159.324.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/09/19 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.159.230.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/09/18 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.159.148.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/09/17 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.159.58.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/09/16 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.157.2001.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/09/15 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.157.1963.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/09/14 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.157.1922.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/09/13 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.157.1851.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/09/12 Cumulative Security Update for Internet Explorer 10 for Windows 7 Service Pack 1 for x64-based Systems (KB2870699)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/09/12 Windows Malicious Software Removal Tool x64 - September 2013 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
2013/09/12 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
This update provides the latest junk email and malicious links
filter definitions for Microsoft Office 2010 32-Bit Edition.
2013/09/12 Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2836942)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
2013/09/12 Update for Windows 7 for x64-based Systems (KB2853952)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
2013/09/12 Security Update for Windows 7 for x64-based Systems (KB2872339)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/09/12 Security Update for Windows 7 for x64-based Systems (KB2876315)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/09/12 Update for Windows 7 for x64-based Systems (KB2868116)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
2013/09/12 Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2836943)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
2013/09/12 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.157.1739.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/09/10 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.157.1620.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/09/09 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.157.1523.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/09/08 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.157.1462.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/09/08 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.157.1446.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/09/07 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.157.1418.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/09/06 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.157.1352.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/09/05 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.157.1248.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/09/04 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.157.1127.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/09/03 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.157.1049.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/09/01 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.157.919.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/08/31 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.157.877.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/08/30 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.157.801.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/08/29 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.157.713.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/08/28 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.157.617.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/08/28 Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
Microsoft has released an update for Microsoft Office 2010 32-Bit
Edition. This update provides the latest fixes to Microsoft Office
2010 32-Bit Edition. Additionally, this update contains stability
and performance improvements.
2013/08/27 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.157.530.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/08/26 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.157.426.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/08/25 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.157.371.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/08/24 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.157.330.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/08/23 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.157.260.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/08/22 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.157.164.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/08/21 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.157.109.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/08/20 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.157.4.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/08/19 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.155.2561.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/08/18 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.155.2526.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/08/17 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.155.2454.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/08/16 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.155.2386.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/08/15 Security Update for Windows 7 for x64-based Systems (KB2862966)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/08/15 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2844286)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/08/15 Cumulative Security Update for Internet Explorer 10 for Windows 7 Service Pack 1 for x64-based Systems (KB2862772)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/08/15 Update for Windows 7 for x64-based Systems (KB2863058)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
2013/08/15 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2840628)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/08/15 Security Update for Windows 7 for x64-based Systems (KB2803821)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/08/15 Security Update for Windows 7 for x64-based Systems (KB2849470)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/08/15 Windows Malicious Software Removal Tool x64 - August 2013 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
2013/08/15 Security Update for Windows 7 for x64-based Systems (KB2859537)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/08/15 Security Update for Windows 7 for x64-based Systems (KB2861855)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/08/15 Security Update for Windows 7 for x64-based Systems (KB2868623)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/08/14 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.155.2225.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/08/13 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.155.2132.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/08/12 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.155.2034.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/08/11 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.155.1994.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/08/10 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2840628)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/08/10 Security Update for Windows 7 for x64-based Systems (KB2845690)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/08/10 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2840631)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/08/10 Windows Malicious Software Removal Tool x64 - July 2013 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
2013/08/10 Security Update for Windows 7 for x64-based Systems (KB2847927)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/08/10 Security Update for Windows 7 for x64-based Systems (KB2845187)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/08/10 Security Update for Windows 7 for x64-based Systems (KB2803821)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/08/10 Cumulative Security Update for Internet Explorer 10 for Windows 7 Service Pack 1 for x64-based Systems (KB2846071)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/08/10 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2833946)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/08/10 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2835393)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/08/10 Security Update for Windows 7 for x64-based Systems (KB2839894)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/08/10 Security Update for Windows 7 for x64-based Systems (KB2850851)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/08/10 Update for Windows 7 for x64-based Systems (KB2808679)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
2013/08/10 Security Update for Windows 7 for x64-based Systems (KB2835364)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/08/10 Update for Windows 7 for x64-based Systems (KB2836502)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
2013/08/10 Security Update for Windows 7 for x64-based Systems (KB2813430)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/08/10 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2844286)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/08/10 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2832414)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/08/10 Security Update for Windows 7 for x64-based Systems (KB2834886)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/08/10 Security Update for Windows 7 for x64-based Systems (KB2835361)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/08/10 Update for Windows 7 for x64-based Systems (KB2834140)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
2013/07/29 Security Update for Microsoft Silverlight (KB2847559)
This security update to Silverlight includes fixes outlined in
KB 2847559. This update is backward compatible with web applications
built using previous versions of Silverlight.
2013/06/29 Security Update for Windows 7 for x64-based Systems (KB2845690)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/06/29 Broadcom - Bus Controllers and Ports - Broadcom 2046 Bluetooth 2.1+EDR USB Dongle with First Connect
Broadcom Bus Controllers and Ports software update released in
February, 2008
2013/06/29 Update for Windows 7 for x64-based Systems (KB2709981)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
2013/06/29 Update for Windows 7 for x64-based Systems (KB2574819)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
2013/06/29 Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2836942)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
2013/06/29 Update for Windows 7 for x64-based Systems (KB2592687)
The Remote Desktop Protocol 8.0 update enables you to use the
new Remote Desktop Services features. These features are introduced
in Windows 8 and in Windows Server 2012 and are available for
computers that are running Windows 7 Service Pack 1 or Windows
Server 2008 R2 Service Pack 1. After you install this item, you
may have to restart your computer.
2013/06/29 Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2836943)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
2013/06/29 Windows Malicious Software Removal Tool x64 - June 2013 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
2013/06/29 Cumulative Security Update for Internet Explorer 10 for Windows 7 Service Pack 1 for x64-based Systems (KB2838727)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/06/29 Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2836939)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
2013/06/29 Security Update for Windows 7 for x64-based Systems (KB2839894)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/06/29 Update for Internet Explorer 10 for Windows 7 Service Pack 1 for x64-based Systems (KB2859903)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
2013/06/29 Update for Windows 7 for x64-based Systems (KB2808679)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
2013/06/29 Update for Windows 7 for x64-based Systems (KB2836502)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
2013/06/29 Security Update for Windows 7 for x64-based Systems (KB2813430)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/06/29 Update for Windows 7 for x64-based Systems (KB2834140)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
2013/05/26 Security Update for Windows 7 for x64-based Systems (KB2830290)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/05/26 Security Update for Windows 7 for x64-based Systems (KB2813347)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/05/26 Update for Windows 7 for x64-based Systems (KB2820331)
Install this update to resolve a set of known application compatibility
issues with Windows. For a complete listing of the issues that
are included in this update, see the associated Microsoft Knowledge
Base article for more information. After you install this item,
you may have to restart your computer.
2013/05/26 Update for Windows 7 for x64-based Systems (KB2798162)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
2013/05/26 Update for Windows 7 for x64-based Systems (KB2813956)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
2013/05/26 Security Update for Windows 7 for x64-based Systems (KB2840149)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/05/26 Internet Explorer 10 for Windows 7 for x64-based Systems
Internet Explorer 10 is fast and fluid, and lets your websites
shine and perform just like native apps on your PC.
Internet
Explorer 10. Fast and fluid for Windows 7.
• Fast. Internet
Explorer 10 harnesses the untapped power of your PC, delivering
pages full of vivid graphics, smoother video, and interactive
content.
• Easy. Experience the web the way you want to with
pinned sites, built-in Spellcheck, and seamless integration with
your PC running Windows 7.
• Safer. Improved features like SmartScreen
Filter and Tracking Protection let you be more aware of threats
to your PC and your privacy.
2013/05/26 Security Update for Windows 7 for x64-based Systems (KB2829361)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/05/26 Update for Windows 7 for x64-based Systems (KB971033)
This update to Windows Activation Technologies detects activation
exploits and tampering to key Windows system files. These exploits
try to bypass regular Windows activation and are sometimes included
within counterfeit copies of Windows.
2013/05/26 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2804576)
A security issue has been identified that could allow an attacker
to misrepresent a system action or behavior without the knowledge
of the user. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
2013/05/26 Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2847204)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/05/26 Update for Windows 7 for x64-based Systems (KB2791765)
Install this update to resolve a set of known application compatibility
issues with Windows. For a complete listing of the issues that
are included in this update, see the associated Microsoft Knowledge
Base article for more information. After you install this item,
you may have to restart your computer.
2013/05/26 Definition Update for Windows Defender - KB915597 (Definition 1.151.798.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
2013/05/26 Cumulative Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2829530)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/05/26 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2804579)
A security issue has been identified that could allow an attacker
to misrepresent a system action or behavior without the knowledge
of the user. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
2013/05/26 Security Update for Microsoft Silverlight (KB2814124)
This security update to Silverlight includes fixes outlined in
KB 2814124. This update is backward compatible with web applications
built using previous versions of Silverlight.
2013/05/26 Update for Windows 7 for x64-based Systems (KB2799926)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
2013/05/26 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
This update provides the latest junk email and malicious links
filter definitions for Microsoft Office 2010 32-Bit Edition.
2013/05/26 Security Update for Windows 7 for x64-based Systems (KB2813170)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/05/26 Cumulative Security Update for ActiveX Killbits for Windows 7 for x64-based Systems (KB2820197)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
2013/04/08 Update for Windows 7 for x64-based Systems (KB971033)
This update to Windows Activation Technologies detects activation
exploits and tampering to key Windows system files. These exploits
try to bypass regular Windows activation and are sometimes included
within counterfeit copies of Windows.
2013/04/08 Security Update for Windows 7 for x64-based Systems (KB2807986)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
2013/04/08 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
This update provides the latest junk email and malicious links
filter definitions for Microsoft Office 2010 32-Bit Edition.
2013/04/08 Update for Windows 7 for x64-based Systems (KB971033)
This update to Windows Activation Technologies detects activation
exploits and tampering to key Windows system files. These exploits
try to bypass regular Windows activation and are sometimes included
within counterfeit copies of Windows.
2013/04/08 Update for Windows 7 for x64-based Systems (KB2791765)
Install this update to resolve a set of known application compatibility
issues with Windows. For a complete listing of the issues that
are included in this update, see the associated Microsoft Knowledge
Base article for more information. After you install this item,
you may have to restart your computer.
2013/04/08 Cumulative Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2809289)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
2013/04/08 Security Update for Microsoft Silverlight (KB2814124)
This security update to Silverlight includes fixes outlined in
KB 2814124. This update is backward compatible with web applications
built using previous versions of Silverlight.
2013/04/07 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.147.1251.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/04/07 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.147.1246.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/04/06 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.147.1205.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/04/05 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.147.1105.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/04/04 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.147.1017.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/04/03 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.147.933.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/04/02 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.147.868.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/04/01 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.147.815.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/03/31 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.147.783.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/03/31 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.147.781.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/03/30 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.147.746.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/03/29 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.147.700.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/03/28 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.147.626.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/03/27 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.147.552.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/03/26 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.147.471.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/03/25 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.147.385.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/03/24 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.147.356.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/03/24 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.147.354.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/03/23 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.147.305.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/03/22 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.147.212.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/03/21 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.147.139.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/03/20 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.147.40.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2013/03/19 Security Update for Windows 7 for x64-based Systems (KB2807986)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
System Folders
Path for burning CD C:\Users\Kyuubei\AppData\Local\Microsoft\Windows\Burn\Burn
Application Data C:\ProgramData
Public Desktop C:\Users\Public\Desktop
Documents C:\Users\Public\Documents
Global Favorites C:\Users\Kyuubei\Favorites
Music C:\Users\Public\Music
Pictures C:\Users\Public\Pictures
Start Menu Programs C:\ProgramData\Microsoft\Windows\Start Menu\Programs
Start Menu C:\ProgramData\Microsoft\Windows\Start Menu
Startup C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Templates C:\ProgramData\Microsoft\Windows\Templates
Videos C:\Users\Public\Videos
Cookies C:\Users\Kyuubei\AppData\Roaming\Microsoft\Windows\Cookies
Desktop C:\Users\Kyuubei\Desktop
Physical Desktop C:\Users\Kyuubei\Desktop
User Favorites C:\Users\Kyuubei\Favorites
Fonts C:\Windows\Fonts
Internet History C:\Users\Kyuubei\AppData\Local\Microsoft\Windows\History
Temporary Internet Files C:\Users\Kyuubei\AppData\Local\Microsoft\Windows\Temporary Internet Files
Local Application Data C:\Users\Kyuubei\AppData\Local
Windows Directory C:\Windows
Windows/System C:\Windows\system32
Program Files C:\Program Files
Services
Running AMD External Events Utility
Running AMD FUEL Service
Running Apple Mobile Device
Running Application Experience
Running avast! Antivirus
Running Background Intelligent Transfer Service
Running Base Filtering Engine
Running Bonjour Service
Running COM+ Event System
Running Cryptographic Services
Running DCOM Server Process Launcher
Running Desktop Window Manager Session Manager
Running DHCP Client
Running Diagnostic Policy Service
Running Diagnostic Service Host
Running Distributed Link Tracking Client
Running DNS Client
Running Encrypting File System (EFS)
Running Function Discovery Resource Publication
Running Group Policy Client
Running HP CUE DeviceDiscovery Service
Running HP Network Devices Support
Running IKE and AuthIP IPsec Keying Modules
Running IP Helper
Running LMIGuardianSvc
Running LogMeIn
Running LogMeIn Maintenance Service
Running Multimedia Class Scheduler
Running Network Connections
Running Network List Service
Running Network Location Awareness
Running Network Store Interface Service
Running Peer Name Resolution Protocol
Running Peer Networking Identity Manager
Running Plug and Play
Running Portable Device Enumerator Service
Running Power
Running Print Spooler
Running Program Compatibility Assistant Service
Running Remote Access Connection Manager
Running Remote Procedure Call (RPC)
Running RPC Endpoint Mapper
Running Secondary Logon
Running Secure Socket Tunneling Protocol Service
Running Security Accounts Manager
Running Security Center
Running Server
Running Shell Hardware Detection
Running Simple TCP/IP Services
Running SSDP Discovery
Running Superfetch
Running System Event Notification Service
Running Task Scheduler
Running TCP/IP NetBIOS Helper
Running Telephony
Running Themes
Running User Profile Service
Running Wacom Consumer Service
Running Windows Audio
Running Windows Audio Endpoint Builder
Running Windows Defender
Running Windows Driver Foundation - User-mode Driver Framework
Running Windows Event Log
Running Windows Firewall
Running Windows Font Cache Service
Running Windows Management Instrumentation
Running Windows Search
Running Windows Time
Running Windows Update
Running WMI Performance Adapter
Running Workstation
Stopped ActiveX Installer (AxInstSV)
Stopped Adaptive Brightness
Stopped Adobe Acrobat Update Service
Stopped Adobe Flash Player Update Service
Stopped Adobe LM Service
Stopped Adobe SwitchBoard
Stopped Application Identity
Stopped Application Information
Stopped Application Layer Gateway Service
Stopped Application Management
Stopped Arc Service
Stopped ASP.NET State Service
Stopped BitLocker Drive Encryption Service
Stopped Block Level Backup Engine Service
Stopped Bluetooth Support Service
Stopped BranchCache
Stopped Certificate Propagation
Stopped CNG Key Isolation
Stopped COM+ System Application
Stopped Computer Browser
Stopped Credential Manager
Stopped Diagnostic System Host
Stopped Disk Defragmenter
Stopped Distributed Transaction Coordinator
Stopped Extensible Authentication Protocol
Stopped Fax
Stopped FLEXnet Licensing Service
Stopped Function Discovery Provider Host
Stopped Google Update Service (gupdate)
Stopped Google Update Service (gupdatem)
Stopped Health Key and Certificate Management
Stopped HomeGroup Listener
Stopped HomeGroup Provider
Stopped hpqcxs08
Stopped Human Interface Device Access
Stopped Interactive Services Detection
Stopped Internet Connection Sharing (ICS)
Stopped iPod Service
Stopped IPsec Policy Agent
Stopped KtmRm for Distributed Transaction Coordinator
Stopped Link-Layer Topology Discovery Mapper
Stopped Media Center Extender Service
Stopped Microsoft .NET Framework NGEN v2.0.50727_X64
Stopped Microsoft .NET Framework NGEN v2.0.50727_X86
Stopped Microsoft .NET Framework NGEN v4.0.30319_X64
Stopped Microsoft .NET Framework NGEN v4.0.30319_X86
Stopped Microsoft iSCSI Initiator Service
Stopped Microsoft SharePoint Workspace Audit Service
Stopped Microsoft Software Shadow Copy Provider
Stopped Mozilla Maintenance Service
Stopped Net Driver HPZ12
Stopped Net.Msmq Listener Adapter
Stopped Net.Pipe Listener Adapter
Stopped Net.Tcp Listener Adapter
Stopped Net.Tcp Port Sharing Service
Stopped Netlogon
Stopped Network Access Protection Agent
Stopped Office Source Engine
Stopped Office Software Protection Platform
Stopped Offline Files
Stopped PandoraService
Stopped Parental Controls
Stopped Peer Networking Grouping
Stopped Performance Counter DLL Host
Stopped Performance Logs & Alerts
Stopped Pml Driver HPZ12
Stopped PnP-X IP Bus Enumerator
Stopped PNRP Machine Name Publication Service
Stopped Problem Reports and Solutions Control Panel Support
Stopped Protected Storage
Stopped Quality Windows Audio Video Experience
Stopped Remote Access Auto Connection Manager
Stopped Remote Desktop Configuration
Stopped Remote Desktop Services
Stopped Remote Desktop Services UserMode Port Redirector
Stopped Remote Procedure Call (RPC) Locator
Stopped Remote Registry
Stopped Routing and Remote Access
Stopped SAS Core Service
Stopped Skype Updater
Stopped Smart Card
Stopped Smart Card Removal Policy
Stopped SNMP Trap
Stopped Software Protection
Stopped SPP Notification Service
Stopped Tablet PC Input Service
Stopped Thread Ordering Server
Stopped TPM Base Services
Stopped UPnP Device Host
Stopped Virtual Disk
Stopped Volume Shadow Copy
Stopped WD Drive Manager Service
Stopped WebClient
Stopped Windows Activation Technologies Service
Stopped Windows Backup
Stopped Windows Biometric Service
Stopped Windows CardSpace
Stopped Windows Color System
Stopped Windows Connect Now - Config Registrar
Stopped Windows Error Reporting Service
Stopped Windows Event Collector
Stopped Windows Image Acquisition (WIA)
Stopped Windows Installer
Stopped Windows Live ID Sign-in Assistant
Stopped Windows Media Center Receiver Service
Stopped Windows Media Center Scheduler Service
Stopped Windows Media Player Network Sharing Service
Stopped Windows Modules Installer
Stopped Windows Presentation Foundation Font Cache 3.0.0.0
Stopped Windows Remote Management (WS-Management)
Stopped WinHTTP Web Proxy Auto-Discovery Service
Stopped Wired AutoConfig
Stopped WLAN AutoConfig
Stopped WWAN AutoConfig
Security Options
Accounts: Administrator account status Disabled
Accounts: Guest account status Disabled
Accounts: Limit local account use of blank passwords to console logon only Enabled
Accounts: Rename administrator account Administrator
Accounts: Rename guest account Guest
Audit: Audit the access of global system objects Disabled
Audit: Audit the use of Backup and Restore privilege Disabled
Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings Not Defined
Audit: Shut down system immediately if unable to log security audits Disabled
DCOM: Machine Access Restrictions in Security Descriptor Definition Language (SDDL) syntax Not Defined
DCOM: Machine Launch Restrictions in Security Descriptor Definition Language (SDDL) syntax Not Defined
Devices: Allow undock without having to log on Enabled
Devices: Allowed to format and eject removable media Not Defined
Devices: Prevent users from installing printer drivers Disabled
Devices: Restrict CD-ROM access to locally logged-on user only Not Defined
Devices: Restrict floppy access to locally logged-on user only Not Defined
Domain controller: Allow server operators to schedule tasks Not Defined
Domain controller: LDAP server signing requirements Not Defined
Domain controller: Refuse machine account password changes Not Defined
Domain member: Digitally encrypt or sign secure channel data (always) Enabled
Domain member: Digitally encrypt secure channel data (when possible) Enabled
Domain member: Digitally sign secure channel data (when possible) Enabled
Domain member: Disable machine account password changes Disabled
Domain member: Maximum machine account password age 30 days
Domain member: Require strong (Windows 2000 or later) session key Enabled
Interactive logon: Display user information when the session is locked Not Defined
Interactive logon: Do not display last user name Disabled
Interactive logon: Do not require CTRL+ALT+DEL Not Defined
Interactive logon: Message text for users attempting to log on
Interactive logon: Message title for users attempting to log on
Interactive logon: Number of previous logons to cache (in case domain controller is not available) 10 logons
Interactive logon: Prompt user to change password before expiration 5 days
Interactive logon: Require Domain Controller authentication to unlock workstation Disabled
Interactive logon: Require smart card Disabled
Interactive logon: Smart card removal behavior No Action
Microsoft network client: Digitally sign communications (always) Disabled
Microsoft network client: Digitally sign communications (if server agrees) Enabled
Microsoft network client: Send unencrypted password to third-party SMB servers Disabled
Microsoft network server: Amount of idle time required before suspending session 15 minutes
Microsoft network server: Digitally sign communications (always) Disabled
Microsoft network server: Digitally sign communications (if client agrees) Disabled
Microsoft network server: Disconnect clients when logon hours expire Enabled
Microsoft network server: Server SPN target name validation level Not Defined
Network access: Allow anonymous SID/Name translation Disabled
Network access: Do not allow anonymous enumeration of SAM accounts Enabled
Network access: Do not allow anonymous enumeration of SAM accounts and shares Disabled
Network access: Do not allow storage of passwords and credentials for network authentication Disabled
Network access: Let Everyone permissions apply to anonymous users Disabled
Network access: Named Pipes that can be accessed anonymously
Network access: Remotely accessible registry paths System\CurrentControlSet\Control\ProductOptions,System\CurrentControlSet\Control\Server Applications,Software\Microsoft\Windows NT\CurrentVersion
Network access: Remotely accessible registry paths and sub-paths System\CurrentControlSet\Control\Print\Printers,System\CurrentControlSet\Services\Eventlog,Software\Microsoft\OLAP Server,Software\Microsoft\Windows NT\CurrentVersion\Print,Software\Microsoft\Windows NT\CurrentVersion\Windows,System\CurrentControlSet\Control\ContentIndex,System\CurrentControlSet\Control\Terminal Server,System\CurrentControlSet\Control\Terminal Server\UserConfig,System\CurrentControlSet\Control\Terminal Server\DefaultUserConfiguration,Software\Microsoft\Windows NT\CurrentVersion\Perflib,System\CurrentControlSet\Services\SysmonLog
Network access: Restrict anonymous access to Named Pipes and Shares Enabled
Network access: Shares that can be accessed anonymously Not Defined
Network access: Sharing and security model for local accounts Classic - local users authenticate as themselves
Network security: Allow Local System to use computer identity for NTLM Not Defined
Network security: Allow LocalSystem NULL session fallback Not Defined
Network Security: Allow PKU2U authentication requests to this computer to use online identities Not Defined
Network security: Configure encryption types allowed for Kerberos Not Defined
Network security: Do not store LAN Manager hash value on next password change Enabled
Network security: Force logoff when logon hours expire Disabled
Network security: LAN Manager authentication level Not Defined
Network security: LDAP client signing requirements Negotiate signing
Network security: Minimum session security for NTLM SSP based (including secure RPC) clients Require 128-bit encryption
Network security: Minimum session security for NTLM SSP based (including secure RPC) servers Require 128-bit encryption
Network security: Restrict NTLM: Add remote server exceptions for NTLM authentication Not Defined
Network security: Restrict NTLM: Add server exceptions in this domain Not Defined
Network security: Restrict NTLM: Audit Incoming NTLM Traffic Not Defined
Network security: Restrict NTLM: Audit NTLM authentication in this domain Not Defined
Network security: Restrict NTLM: Incoming NTLM traffic Not Defined
Network security: Restrict NTLM: NTLM authentication in this domain Not Defined
Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers Not Defined
Recovery console: Allow automatic administrative logon Disabled
Recovery console: Allow floppy copy and access to all drives and all folders Disabled
Shutdown: Allow system to be shut down without having to log on Enabled
Shutdown: Clear virtual memory pagefile Disabled
System cryptography: Force strong key protection for user keys stored on the computer Not Defined
System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing Disabled
System objects: Require case insensitivity for non-Windows subsystems Enabled
System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links) Enabled
System settings: Optional subsystems Posix
System settings: Use Certificate Rules on Windows Executables for Software Restriction Policies Disabled
User Account Control: Admin Approval Mode for the Built-in Administrator account Disabled
User Account Control: Allow UIAccess applications to prompt for elevation without using the secure desktop Disabled
User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode Elevate without prompting
User Account Control: Behavior of the elevation prompt for standard users Prompt for credentials
User Account Control: Detect application installations and prompt for elevation Enabled
User Account Control: Only elevate executables that are signed and validated Disabled
User Account Control: Only elevate UIAccess applications that are installed in secure locations Enabled
User Account Control: Run all administrators in Admin Approval Mode Disabled
User Account Control: Switch to the secure desktop when prompting for elevation Disabled
User Account Control: Virtualize file and registry write failures to per-user locations Enabled
Device Tree
ACPI x64-based PC
Microsoft ACPI-Compliant System
AMD Athlon II X2 235e Processor
AMD Athlon II X2 235e Processor
System board
ACPI Power Button
Microsoft Windows Management Interface for ACPI
ACPI Fixed Feature Button
PCI bus
PCI standard RAM Controller
NVIDIA nForce PCI System Management
PCI standard RAM Controller
NVIDIA nForce 10/100 Mbps Ethernet
NVIDIA nForce Serial ATA Controller
PCI standard PCI-to-PCI bridge
PCI standard PCI-to-PCI bridge
PCI standard host CPU bridge
PCI standard host CPU bridge
PCI standard host CPU bridge
PCI standard host CPU bridge
PCI standard host CPU bridge
Motherboard resources
PCI standard ISA bridge
Programmable interrupt controller
Direct memory access controller
System timer
System CMOS/real time clock
System speaker
Numeric data processor
Motherboard resources
High precision event timer
Motherboard resources
Standard PS/2 Keyboard
Microsoft PS/2 Mouse
Motherboard resources
Standard OpenHCD USB Host Controller
USB Root Hub
USB Input Device
HID-compliant mouse
Standard Enhanced PCI to USB Host Controller
USB Root Hub
USB Mass Storage Device
Generic Compact Flash USB Device
Generic SD/MMC USB Device
Generic microSD USB Device
Generic MS/MS-PRO USB Device
Generic SM/xD-Picture USB Device
USB Mass Storage Device
WD My Book 1130 USB Device
WD SES Device
PCI standard PCI-to-PCI bridge
VIA 1394 OHCI Compliant Host Controller
VIA Rev 5 or later USB Universal Host Controller
USB Root Hub
VIA Rev 5 or later USB Universal Host Controller
USB Root Hub
VIA USB Enhanced Host Controller
USB Root Hub
High Definition Audio Controller
Realtek High Definition Audio
Standard Dual Channel PCI IDE Controller
ATA Channel 1
ATA Channel 0
WDC WD2000BB-00GUC0 ATA Device
NVIDIA nForce Serial ATA Controller
WDC WD50 00AAVS-00G9B SCSI Disk Device
ASUS DRW-24B1ST SCSI CdRom Device
PCI standard PCI-to-PCI bridge
AMD Radeon HD 6670
HP x20LED Series Wide LCD Monitor
High Definition Audio Controller
AMD High Definition Audio Device
CPU
AMD Athlon II X2 235
Cores 2
Threads 2
Name AMD Athlon II X2 235
Code Name Regor
Package Socket AM3 (938)
Technology 45nm
Specification AMD Athlon II X2 235e Processor
Family F
Extended Family 10
Model 6
Extended Model 6
Stepping 2
Revision DA-C2
Instructions MMX (+), 3DNow! (+), SSE, SSE2, SSE3, SSE4A, AMD 64
Virtualization Supported, Enabled
Hyperthreading Not supported
Fan Speed 1061 RPM
Bus Speed 188.6 MHz
Rated Bus Speed 754.4 MHz
Stock Core Speed 2700 MHz
Stock Bus Speed 200 MHz
Average Temperature 23 °C
Caches
L1 Data Cache Size 2 x 64 KBytes
L1 Instructions Cache Size 2 x 64 KBytes
L2 Unified Cache Size 2 x 1024 KBytes
Core 0
Core Speed 754.4 MHz
Multiplier x 4.0
Bus Speed 188.6 MHz
Rated Bus Speed 754.4 MHz
Temperature 23 °C
Thread 1
APIC ID 0
Core 1
Core Speed 754.4 MHz
Multiplier x 4.0
Bus Speed 188.6 MHz
Rated Bus Speed 754.4 MHz
Temperature 23 °C
Thread 1
APIC ID 1
RAM
Memory slots
Total memory slots 4
Used memory slots 4
Free memory slots 0
Memory
Type DDR2
Size 7168 MBytes
Channels # Dual
DRAM Frequency 314.3 MHz
CAS# Latency (CL) 5 clocks
RAS# to CAS# Delay (tRCD) 5 clocks
RAS# Precharge (tRP) 5 clocks
Cycle Time (tRAS) 15 clocks
Bank Cycle Time (tRC) 20 clocks
Command Rate (CR) 2T
Physical Memory
Memory Usage 32 %
Total Physical 7.00 GB
Available Physical 4.72 GB
Total Virtual 8.00 GB
Available Virtual 5.23 GB
SPD
Number Of SPD Modules 4
Slot #1
Type DDR2
Size 2048 MBytes
Manufacturer Team Group Inc.
Max Bandwidth PC2-6400 (400 MHz)
Part Number Team-Elite-800
Week/year 17 / 12
SPD Ext. EPP
JEDEC #2
Frequency 400.0 MHz
CAS# Latency 5.0
RAS# To CAS# 5
RAS# Precharge 5
tRAS 15
tRC 23
Voltage 1.800 V
JEDEC #1
Frequency 266.7 MHz
CAS# Latency 4.0
RAS# To CAS# 4
RAS# Precharge 4
tRAS 10
tRC 16
Voltage 1.800 V
Slot #2
Type DDR2
Size 2048 MBytes
Manufacturer Unknown
Max Bandwidth PC2-6400 (400 MHz)
SPD Ext. EPP
JEDEC #3
Frequency 400.0 MHz
CAS# Latency 5.0
RAS# To CAS# 5
RAS# Precharge 5
tRAS 18
tRC 23
Voltage 1.800 V
JEDEC #2
Frequency 266.7 MHz
CAS# Latency 4.0
RAS# To CAS# 4
RAS# Precharge 4
tRAS 12
tRC 16
Voltage 1.800 V
JEDEC #1
Frequency 200.0 MHz
CAS# Latency 3.0
RAS# To CAS# 3
RAS# Precharge 3
tRAS 9
tRC 12
Voltage 1.800 V
Slot #3
Type DDR2
Size 2048 MBytes
Manufacturer Unknown
Max Bandwidth PC2-6400 (400 MHz)
SPD Ext. EPP
JEDEC #3
Frequency 400.0 MHz
CAS# Latency 5.0
RAS# To CAS# 5
RAS# Precharge 5
tRAS 18
tRC 23
Voltage 1.800 V
JEDEC #2
Frequency 266.7 MHz
CAS# Latency 4.0
RAS# To CAS# 4
RAS# Precharge 4
tRAS 12
tRC 16
Voltage 1.800 V
JEDEC #1
Frequency 200.0 MHz
CAS# Latency 3.0
RAS# To CAS# 3
RAS# Precharge 3
tRAS 9
tRC 12
Voltage 1.800 V
Slot #4
Type DDR2
Size 1024 MBytes
Manufacturer Unknown
Max Bandwidth PC2-6400 (400 MHz)
Part Number GU341G0ALEPR6B2C6F
Week/year 38 / 09
SPD Ext. EPP
JEDEC #3
Frequency 400.0 MHz
CAS# Latency 6.0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 18
tRC 24
Voltage 1.800 V
JEDEC #2
Frequency 333.3 MHz
CAS# Latency 5.0
RAS# To CAS# 5
RAS# Precharge 5
tRAS 15
tRC 20
Voltage 1.800 V
JEDEC #1
Frequency 266.7 MHz
CAS# Latency 4.0
RAS# To CAS# 4
RAS# Precharge 4
tRAS 12
tRC 16
Voltage 1.800 V
Motherboard
Manufacturer eMachines
Model MCP61PM-GM (CPU 1)
Chipset Vendor NVIDIA
Chipset Model MCP61
Chipset Revision A3
Southbridge Vendor NVIDIA
Southbridge Model MCP61
Southbridge Revision A2
System Temperature 33 °C
BIOS
Brand AMI
Version P01-A0
Date 2009/08/13
Voltage
CPU CORE 1.296 V
MEMORY CONTROLLER 2.496 V
+3.3V 3.552 V
+5V 5.699 V
+12V 12.032 V
-5V (4.608) V
-12V (11.776) V
+5V HIGH THRESHOLD 4.865 V
CMOS BATTERY 3.248 V
PCI Data
Slot PCI-E
Slot Type PCI-E
Slot Usage In Use
Bus Width Unknown
Slot Designation PCIE
Slot Number 0
Slot PCI-E
Slot Type PCI-E
Slot Usage Available
Bus Width Unknown
Slot Designation PCIE
Slot Number 1
Slot PCI-E
Slot Type PCI-E
Slot Usage Available
Bus Width Unknown
Slot Designation PCIE
Slot Number 2
Slot PCI
Slot Type PCI
Slot Usage In Use
Bus Width 32 bit
Slot Designation PCI2
Slot Number 3
Graphics
Monitor
Name HP x20LED on AMD Radeon HD 6670
Current Resolution 1600x900 pixels
Work Resolution 1600x870 pixels
State enabled, primary, output devices support
Monitor Width 1600
Monitor Height 900
Monitor BPP 32 bits per pixel
Monitor Frequency 60 Hz
Device \\.\DISPLAY1\Monitor0
AMD Radeon HD 6670
GPU Turks
Device ID 1002-6758
Subvendor Gigabyte (1458)
Current Performance Level Level 1
Voltage 0.900 V
Die Size 118 mm²
Release Date Apr 19, 2011
DirectX Support 11.0
DirectX Shader Model 5.0
OpenGL Support 4.2
GPU Clock 0.0 MHz
Bios Core Clock 100.00
Bios Mem Clock 150.00
Driver version 12.104.0.0
BIOS Version 113-xxx-xxx
ROPs 32
Shaders 480 unified
Memory Type DDR3
Bus Width 64x2 (128 bit)
Noise Level Quiet
Max Power Draw 66 Watts
Count of performance levels : 1
Level 1
OpenGL
Version 4.2.12217 Compatibility Profile Context 12.104.0.0
Vendor ATI Technologies Inc.
Renderer AMD Radeon HD 6670
GLU Version 1.2.2.0 Microsoft Corporation
Values
GL_MAX_LIGHTS 8
GL_MAX_TEXTURE_SIZE 16384
GL_MAX_TEXTURE_STACK_DEPTH 10
GL Extensions
GL_AMDX_debug_output
GL_AMDX_vertex_shader_tessellator
GL_AMD_conservative_depth
GL_AMD_debug_output
GL_AMD_depth_clamp_separate
GL_AMD_draw_buffers_blend
GL_AMD_multi_draw_indirect
GL_AMD_name_gen_delete
GL_AMD_performance_monitor
GL_AMD_pinned_memory
GL_AMD_query_buffer_object
GL_AMD_sample_positions
GL_AMD_seamless_cubemap_per_texture
GL_AMD_shader_stencil_export
GL_AMD_shader_trace
GL_AMD_texture_cube_map_array
GL_AMD_texture_texture4
GL_AMD_transform_feedback3_lines_triangles
GL_AMD_vertex_shader_layer
GL_AMD_vertex_shader_tessellator
GL_AMD_vertex_shader_viewport_index
GL_ARB_ES2_compatibility
GL_ARB_ES3_compatibility
GL_ARB_arrays_of_arrays
GL_ARB_base_instance
GL_ARB_blend_func_extended
GL_ARB_clear_buffer_object
GL_ARB_color_buffer_float
GL_ARB_compatibility
GL_ARB_compressed_texture_pixel_storage
GL_ARB_compute_shader
GL_ARB_conservative_depth
GL_ARB_copy_buffer
GL_ARB_depth_buffer_float
GL_ARB_depth_clamp
GL_ARB_depth_texture
GL_ARB_draw_buffers
GL_ARB_draw_buffers_blend
GL_ARB_draw_elements_base_vertex
GL_ARB_draw_indirect
GL_ARB_draw_instanced
GL_ARB_explicit_attrib_location
GL_ARB_explicit_uniform_location
GL_ARB_fragment_coord_conventions
GL_ARB_fragment_layer_viewport
GL_ARB_fragment_program
GL_ARB_fragment_program_shadow
GL_ARB_fragment_shader
GL_ARB_framebuffer_object
GL_ARB_framebuffer_sRGB
GL_ARB_geometry_shader4
GL_ARB_get_program_binary
GL_ARB_gpu_shader5
GL_ARB_gpu_shader_fp64
GL_ARB_half_float_pixel
GL_ARB_half_float_vertex
GL_ARB_imaging
GL_ARB_instanced_arrays
GL_ARB_internalformat_query
GL_ARB_invalidate_subdata
GL_ARB_map_buffer_alignment
GL_ARB_map_buffer_range
GL_ARB_multi_draw_indirect
GL_ARB_multisample
GL_ARB_multitexture
GL_ARB_occlusion_query
GL_ARB_occlusion_query2
GL_ARB_pixel_buffer_object
GL_ARB_point_parameters
GL_ARB_point_sprite
GL_ARB_program_interface_query
GL_ARB_provoking_vertex
GL_ARB_sample_shading
GL_ARB_sampler_objects
GL_ARB_seamless_cube_map
GL_ARB_separate_shader_objects
GL_ARB_shader_atomic_counters
GL_ARB_shader_bit_encoding
GL_ARB_shader_image_load_store
GL_ARB_shader_image_size
GL_ARB_shader_objects
GL_ARB_shader_precision
GL_ARB_shader_stencil_export
GL_ARB_shader_storage_buffer_object
GL_ARB_shader_subroutine
GL_ARB_shader_texture_lod
GL_ARB_shading_language_100
GL_ARB_shading_language_420pack
GL_ARB_shading_language_packing
GL_ARB_shadow
GL_ARB_shadow_ambient
GL_ARB_stencil_texturing
GL_ARB_sync
GL_ARB_tessellation_shader
GL_ARB_texture_border_clamp
GL_ARB_texture_buffer_object
GL_ARB_texture_buffer_object_rgb32
GL_ARB_texture_buffer_range
GL_ARB_texture_compression
GL_ARB_texture_compression_bptc
GL_ARB_texture_compression_rgtc
GL_ARB_texture_cube_map
GL_ARB_texture_cube_map_array
GL_ARB_texture_env_add
GL_ARB_texture_env_combine
GL_ARB_texture_env_crossbar
GL_ARB_texture_env_dot3
GL_ARB_texture_float
GL_ARB_texture_gather
GL_ARB_texture_mirrored_repeat
GL_ARB_texture_multisample
GL_ARB_texture_non_power_of_two
GL_ARB_texture_query_levels
GL_ARB_texture_query_lod
GL_ARB_texture_rectangle
GL_ARB_texture_rg
GL_ARB_texture_rgb10_a2ui
GL_ARB_texture_snorm
GL_ARB_texture_storage
GL_ARB_texture_storage_multisample
GL_ARB_timer_query
GL_ARB_transform_feedback2
GL_ARB_transform_feedback3
GL_ARB_transform_feedback_instanced
GL_ARB_transpose_matrix
GL_ARB_uniform_buffer_object
GL_ARB_vertex_array_bgra
GL_ARB_vertex_array_object
GL_ARB_vertex_attrib_64bit
GL_ARB_vertex_buffer_object
GL_ARB_vertex_program
GL_ARB_vertex_shader
GL_ARB_vertex_type_2_10_10_10_rev
GL_ARB_viewport_array
GL_ARB_window_pos
GL_ATI_draw_buffers
GL_ATI_envmap_bumpmap
GL_ATI_fragment_shader
GL_ATI_separate_stencil
GL_ATI_texture_compression_3dc
GL_ATI_texture_env_combine3
GL_ATI_texture_float
GL_ATI_texture_mirror_once
GL_EXT_abgr
GL_EXT_bgra
GL_EXT_bindable_uniform
GL_EXT_blend_color
GL_EXT_blend_equation_separate
GL_EXT_blend_func_separate
GL_EXT_blend_minmax
GL_EXT_blend_subtract
GL_EXT_compiled_vertex_array
GL_EXT_copy_buffer
GL_EXT_copy_texture
GL_EXT_direct_state_access
GL_EXT_draw_buffers2
GL_EXT_draw_instanced
GL_EXT_draw_range_elements
GL_EXT_fog_coord
GL_EXT_framebuffer_blit
GL_EXT_framebuffer_multisample
GL_EXT_framebuffer_object
GL_EXT_framebuffer_sRGB
GL_EXT_geometry_shader4
GL_EXT_gpu_program_parameters
GL_EXT_gpu_shader4
GL_EXT_histogram
GL_EXT_multi_draw_arrays
GL_EXT_packed_depth_stencil
GL_EXT_packed_float
GL_EXT_packed_pixels
GL_EXT_pixel_buffer_object
GL_EXT_point_parameters
GL_EXT_provoking_vertex
GL_EXT_rescale_normal
GL_EXT_secondary_color
GL_EXT_separate_specular_color
GL_EXT_shader_image_load_store
GL_EXT_shadow_funcs
GL_EXT_stencil_wrap
GL_EXT_subtexture
GL_EXT_texgen_reflection
GL_EXT_texture3D
GL_EXT_texture_array
GL_EXT_texture_buffer_object
GL_EXT_texture_compression_bptc
GL_EXT_texture_compression_latc
GL_EXT_texture_compression_rgtc
GL_EXT_texture_compression_s3tc
GL_EXT_texture_cube_map
GL_EXT_texture_edge_clamp
GL_EXT_texture_env_add
GL_EXT_texture_env_combine
GL_EXT_texture_env_dot3
GL_EXT_texture_filter_anisotropic
GL_EXT_texture_integer
GL_EXT_texture_lod
GL_EXT_texture_lod_bias
GL_EXT_texture_mirror_clamp
GL_EXT_texture_object
GL_EXT_texture_rectangle
GL_EXT_texture_sRGB
GL_EXT_texture_sRGB_decode
GL_EXT_texture_shared_exponent
GL_EXT_texture_snorm
GL_EXT_texture_storage
GL_EXT_texture_swizzle
GL_EXT_timer_query
GL_EXT_transform_feedback
GL_EXT_vertex_array
GL_EXT_vertex_array_bgra
GL_EXT_vertex_attrib_64bit
GL_IBM_texture_mirrored_repeat
GL_KTX_buffer_region
GL_NV_blend_square
GL_NV_conditional_render
GL_NV_copy_depth_to_color
GL_NV_copy_image
GL_NV_explicit_multisample
GL_NV_float_buffer
GL_NV_half_float
GL_NV_primitive_restart
GL_NV_texgen_reflection
GL_NV_texture_barrier
GL_SGIS_generate_mipmap
GL_SGIS_texture_edge_clamp
GL_SGIS_texture_lod
GL_SUN_multi_draw_arrays
GL_WIN_swap_hint
WGL_EXT_swap_control
GL_EXT_bgra
Hard Drives
WDC WD2000BB-00GUC0 ATA Device
Manufacturer Western Digital
Business Unit/Brand Enterprise/WD RE3; WD RE2 (3-platter)
Heads 16
Cylinders 16,383
Device type Fixed
ATA Standard ATA/ATAPI-6
Serial Number WD-WCAL78633726
LBA Size 48-bit LBA
Power On Count 1651 times
Power On Time 898.8 days
Features S.M.A.R.T., AAM
Transfer Mode Ultra DMA/100
Interface PATA
Capacity 186GB
Real size 200,049,647,616 bytes
RAID Type None
S.M.A.R.T
01 Read Error Rate 200 (200 worst) Data 0000000000
03 Spin-Up Time 155 (123) Data 00000012A7
04 Start/Stop Count 099 (099) Data 00000007B5
05 Reallocated Sectors Count 200 (200) Data 0000000000
07 Seek Error Rate 200 (200) Data 0000000000
09 Power-On Hours (POH) 071 (071) Data 0000005442
0A Spin Retry Count 100 (100) Data 0000000000
0B Recalibration Retries 100 (100) Data 0000000000
0C Device Power Cycle Count 099 (099) Data 0000000673
C2 Temperature 110 (081) Data 0000000028
C4 Reallocation Event Count 200 (200) Data 0000000000
C5 Current Pending Sector Count 200 (200) Data 0000000000
C6 Uncorrectable Sector Count 200 (200) Data 0000000000
C7 UltraDMA CRC Error Count 200 (253) Data 0000000000
C8 Write Error Rate / Multi-Zone Error Rate 200 (200) Data 0000000000
Temperature 40 °C
Temperature Range ok (less than 50 °C)
Status Good
Partition 0
Partition ID Disk #0, Partition #0
Disk Letter C:
File System NTFS
Volume Serial Number A0AC6CF0
Size 186GB
Used Space 134GB (72%)
Free Space 52GB (28%)
WDC WD50 00AAVS-00G9B SCSI Disk Device
Manufacturer Western Digital
Business Unit/Brand Desktop/WD Caviar
RPM/Buffer Size or Attribute 5400 RPM with 8 MB cache (Mobile)
Interface/Connector SATA 3 Gb/s with 22-pin SATA connector/SATA 1.5 Gb/s with 22-pin SATA connector (Mobile)
Interface ATA
Capacity 466GB
Real size 500,107,862,016 bytes
RAID Type None
S.M.A.R.T
S.M.A.R.T not supported
Partition 0
Partition ID Disk #1, Partition #0
Size 100 MB
Partition 1
Partition ID Disk #1, Partition #1
Disk Letter D:
File System NTFS
Volume Serial Number 70DFF484
Size 466GB
Used Space 390GB (84%)
Free Space 75GB (16%)
Optical Drives
ASUS DRW-24B1ST SCSI CdRom Device
Media Type DVD Writer
Name ASUS DRW-24B1ST SCSI CdRom Device
Availability Running/Full Power
Capabilities Random Access, Supports Writing, Supports Removable Media
Config Manager Error Code Device is working properly
Config Manager User Config FALSE
Drive E:
Media Loaded FALSE
SCSI Bus 1
SCSI Logical Unit 0
SCSI Port 3
SCSI Target Id 1
Status OK
Audio
Sound Cards
Screaming Bee Audio
ManyCam Virtual Microphone
AMD High Definition Audio Device
Realtek High Definition Audio
Playback Device
Speakers (Realtek High Definition Audio)
Recording Devices
Aux (Realtek High Definition Audio)
Microphone (Screaming Bee Audio) (default)
Microphone (ManyCam Virtual Microphone)
Speaker Configuration
Speaker type Stereo
Peripherals
Standard PS/2 Keyboard
Device Kind Keyboard
Device Name Standard PS/2 Keyboard
Vendor (Standard keyboards)
Location plugged into keyboard port
Driver
Date 6-21-2006
Version 6.1.7601.17514
File C:\Windows\system32\DRIVERS\i8042prt.sys
File C:\Windows\system32\DRIVERS\kbdclass.sys
Microsoft PS/2 Mouse
Device Kind Mouse
Device Name Microsoft PS/2 Mouse
Vendor Microsoft
Location plugged into PS/2 mouse port
Driver
Date 6-21-2006
Version 6.1.7600.16385
File C:\Windows\system32\DRIVERS\i8042prt.sys
File C:\Windows\system32\DRIVERS\mouclass.sys
HID-compliant mouse
Device Kind Mouse
Device Name HID-compliant mouse
Vendor PixArt Imaging
Location USB Input Device
Driver
Date 6-21-2006
Version 6.1.7600.16385
File C:\Windows\system32\DRIVERS\mouhid.sys
File C:\Windows\system32\DRIVERS\mouclass.sys
Photosmart C4700 series
Device Kind Camera/scanner
Device Name Photosmart C4700 series
Vendor HP
Location ip:192.168.42.142,subnet:192.168.42.0/24
Driver
Date 12-10-2008
Version 8.0.0.0
File \SystemRoot\system32\drivers\serscan.sys
Disk drive
Device Kind USB storage
Device Name Disk drive
Vendor GENERIC
Comment Generic microSD USB Device
Location USB Mass Storage Device
Driver
Date 6-21-2006
Version 6.1.7600.16385
File C:\Windows\system32\DRIVERS\disk.sys
Disk drive
Device Kind USB storage
Device Name Disk drive
Vendor WD
Comment WD My Book 1130 USB Device
Location USB Mass Storage Device
Driver
Date 6-21-2006
Version 6.1.7600.16385
File C:\Windows\system32\DRIVERS\disk.sys
Disk drive
Device Kind USB storage
Device Name Disk drive
Vendor GENERIC
Comment Generic MS/MS-PRO USB Device
Location USB Mass Storage Device
Driver
Date 6-21-2006
Version 6.1.7600.16385
File C:\Windows\system32\DRIVERS\disk.sys
Disk drive
Device Kind USB storage
Device Name Disk drive
Vendor GENERIC
Comment Generic SD/MMC USB Device
Location USB Mass Storage Device
Driver
Date 6-21-2006
Version 6.1.7600.16385
File C:\Windows\system32\DRIVERS\disk.sys
Disk drive
Device Kind USB storage
Device Name Disk drive
Vendor GENERIC
Comment Generic SM/xD-Picture USB Device
Location USB Mass Storage Device
Driver
Date 6-21-2006
Version 6.1.7600.16385
File C:\Windows\system32\DRIVERS\disk.sys
Disk drive
Device Kind USB storage
Device Name Disk drive
Vendor GENERIC
Comment Generic Compact Flash USB Device
Location USB Mass Storage Device
Driver
Date 6-21-2006
Version 6.1.7600.16385
File C:\Windows\system32\DRIVERS\disk.sys
SM/xD-Picture
Device Kind Portable Device
Device Name SM/xD-Picture
Vendor GENERIC
Comment K:\
Location UMBus Enumerator
Driver
Date 6-21-2006
Version 6.1.7600.16385
File system32\DRIVERS\WUDFRd.sys
Compact Flash
Device Kind Portable Device
Device Name Compact Flash
Vendor GENERIC
Comment G:\
Location UMBus Enumerator
Driver
Date 6-21-2006
Version 6.1.7600.16385
File system32\DRIVERS\WUDFRd.sys
microSD
Device Kind Portable Device
Device Name microSD
Vendor GENERIC
Comment I:\
Location UMBus Enumerator
Driver
Date 6-21-2006
Version 6.1.7600.16385
File system32\DRIVERS\WUDFRd.sys
MS/MS-PRO
Device Kind Portable Device
Device Name MS/MS-PRO
Vendor GENERIC
Comment J:\
Location UMBus Enumerator
Driver
Date 6-21-2006
Version 6.1.7600.16385
File system32\DRIVERS\WUDFRd.sys
SD/MMC
Device Kind Portable Device
Device Name SD/MMC
Vendor GENERIC
Comment H:\
Location UMBus Enumerator
Driver
Date 6-21-2006
Version 6.1.7600.16385
File system32\DRIVERS\WUDFRd.sys
Printers
Adobe PDF
Printer Port Documents\*.pdf
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 1200 * 1200 dpi Color
Status Unknown
Driver
Driver Name Adobe PDF Converter (v6.00)
Driver Path C:\Windows\system32\spool\DRIVERS\x64\3\PSCRIPT5.DLL
Foxit Reader PDF Printer
Printer Port FOXIT_Reader:
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 300 * 300 dpi Color
Status Unknown
Driver
Driver Name Foxit Reader PDF Printer Driver (v4.01)
Driver Path C:\Windows\system32\spool\DRIVERS\x64\3\frdvpr_drv.dll
HP Photosmart C4700 series
Share Name HP Photosmart C4700 series
Printer Port HP_192.168.1.2_CN07UM217205HD
Print Processor hpfpp70v
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Color
Status Unknown
Driver
Driver Name HP Photosmart C4700 series (v6.00)
Driver Path C:\Windows\system32\spool\DRIVERS\x64\3\UNIDRV.DLL
HP Photosmart C4700 series (Copy 1) (Default Printer)
Printer Port USB001
Print Processor hpfpp70v
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Color
Status Unknown
Driver
Driver Name HP Photosmart C4700 series (v6.00)
Driver Path C:\Windows\system32\spool\DRIVERS\x64\3\UNIDRV.DLL
PDFCreator
Printer Port PDFCreator:
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Color
Status Unknown
Driver
Driver Name PDFCreator (v6.00)
Driver Path C:\Windows\system32\spool\DRIVERS\x64\3\PSCRIPT5.DLL
Network
You are connected to the internet
Connected through NVIDIA nForce 10/100 Mbps Ethernet
IP Address 192.168.1.4
Subnet mask 255.255.255.0
Gateway server 192.168.1.1
Preferred DNS server 192.168.1.1
DHCP Enabled
DHCP server 192.168.1.1
External IP Address 68.197.117.80
Adapter Type Ethernet
NetBIOS over TCP/IP Enabled via DHCP
NETBIOS Node Type Hybrid node
Link Speed 20.5 KBps
Computer Name
NetBIOS Name MEGUCA
DNS Name Meguca
Membership Part of workgroup
Workgroup WORKGROUP
Remote Desktop
Disabled
Console
State Active
Domain Meguca
WinInet Info
LAN Connection
Local system uses a local area network to connect to the Internet
Local system has RAS to connect to the Internet
Wi-Fi Info
Wi-Fi not enabled
WinHTTPInfo
WinHTTPSessionProxyType No proxy
Session Proxy
Session Proxy Bypass
Connect Retries 5
Connect Timeout (ms) 60,000
HTTP Version HTTP 1.1
Max Connects Per 1.0 Servers INFINITE
Max Connects Per Servers INFINITE
Max HTTP automatic redirects 10
Max HTTP status continue 10
Send Timeout (ms) 30,000
IEProxy Auto Detect No
IEProxy Auto Config
IEProxy
IEProxy Bypass
Default Proxy Config Access Type No proxy
Default Config Proxy
Default Config Proxy Bypass
Sharing and Discovery
Network Discovery Disabled
File and Printer Sharing Disabled
File and printer sharing service Enabled
Simple File Sharing Enabled
Administrative Shares Enabled
Network access: Sharing and security model for local accounts Classic - local users authenticate as themselves
Adapters List
Spotflux Virtual Network Device Driver
IP Address 0.0.0.0
Subnet mask 0.0.0.0
Gateway server 0.0.0.0
NVIDIA nForce 10/100 Mbps Ethernet
IP Address 192.168.1.4
Subnet mask 255.255.255.0
Gateway server 192.168.1.1
Network Shares
D D:\
K K:\
E E:\
TORRENTS D:\TORRENTS
Current TCP Connections
AppleMobileDeviceService.exe (1996)
Local 127.0.0.1:27015 LISTEN
Local 127.0.0.1:49156 ESTABLISHED Remote 127.0.0.1:5354 (Querying... )
AvastSvc.exe (1448)
Local 0.0.0.0:12563 LISTEN
Local 127.0.0.1:12993 LISTEN
Local 127.0.0.1:12995 LISTEN
Local 127.0.0.1:27275 LISTEN
Local 192.168.1.4:49162 ESTABLISHED Remote 77.234.41.53:80 (Querying... ) (HTTP)
Local 0.0.0.0:12025 LISTEN
Local 0.0.0.0:12110 LISTEN
Local 0.0.0.0:12119 LISTEN
Local 0.0.0.0:12143 LISTEN
Local 0.0.0.0:12465 LISTEN
Local 192.168.1.4:50845 ESTABLISHED Remote 173.194.43.19:80 (Querying... ) (HTTP)
Local 0.0.0.0:12993 LISTEN
Local 0.0.0.0:12995 LISTEN
Local 0.0.0.0:27275 LISTEN
Local 127.0.0.1:12025 LISTEN
Local 127.0.0.1:12080 LISTEN
Local 127.0.0.1:12080 ESTABLISHED Remote 127.0.0.1:50844 (Querying... )
Local 127.0.0.1:12110 LISTEN
Local 127.0.0.1:12119 LISTEN
Local 127.0.0.1:12143 LISTEN
Local 127.0.0.1:12465 LISTEN
Local 127.0.0.1:12563 LISTEN
C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (3704)
Local 127.0.0.1:49178 ESTABLISHED Remote 127.0.0.1:2002 (Querying... )
C:\Program Files (x86)\uTorrent\uTorrent.exe (1300)
Local 127.0.0.1:10000 LISTEN
Local 0.0.0.0:48603 LISTEN
C:\Program Files\AVAST Software\Avast\AvastUI.exe (3496)
Local 192.168.1.4:50092 CLOSE-WAIT Remote 167.206.145.40:80 (Querying... ) (HTTP)
C:\Users\Kyuubei\AppData\Local\Google\Chrome\Application\chrome.exe (4292)
Local 127.0.0.1:50844 ESTABLISHED Remote 127.0.0.1:12080 (Querying... )
Local 192.168.1.4:50528 ESTABLISHED Remote 204.154.94.81:443 (Querying... ) (HTTPS)
LogMeIn.exe (2352)
Local 0.0.0.0:2002 LISTEN
Local 192.168.1.4:49158 ESTABLISHED Remote 64.94.18.162:443 (Querying... ) (HTTPS)
Local 192.168.1.4:50771 ESTABLISHED Remote 64.94.18.162:443 (Querying... ) (HTTPS)
Local 192.168.1.4:50773 ESTABLISHED Remote 64.94.18.162:443 (Querying... ) (HTTPS)
Local 192.168.1.4:50774 ESTABLISHED Remote 64.94.18.162:443 (Querying... ) (HTTPS)
Local 192.168.1.4:50837 ESTABLISHED Remote 64.94.18.162:443 (Querying... ) (HTTPS)
Local 192.168.1.4:50839 ESTABLISHED Remote 64.94.18.162:443 (Querying... ) (HTTPS)
Local 127.0.0.1:2002 ESTABLISHED Remote 127.0.0.1:49178 (Querying... )
Local 192.168.1.4:50772 ESTABLISHED Remote 64.94.18.162:443 (Querying... ) (HTTPS)
System Process
Local 192.168.1.4:50840 TIME-WAIT Remote 64.94.18.162:443 (Querying... ) (HTTPS)
Local 192.168.1.4:50848 TIME-WAIT Remote 188.121.41.119:80 (Querying... ) (HTTP)
System Process
Local 192.168.1.4:49177 ESTABLISHED Remote 192.168.1.2:445 (Querying... ) (Windows shares)
Local 0.0.0.0:445 (Windows shares) LISTEN
Local 192.168.1.4:139 (NetBIOS session service) LISTEN
Local 0.0.0.0:5357 LISTEN
TCPSVCS.EXE (2120)
Local 0.0.0.0:9 LISTEN
Local 0.0.0.0:13 LISTEN
Local 0.0.0.0:17 LISTEN
Local 0.0.0.0:19 LISTEN
Local 0.0.0.0:7 LISTEN
lsass.exe (744)
Local 0.0.0.0:49154 LISTEN
mDNSResponder.exe (2044)
Local 127.0.0.1:5354 ESTABLISHED Remote 127.0.0.1:49156 (Querying... )
Local 127.0.0.1:5354 LISTEN
services.exe (684)
Local 0.0.0.0:49159 LISTEN
svchost.exe (1052)
Local 0.0.0.0:49155 LISTEN
svchost.exe (464)
Local 0.0.0.0:49153 LISTEN
svchost.exe (956)
Local 0.0.0.0:135 (DCE) LISTEN
wininit.exe (624)
Local 0.0.0.0:49152 LISTEN

Edited by RKinner, 14 November 2013 - 11:27 AM.

#12
RKinner

Posted 14 November 2013 - 11:38 AM

Malware Expert

Expert
24,625 posts

I updated my driver, but the search indexing had no 'restore' option. Did you mean rebuild?

Probably. I copied it from a Microsoft site but it might have been a bit out of date.

You really should uninstall:

Java Runtime Environment
Path C:\Program Files (x86)\Java\jre6\bin\java.exe
Version 6.0
Update 30
Build 12
Java Runtime Environment
Path C:\Program Files (x86)\Java\jre7\bin\java.exe
Version 7.0
Update 17
Build 02

They are out of date and dangerous. Java has been very vulnerable to infection so unless you absolutely need it you should not reinstall it.

If you feel you must have Java:
Get the latest Java at:
http://www.java.com/en/

Save it to your PC then close all browsers and install it. Do not let it install the yahoo toolbar or other foistware.
Once installed, go into Control Panel, Java, Security and set the slider to the Highest then OK.

(If you also want the 64 bit version then use the 64 bit version of IE to get it.)

I would go to the PC Maker's website and see if they have a new BIOS and/or Chipset software. Would not hurt to also update your video at the same time. IF you are not comfortable with the website, give me the PC make and model and I will look for you.

Your temps look suspiciously low. Get Speedfan:

Try speedfan
http://www.filehippo...nload_speedfan/

Download, save and Install it (Win 7 or Vista right click and Run As Admin.) then run it.

It will tell you your temps in real time. Leave it up while you do a scan or watch a video and see if things get hot.

#13
faburizu

Posted 14 November 2013 - 03:06 PM

Member

Topic Starter
Member
35 posts

Okay, Java is uninstalled. I already have speedfan so I ran it while watching a youtube video in 1080p and none of the temps got any higher than 49 and even that one was at least 10 degrees higher than the rest. I have an eMachines computer and there is no new BIOS/chipset driver.

I opened up a folder of pictures, and my CPU is at 100 again. Should I run a particular test WHILE my CPU is like this, to see if it's malware? (If so, the scan will probably take 10x as long to complete). If not (and I did suspect that this problem may not be due to malware, but what else could it be?), what do you think my next step might be? It's incredibly annoying to be searching for a particular photo on my computer only to be completely slowed down to a crawl until I start and re-start explorer.

Thank you so much for all of your help thus far.

Edit: I forgot to add, pressing ctrl+alt+del is still not bringing up task manager, I have to manually right-click on the task bar.

More edits: I will also add that while shutting down and restarting explorer. exe and never opening a folder with photo thumbnails again) does remedy the problem, explorer.exe the process itself is only using about 50k memory, nothing too obnoxious (not sure if that helps).

What happened with the Avast boot time scan? I don't think it ever ran for longer than a few minutes.

I ran Malwarebytes, which I don't think you guys use here anymore but I remember you used to. It caught 16 or so PUP files that I removed but the problem remains.

Posted Image

Edited by faburizu, 14 November 2013 - 03:47 PM.

#14
RKinner

Posted 14 November 2013 - 03:51 PM

Malware Expert

Expert
24,625 posts

Get Process Explorer

http://live.sysinter...com/procexp.exe
Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures

Click twice on the CPU column header to sort things by CPU usage with the big hitters at the top.

Wait a full minute then:

File, Save As, Save. Open the file Procexp.txt on your desktop and copy and paste the text to a reply.

Does Explorer hang up when you change the folder options to show you details instead of icons?

Is there a desktop.ini file in the folder? Is there a cache.db file? (I assume your PC is set to show you system hidden files but just in case:

Open the Control Panel menu and click Folder Options.
After the new window appears select the View tab.
Put a checkmark in the checkbox labeled Display the contents of system folders.
Under the Hidden files and folders section select the radio button labeled Show hidden files and folders.
Remove the checkmark from the checkbox labeled Hide file extensions for known file types.
Remove the checkmark from the checkbox labeled Hide protected operating system files.
Press the Apply button and then the OK button
)

Open desktop.ini if it's present and copy and paste the text into a reply. If you see a cache.db file just delete it. If you can't delete it then give the full path to the folder and we can use OTL to get rid of it.

Sometimes it helps to use ShellExView:

http://www.nirsoft.n...s/shexview.html

Use this download:
http://www.nirsoft.n...xview_setup.exe
Save it and then right click on it and Run As Admin.
Once you get it installed, run it (right click on it and Run As Admin) and look in the third or fourth column from the RIGHT. It should say MICROSOFT. Click once or twice on MICROSOFT so that items with NO are at the top.
Select all of the NO items and then click on the red led looking icon in the upper left. This should disable all of the non-microsoft additions to Explorer. Reboot (or close Explorer and Restart it) and see if you still have the problem.

#15
faburizu

Posted 14 November 2013 - 05:04 PM

Member

Topic Starter
Member
35 posts

Okay, I have come to a conclusion which greatly narrows down our search. I'm not going to do anything until I hear back from you.

I have come to the conclusion that this only happens on my drive D:\ which is a secondary HD in my computer that is a larger size and subsequently, where I store the majority of my pictures/videos/media. This only seems to happen there. I have much less photos/videos in "My Pictures" on my C:\ drive, and it does not happen there, even in a large folder of pictures (say, wallpapers, which is pretty much the only images I keep on my C:\ drive).

(And shift+ctrl+esc opens task manager fine).

Explorer.exe goes up to 100% when:

I view folders (folders themselves, not even the inside of them) as extra large thumbnails, large thumbnails, medium icons, tiles.

It does not happen with list, detail or content.

It also does not happen on my C:\ drive OR on my external drive (F:\).

There is also no desktop.ini that I could find and I made sure hidden files are showing.

Here is the system idle process:

Process PID CPU Private Bytes Working Set Description Company Name Verified Signer
explorer.exe 3564 73.01 151,036 K 110,672 K Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
procexp64.exe 2668 15.40 43,576 K 56,372 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Sysinternals
svchost.exe 464 2.11 199,524 K 200,292 K Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
dwm.exe 3524 1.77 32,124 K 32,924 K Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
Interrupts n/a 1.59 0 K 0 K Hardware Interrupts and DPCs
System 4 1.48 108 K 324 K
dllhost.exe 4764 1.28 2,036 K 5,732 K COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
csrss.exe 660 0.82 2,776 K 14,364 K Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
minibin.exe 4044 0.54 2,468 K 7,288 K The free recycle bin for your system tray area. Mike Edward Moras (e-sushi™) (No signature was present in the subject) Mike Edward Moras (e-sushi™)
lsass.exe 708 0.39 4,296 K 11,700 K Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2332 0.37 39,232 K 25,988 K Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
uTorrent.exe 3996 0.23 55,524 K 59,356 K µTorrent BitTorrent, Inc. (Verified) BitTorrent Inc
AvastSvc.exe 1432 0.19 55,560 K 2,004 K avast! Service AVAST Software (Verified) AVAST Software a.s.
svchost.exe 972 0.14 4,716 K 8,560 K Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
CUITX4.exe 156 0.12 4,100 K 10,524 K CPU Usage In Tray X4 Edgemeal (No signature was present in the subject) Edgemeal
chrome.exe 5032 0.09 147,208 K 163,480 K Google Chrome Google Inc. (Verified) Google Inc
Pen_Tablet.exe 3616 0.08 11,828 K 21,296 K Tablet Service for consumer driver Wacom Technology, Corp. (Verified) Wacom Technology Corp.
svchost.exe 880 0.07 4,652 K 9,604 K Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
AvastUI.exe 1536 0.05 25,348 K 26,804 K avast! Antivirus AVAST Software (Verified) AVAST Software a.s.
chrome.exe 5084 0.04 82,416 K 73,944 K Google Chrome Google Inc. (Verified) Google Inc
LogMeInSystray.exe 3852 0.04 4,408 K 12,760 K LogMeIn Desktop Application LogMeIn, Inc. (Verified) LogMeIn
svchost.exe 1300 0.03 14,972 K 16,420 K Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
taskhost.exe 3344 0.02 7,696 K 11,404 K Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
CCC.exe 3784 0.02 107,120 K 24,784 K Catalyst Control Center: Host application ATI Technologies Inc. (No signature was present in the subject) ATI Technologies Inc.
svchost.exe 1076 0.02 49,024 K 53,260 K Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
LogMeIn.exe 2376 0.01 17,480 K 21,456 K LogMeIn LogMeIn, Inc. (Verified) LogMeIn
MOM.exe 1340 0.01 24,104 K 6,556 K Catalyst Control Center: Monitoring program Advanced Micro Devices Inc. (No signature was present in the subject) Advanced Micro Devices Inc.
chrome.exe 4956 0.01 64,768 K 70,352 K Google Chrome Google Inc. (Verified) Google Inc
svchost.exe 1044 0.01 7,068 K 12,740 K Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2084 < 0.01 4,016 K 8,208 K Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
AppleMobileDeviceService.exe 1328 < 0.01 3,068 K 9,472 K MobileDeviceService Apple Inc. (Verified) Apple Inc.
chrome.exe 2960 < 0.01 63,820 K 74,092 K Google Chrome Google Inc. (Verified) Google Inc
csrss.exe 556 < 0.01 2,216 K 4,672 K Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
Pen_TouchUser.exe 3664 < 0.01 4,404 K 11,344 K Touch User Mode Driver Wacom Technology, Corp. (Verified) Wacom Technology Corp.
SearchIndexer.exe 1592 < 0.01 24,284 K 13,596 K Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
LMIGuardianSvc.exe 1656 < 0.01 3,040 K 6,940 K LMIGuardianSvc LogMeIn, Inc. (Verified) LogMeIn
spoolsv.exe 1740 < 0.01 14,488 K 22,464 K Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
System Idle Process 0 < 0.01 0 K 24 K
WUDFHost.exe 2936 2,104 K 6,176 K Windows Driver Foundation - User-mode Driver Framework Host Process Microsoft Corporation (Verified) Microsoft Windows
wuauclt.exe 384 1,980 K 6,320 K Windows Update Microsoft Corporation (Verified) Microsoft Windows
WTabletServiceCon.exe 1240 1,596 K 4,816 K Tablet Service Wacom Technology, Corp. (Verified) Wacom Technology Corp.
winlogon.exe 796 2,876 K 7,300 K Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows
wininit.exe 628 1,464 K 4,480 K Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows
WacomHost.exe 3596 1,436 K 5,996 K Wacom Load Agent Wacom Technology (Verified) Wacom Technology Corp.
TCPSVCS.EXE 2120 1,796 K 4,592 K TCP/IP Services Application Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 560 22,964 K 19,856 K Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1788 9,036 K 11,848 K Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2040 1,920 K 6,272 K Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 988 4,796 K 8,892 K Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2264 3,872 K 7,400 K Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
smss.exe 412 540 K 1,196 K Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows
services.exe 684 5,992 K 12,372 K Services and Controller app Microsoft Corporation (Verified) Microsoft Windows
ramaint.exe 1360 2,356 K 5,248 K LogMeIn Maintenance Service LogMeIn, Inc. (Verified) LogMeIn
procexp.exe 4464 2,348 K 7,648 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
Pen_TabletUser.exe 3584 1,756 K 5,384 K Tablet user module for consumer driver Wacom Technology, Corp. (Verified) Wacom Technology Corp.
mDNSResponder.exe 1896 2,132 K 5,676 K Bonjour Service Apple Inc. (Verified) Apple Inc.
lsm.exe 716 2,412 K 4,232 K Local Session Manager Service Microsoft Corporation (Verified) Microsoft Windows
GoogleUpdate.exe 3016 2,076 K 528 K Google Installer Google Inc. (Verified) Google Inc
GoogleCrashHandler64.exe 3580 1,680 K 528 K Google Crash Handler Google Inc. (Verified) Google Inc
GoogleCrashHandler.exe 2344 1,508 K 528 K Google Crash Handler Google Inc. (Verified) Google Inc
Fuel.Service.exe 2016 1,796 K 5,804 K AMD Fuel Service Advanced Micro Devices, Inc. (No signature was present in the subject) Advanced Micro Devices, Inc.
chrome.exe 2984 21,844 K 22,472 K Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 4976 30,812 K 36,484 K Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 4552 51,760 K 62,648 K Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 4104 71,788 K 72,332 K Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 4304 26,552 K 30,780 K Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 4212 19,648 K 18,656 K Google Chrome Google Inc. (Verified) Google Inc
audiodg.exe 1760 17,860 K 18,020 K Windows Audio Device Graph Isolation Microsoft Corporation (Verified) Microsoft Windows
atiesrxx.exe 432 1,288 K 4,272 K AMD External Events Service Module AMD (Verified) Microsoft Windows Hardware Compatibility Publisher
atieclxx.exe 1440 2,556 K 7,660 K AMD External Events Client Module AMD (Verified) Microsoft Windows Hardware Compatibility Publisher
acrotray.exe 768 1,900 K 5,752 K AcroTray Adobe Systems Inc. (Verified) Adobe Systems