Hi Essexboy,After running the otl fix my laptop rebooted and the setup.exe process came back using 100%cpu which I stopped.I then ran otl again like you said and the following frst scan.
I will post the result of the otl fix scan although you didn't ask for it 1st then my second otl scan.
All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== FILES ==========
C:\Users\Allybongo\AppData\Local\Temp\GoogleSetup folder moved successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Allybongo
->Temp folder emptied: 133886 bytes
->Temporary Internet Files folder emptied: 2446 bytes
->Java cache emptied: 3946674 bytes
->FireFox cache emptied: 53474312 bytes
->Flash cache emptied: 2211 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 15835 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 102896 bytes
Total Files Cleaned = 55.00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 01312014_201440
Files\Folders moved on Reboot...
C:\Users\Allybongo\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Allybongo\AppData\Local\Temp\~DF7EEDCD9CBA647295.TMP moved successfully.
C:\Users\Allybongo\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File\Folder C:\Windows\temp\ZLT05e55.TMP not found!
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
OTL logfile created on: 31/01/2014 20:20:23 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Allybongo\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
3.90 Gb Total Physical Memory | 2.31 Gb Available Physical Memory | 59.25% Memory free
7.80 Gb Paging File | 6.12 Gb Available in Paging File | 78.43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232.79 Gb Total Space | 199.93 Gb Free Space | 85.89% Space Free | Partition Type: NTFS
Computer Name: ALLYBONGO-PC | User Name: Allybongo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - File not found --
PRC - [2014/01/31 01:00:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Allybongo\Desktop\OTL.exe
PRC - [2013/12/21 06:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/12/14 13:26:55 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/12/09 15:01:58 | 000,881,440 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
PRC - [2013/11/15 00:48:30 | 001,861,968 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2013/10/25 23:45:12 | 002,445,816 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
PRC - [2013/10/25 23:07:48 | 000,073,832 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
PRC - [2013/10/15 05:38:52 | 000,050,704 | ---- | M] (Check Point Software Technologies, Ltd.) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
PRC - [2013/10/07 21:30:40 | 000,613,888 | ---- | M] (SanDisk Corporation) -- C:\Users\Allybongo\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
PRC - [2013/04/04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/04/24 13:37:56 | 000,169,752 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
PRC - [2010/12/03 14:19:26 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/12/03 14:19:20 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/08/13 16:25:08 | 000,223,848 | ---- | M] (O2Micro.) -- C:\Windows\SysWOW64\SDIOAssist.exe
PRC - [2003/04/18 17:06:26 | 000,008,192 | ---- | M] () -- C:\Windows\SysWOW64\srvany.exe
========== Modules (No Company Name) ========== MOD - [2013/12/14 13:26:55 | 003,559,024 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/11/15 00:49:56 | 000,100,688 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2013/11/15 00:48:30 | 001,861,968 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
========== Services (SafeList) ========== SRV:
64bit: - [2013/11/26 09:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:
64bit: - [2013/10/10 22:54:28 | 000,144,152 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV:
64bit: - [2013/05/27 05:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:
64bit: - [2011/01/18 08:50:02 | 000,048,128 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE -- (wltrysvc)
SRV:
64bit: - [2010/02/10 16:50:50 | 000,072,296 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Windows\SysNative\drivers\o2flash.exe -- (O2FLASH)
SRV:
64bit: - [2009/07/14 01:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014/01/15 11:53:39 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/12/21 06:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/12/14 13:26:55 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/12/09 15:01:58 | 000,881,440 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe -- (AdvancedSystemCareService7)
SRV - [2013/12/03 16:10:24 | 002,151,200 | ---- | M] (IObit) [Auto | Stopped] -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
SRV - [2013/10/25 23:45:12 | 002,445,816 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon)
SRV - [2013/10/15 05:38:52 | 000,050,704 | ---- | M] (Check Point Software Technologies, Ltd.) [Auto | Running] -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe -- (ZAPrivacyService)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/04/04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/03/13 22:14:20 | 000,279,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013/03/01 01:48:58 | 000,118,520 | ---- | M] (Riverbed Technology, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2012/04/24 13:37:56 | 000,169,752 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2010/12/03 14:19:26 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/12/03 14:19:20 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/06/10 21:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2003/04/18 17:06:26 | 000,008,192 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\srvany.exe -- (O2SDIOAssist)
========== Driver Services (SafeList) ========== DRV:
64bit: - [2013/10/23 11:00:56 | 000,454,168 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vsdatant.sys -- (Vsdatant)
DRV:
64bit: - [2013/10/15 11:38:24 | 000,140,560 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:
64bit: - [2013/10/09 01:31:54 | 000,489,568 | ---- | M] (Kaspersky Lab ZAO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:
64bit: - [2013/10/08 05:47:30 | 000,029,792 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:
64bit: - [2013/07/17 02:02:06 | 000,177,760 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kneps.sys -- (kneps)
DRV:
64bit: - [2013/07/17 02:02:04 | 007,717,984 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (KL1)
DRV:
64bit: - [2013/07/11 17:46:56 | 000,772,864 | ---- | M] (Line 6) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L6TPortGX64.sys -- (L6TPortGX)
DRV:
64bit: - [2013/04/29 08:17:34 | 000,047,632 | ---- | M] (Panda Security, S.L.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PSKMAD.sys -- (PSKMAD)
DRV:
64bit: - [2013/03/01 01:49:12 | 000,036,600 | ---- | M] (Riverbed Technology, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:
64bit: - [2013/02/27 11:58:36 | 000,342,528 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:
64bit: - [2013/02/22 13:50:28 | 005,358,016 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:
64bit: - [2013/01/31 16:05:26 | 000,023,040 | ---- | M] (nerds.de) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ipmidi.sys -- (ipMIDI)
DRV:
64bit: - [2012/11/15 21:06:06 | 000,054,104 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kltdi.sys -- (kltdi)
DRV:
64bit: - [2012/08/23 14:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:
64bit: - [2012/08/23 14:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:
64bit: - [2012/08/23 14:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:
64bit: - [2012/03/01 06:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:
64bit: - [2011/07/22 16:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:
64bit: - [2011/07/22 12:28:56 | 000,027,760 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\accelern.sys -- (Acceler)
DRV:
64bit: - [2011/07/12 21:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:
64bit: - [2011/03/11 06:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:
64bit: - [2011/03/11 06:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:
64bit: - [2011/01/18 08:50:00 | 000,022,592 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:
64bit: - [2011/01/18 08:49:54 | 004,719,680 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:
64bit: - [2011/01/04 12:31:16 | 000,075,240 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\o2sdjw7x64.sys -- (O2SDJRDR)
DRV:
64bit: - [2011/01/03 13:19:56 | 000,074,984 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\O2MDRw7x64.sys -- (O2MDRRDR)
DRV:
64bit: - [2010/11/21 03:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:
64bit: - [2010/11/21 03:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:
64bit: - [2010/11/21 03:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:
64bit: - [2010/10/19 15:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:
64bit: - [2009/07/14 01:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:
64bit: - [2009/07/14 01:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:
64bit: - [2009/07/14 01:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:
64bit: - [2009/07/13 23:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:
64bit: - [2009/06/10 20:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:
64bit: - [2009/06/10 20:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:
64bit: - [2009/06/10 20:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:
64bit: - [2009/06/10 20:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/14 01:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:
64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:
64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...ms}&FORM=IE8SRCIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...ms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://uk.msn.com/?ocid=iehpIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8C AD 7E 7B 15 C0 CE 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...Box&FORM=IE10SRIE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..browser.startup.homepage: "
http://uk.yahoo.com/"FF - prefs.js..extensions.enabledAddons: ascsurfingprotection%40iobit.com:1.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - prefs.js..network.proxy.type: 0
FF:
64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:
64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@acestream.net/acestreamplugin,version=2.1.5: C:\Users\Allybongo\AppData\Roaming\ACEStream\player\npace_plugin.dll (Innovative Digital Technologies)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/01/15 10:31:11 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Users\Allybongo\AppData\Roaming\ACEStream\extensions\firefox\
[email protected] [2013/12/14 13:00:54 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/01/15 10:31:11 | 000,000,000 | ---D | M]
[2013/10/03 09:33:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Allybongo\AppData\Roaming\Mozilla\Extensions
[2014/01/16 17:39:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Allybongo\AppData\Roaming\Mozilla\Firefox\Profiles\0intz3wy.default\extensions
[2013/12/28 23:14:50 | 000,000,000 | ---D | M] (Advanced SystemCare Surfing Protection) -- C:\Users\Allybongo\AppData\Roaming\Mozilla\Firefox\Profiles\0intz3wy.default\extensions\
[email protected][2014/01/16 17:39:01 | 000,940,775 | ---- | M] () (No name found) -- C:\Users\Allybongo\AppData\Roaming\Mozilla\Firefox\Profiles\0intz3wy.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/12/14 13:26:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/12/14 13:26:55 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\PROGRAM FILES (X86)\IOBIT APPS TOOLBAR\FF
O1 HOSTS File: ([2014/01/31 20:15:09 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Advanced SystemCare Browser Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:
64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE (Dell Inc.)
O4:
64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [SansaDispatch] C:\Users\Allybongo\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe (SanDisk Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13
64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: dell.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: line6.net ([]* in Trusted sites)
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9}
http://ax.emsisoft.c...oft_webscan.cab (Emsisoft Web Malware Scan)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.168.4.100 194.168.8.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3F105BFF-611A-45EE-B4A5-EC05C0AEF371}: DhcpNameServer = 194.168.4.100 194.168.8.100
O20:
64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:
64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:
64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ========== [2014/01/31 20:14:40 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/01/31 18:00:22 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2014/01/20 01:13:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/01/16 14:17:25 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2014/01/16 13:53:48 | 000,000,000 | ---D | C] -- C:\SUPERDelete
[2014/01/16 12:50:04 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Allybongo\Desktop\OTL.exe
[2014/01/16 12:14:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2014/01/15 21:34:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Doctor Web
[2014/01/15 00:05:38 | 000,000,000 | ---D | C] -- C:\Users\Allybongo\AppData\Local\CrashDumps
[2014/01/11 04:45:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2014/01/11 04:45:28 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014/01/07 23:19:39 | 000,000,000 | ---D | C] -- C:\Users\Allybongo\AppData\Local\Jaksta_Technologies_Pty_L
[2014/01/07 23:19:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Applian Technologies
[2014/01/07 23:19:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
[2014/01/07 23:19:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinPcap
[2014/01/07 23:04:32 | 000,000,000 | ---D | C] -- C:\Users\Allybongo\dwhelper
[2014/01/03 11:27:54 | 000,000,000 | ---D | C] -- C:\Users\Allybongo\AppData\Roaming\TorrentPrivacy
[2013/10/03 11:44:43 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Allybongo\AppData\Roaming\pcouffin.sys
========== Files - Modified Within 30 Days ========== [2014/01/31 20:16:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/31 20:16:27 | 3140,259,840 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/31 20:15:09 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2014/01/31 20:11:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/31 18:07:55 | 000,021,904 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/31 18:07:55 | 000,021,904 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/31 18:00:12 | 375,211,222 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014/01/31 17:26:23 | 000,000,512 | ---- | M] () -- C:\Users\Allybongo\Desktop\MBR.dat
[2014/01/31 01:00:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Allybongo\Desktop\OTL.exe
[2014/01/19 17:52:44 | 000,781,482 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/01/19 17:52:44 | 000,666,616 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/01/19 17:52:44 | 000,126,260 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/01/15 20:35:53 | 000,281,856 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/01/15 00:10:20 | 000,000,396 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2014/01/12 08:46:18 | 000,000,000 | ---- | M] () -- C:\END
========== Files Created - No Company Name ========== [2014/01/31 18:00:12 | 375,211,222 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2014/01/31 17:26:23 | 000,000,512 | ---- | C] () -- C:\Users\Allybongo\Desktop\MBR.dat
[2014/01/15 00:10:20 | 000,000,396 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/01/14 20:49:13 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/12/29 22:34:18 | 000,000,032 | ---- | C] () -- C:\Windows\GearBox.ini
[2013/12/29 04:55:35 | 000,000,016 | ---- | C] () -- C:\Users\Allybongo\AppData\Roaming\msregsvv.dll
[2013/12/29 04:55:35 | 000,000,016 | ---- | C] () -- C:\ProgramData\autobk.inc
[2013/12/10 14:07:46 | 000,000,250 | ---- | C] () -- C:\Users\Allybongo\.swfinfo
[2013/12/10 14:06:21 | 000,000,990 | ---- | C] () -- C:\Windows\SysWow64\amsiq19a.sys
[2013/11/29 06:18:24 | 000,762,252 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/11/19 21:47:44 | 000,000,085 | ---- | C] () -- C:\Windows\wininit.ini
[2013/10/03 11:44:43 | 000,099,384 | ---- | C] () -- C:\Users\Allybongo\AppData\Roaming\inst.exe
[2013/10/03 11:44:43 | 000,007,859 | ---- | C] () -- C:\Users\Allybongo\AppData\Roaming\pcouffin.cat
[2013/10/03 11:44:43 | 000,001,167 | ---- | C] () -- C:\Users\Allybongo\AppData\Roaming\pcouffin.inf
[2013/10/03 09:14:59 | 000,017,929 | -H-- | C] () -- C:\Windows\SysWow64\BTImages.dat
[2013/10/03 08:13:24 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\instsrv.exe
[2013/10/03 08:13:24 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe
[2013/10/03 08:04:52 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin
[2013/10/03 08:04:50 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2013/10/03 08:04:49 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin
[2013/03/01 01:47:36 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
========== ZeroAccess Check ========== [2009/07/14 04:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 02:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 01:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 01:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 03:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 01:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ========== [2013/12/14 14:39:58 | 000,000,000 | ---D | M] -- C:\Users\Allybongo\AppData\Roaming\.ACEStream
[2013/12/14 13:00:28 | 000,000,000 | ---D | M] -- C:\Users\Allybongo\AppData\Roaming\ACEStream
[2013/12/03 05:25:24 | 000,000,000 | ---D | M] -- C:\Users\Allybongo\AppData\Roaming\CrystalIdea Software
[2013/11/18 00:39:55 | 000,000,000 | ---D | M] -- C:\Users\Allybongo\AppData\Roaming\FlowStone
[2013/12/29 04:55:28 | 000,000,000 | ---D | M] -- C:\Users\Allybongo\AppData\Roaming\IK Multimedia
[2013/11/18 00:40:09 | 000,000,000 | ---D | M] -- C:\Users\Allybongo\AppData\Roaming\Image-Line
[2013/10/26 19:39:16 | 000,000,000 | ---D | M] -- C:\Users\Allybongo\AppData\Roaming\ImgBurn
[2014/01/16 13:53:57 | 000,000,000 | ---D | M] -- C:\Users\Allybongo\AppData\Roaming\IObit
[2013/11/11 22:38:39 | 000,000,000 | ---D | M] -- C:\Users\Allybongo\AppData\Roaming\Jeskola
[2014/01/03 08:38:07 | 000,000,000 | ---D | M] -- C:\Users\Allybongo\AppData\Roaming\Line 6
[2013/12/01 15:13:57 | 000,000,000 | ---D | M] -- C:\Users\Allybongo\AppData\Roaming\MediaMonkey
[2013/11/17 18:22:21 | 000,000,000 | ---D | M] -- C:\Users\Allybongo\AppData\Roaming\NetMedia Providers
[2013/11/19 02:09:40 | 000,000,000 | ---D | M] -- C:\Users\Allybongo\AppData\Roaming\PerformerSoft
[2013/11/25 04:48:19 | 000,000,000 | ---D | M] -- C:\Users\Allybongo\AppData\Roaming\PreSonus
[2013/11/17 18:22:21 | 000,000,000 | ---D | M] -- C:\Users\Allybongo\AppData\Roaming\Publish Providers
[2013/11/25 05:16:09 | 000,000,000 | ---D | M] -- C:\Users\Allybongo\AppData\Roaming\REAPER
[2013/10/07 21:30:25 | 000,000,000 | ---D | M] -- C:\Users\Allybongo\AppData\Roaming\SanDisk
[2013/11/19 02:07:44 | 000,000,000 | ---D | M] -- C:\Users\Allybongo\AppData\Roaming\SeeSimilar02
[2013/11/30 13:09:24 | 000,000,000 | ---D | M] -- C:\Users\Allybongo\AppData\Roaming\Sony
[2013/11/25 00:12:52 | 000,000,000 | ---D | M] -- C:\Users\Allybongo\AppData\Roaming\Topten Software
[2014/01/30 20:24:55 | 000,000,000 | ---D | M] -- C:\Users\Allybongo\AppData\Roaming\uTorrent
[2014/01/30 19:32:58 | 000,000,000 | ---D | M] -- C:\Users\Allybongo\AppData\Roaming\Vso
========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:5C321E34
< End of report >
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-01-2014 01
Ran by Allybongo (administrator) on ALLYBONGO-PC on 31-01-2014 20:27:09
Running from C:\Users\Allybongo\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version:
http://www.bleepingc...can-tool/dl/81/ Download link for 64-Bit Version:
http://www.bleepingc...can-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST:
http://www.geekstogo...very-scan-tool/==================== Processes (Whitelisted) =================
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
(Check Point Software Technologies LTD) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(O2Micro International) C:\Windows\System32\drivers\o2flash.exe
() C:\Windows\SysWOW64\srvany.exe
(O2Micro.) C:\Windows\SysWOW64\SDIOAssist.exe
(Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(SanDisk Corporation) C:\Users\Allybongo\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Check Point Software Technologies LTD) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Broadcom Wireless Manager UI] - C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [6492672 2011-01-18] (Dell Inc.)
HKLM-x32\...\Run: [ZoneAlarm] - C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [73832 2013-10-25] (Check Point Software Technologies LTD)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-11-15] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [SansaDispatch] - C:\Users\Allybongo\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe [613888 2013-10-07] (SanDisk Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://uk.msn.com/?ocid=iehpHKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x8CAD7E7B15C0CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9}
http://ax.emsisoft.c...oft_webscan.cabTcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100
FireFox:
========
FF ProfilePath: C:\Users\Allybongo\AppData\Roaming\Mozilla\Firefox\Profiles\0intz3wy.default
FF user.js: detected! => C:\Users\Allybongo\AppData\Roaming\Mozilla\Firefox\Profiles\0intz3wy.default\user.js
FF Homepage: hxxp://uk.yahoo.com/
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @acestream.net/acestreamplugin,version=2.1.5 - C:\Users\Allybongo\AppData\Roaming\ACEStream\player\npace_plugin.dll (Innovative Digital Technologies)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Allybongo\AppData\Roaming\Mozilla\Firefox\Profiles\0intz3wy.default\Extensions\
[email protected] [2013-12-28]
FF Extension: Adblock Plus - C:\Users\Allybongo\AppData\Roaming\Mozilla\Firefox\Profiles\0intz3wy.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-03]
FF HKCU\...\Firefox\Extensions: [
[email protected]] - C:\Users\Allybongo\AppData\Roaming\ACEStream\extensions\firefox\
[email protected]FF Extension: TS Magic Player - C:\Users\Allybongo\AppData\Roaming\ACEStream\extensions\firefox\
[email protected] [2013-12-14]
==================== Services (Whitelisted) =================
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-10] (SUPERAntiSpyware.com)
R2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [881440 2013-12-09] (IObit)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 O2SDIOAssist; C:\Windows\SysWOW64\srvany.exe [8192 2003-04-18] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2445816 2013-10-25] (Check Point Software Technologies LTD)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [5839872 2011-01-18] (Dell Inc.)
R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [50704 2013-10-15] (Check Point Software Technologies, Ltd.)
==================== Drivers (Whitelisted) ====================
S3 ipMIDI; C:\Windows\System32\drivers\ipmidi.sys [23040 2013-01-31] (nerds.de)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [7717984 2013-07-17] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [489568 2013-10-09] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-08] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54104 2012-11-15] (Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [177760 2013-07-17] (Kaspersky Lab ZAO)
S3 L6TPortGX; C:\Windows\System32\Drivers\L6TPortGX64.sys [772864 2013-07-11] (Line 6)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [47632 2013-04-29] (Panda Security, S.L.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S0 tcoifh; No ImagePath
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [454168 2013-10-23] (Check Point Software Technologies LTD)
S3 ApfiltrService; system32\DRIVERS\Apfiltr.sys [x]
S3 cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [x]
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [90208 2013-10-09] (Kaspersky Lab ZAO)
S3 STHDA; system32\DRIVERS\stwrt64.sys [x]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-31 20:27 - 2014-01-31 20:27 - 00009978 _____ C:\Users\Allybongo\Downloads\FRST.txt
2014-01-31 20:27 - 2014-01-31 20:27 - 00000000 ____D C:\FRST
2014-01-31 20:26 - 2014-01-31 20:26 - 02079744 _____ (Farbar) C:\Users\Allybongo\Downloads\FRST64.exe
2014-01-31 20:25 - 2014-01-31 20:25 - 00067264 _____ C:\Users\Allybongo\Desktop\OTL.Txt
2014-01-31 20:20 - 2014-01-31 20:20 - 00003646 _____ C:\Users\Allybongo\Desktop\otl1strun.txt
2014-01-31 20:14 - 2014-01-31 20:14 - 00000000 ____D C:\_OTL
2014-01-31 18:02 - 2014-01-31 18:02 - 00000537 _____ C:\Users\Allybongo\Desktop\crash.txt
2014-01-31 18:00 - 2014-01-31 18:00 - 375211222 _____ C:\Windows\MEMORY.DMP
2014-01-31 18:00 - 2014-01-31 18:00 - 00298400 _____ C:\Windows\Minidump\013114-22713-01.dmp
2014-01-31 18:00 - 2014-01-31 18:00 - 00000000 ____D C:\Windows\Minidump
2014-01-31 17:26 - 2014-01-31 17:26 - 00001261 _____ C:\Users\Allybongo\Desktop\aswMBR.txt
2014-01-31 17:26 - 2014-01-31 17:26 - 00000512 _____ C:\Users\Allybongo\Desktop\MBR.dat
2014-01-31 17:23 - 2014-01-31 17:23 - 04745728 _____ (AVAST Software) C:\Users\Allybongo\Downloads\aswmbr.exe
2014-01-31 17:20 - 2014-01-31 20:16 - 00000168 _____ C:\Windows\setupact.log
2014-01-31 17:20 - 2014-01-31 17:20 - 00000000 _____ C:\Windows\setuperr.log
2014-01-31 17:19 - 2014-01-31 17:19 - 00000598 _____ C:\Windows\PFRO.log
2014-01-20 01:13 - 2014-01-20 01:13 - 00005175 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-20 01:13 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-20 01:13 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-20 01:13 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-20 01:13 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-16 14:17 - 2014-01-16 14:24 - 00000000 ____D C:\ProgramData\HitmanPro
2014-01-16 13:53 - 2014-01-16 13:53 - 00000000 ____D C:\SUPERDelete
2014-01-16 12:50 - 2014-01-31 01:00 - 00602112 _____ (OldTimer Tools) C:\Users\Allybongo\Desktop\OTL.exe
2014-01-16 12:14 - 2014-01-16 12:14 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2014-01-15 22:36 - 2014-01-31 20:19 - 00598418 _____ C:\Windows\WindowsUpdate.log
2014-01-15 21:34 - 2014-01-15 21:34 - 00000000 ____D C:\ProgramData\Doctor Web
2014-01-15 20:57 - 2014-01-15 20:57 - 00003200 _____ C:\Windows\System32\Tasks\GoogleUpdateSetup
2014-01-15 20:29 - 2013-11-27 01:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 20:29 - 2013-11-27 01:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 20:29 - 2013-11-27 01:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 20:29 - 2013-11-27 01:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 20:29 - 2013-11-27 01:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 20:29 - 2013-11-27 01:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 20:29 - 2013-11-27 01:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 20:29 - 2013-11-26 11:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 20:29 - 2013-11-26 10:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-15 00:10 - 2014-01-15 00:10 - 00000396 __RSH C:\ProgramData\ntuser.pol
2014-01-15 00:05 - 2014-01-27 17:34 - 00000000 ____D C:\Users\Allybongo\AppData\Local\CrashDumps
2014-01-14 20:49 - 2014-01-31 20:11 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-14 20:49 - 2014-01-15 11:53 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-14 20:49 - 2014-01-15 11:53 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-14 20:49 - 2014-01-15 11:53 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-11 04:45 - 2014-01-11 04:45 - 00002780 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-01-11 04:45 - 2014-01-11 04:45 - 00000000 ____D C:\Program Files\CCleaner
2014-01-07 23:19 - 2014-01-07 23:24 - 00000000 ____D C:\Users\Allybongo\AppData\Local\Jaksta_Technologies_Pty_L
2014-01-07 23:19 - 2014-01-07 23:19 - 00000000 ____D C:\Program Files (x86)\WinPcap
2014-01-07 23:04 - 2014-01-07 23:04 - 00000000 ____D C:\Users\Allybongo\dwhelper
2014-01-03 11:27 - 2014-01-03 11:30 - 00000000 ____D C:\Users\Allybongo\AppData\Roaming\TorrentPrivacy
==================== One Month Modified Files and Folders =======
2014-01-31 20:27 - 2014-01-31 20:27 - 00009978 _____ C:\Users\Allybongo\Downloads\FRST.txt
2014-01-31 20:27 - 2014-01-31 20:27 - 00000000 ____D C:\FRST
2014-01-31 20:26 - 2014-01-31 20:26 - 02079744 _____ (Farbar) C:\Users\Allybongo\Downloads\FRST64.exe
2014-01-31 20:25 - 2014-01-31 20:25 - 00067264 _____ C:\Users\Allybongo\Desktop\OTL.Txt
2014-01-31 20:23 - 2009-07-14 04:45 - 00021904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-31 20:23 - 2009-07-14 04:45 - 00021904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-31 20:20 - 2014-01-31 20:20 - 00003646 _____ C:\Users\Allybongo\Desktop\otl1strun.txt
2014-01-31 20:19 - 2014-01-15 22:36 - 00598418 _____ C:\Windows\WindowsUpdate.log
2014-01-31 20:16 - 2014-01-31 17:20 - 00000168 _____ C:\Windows\setupact.log
2014-01-31 20:16 - 2009-07-14 05:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-31 20:14 - 2014-01-31 20:14 - 00000000 ____D C:\_OTL
2014-01-31 20:11 - 2014-01-14 20:49 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-31 18:49 - 2013-10-03 11:43 - 00000000 ____D C:\Users\Allybongo\AppData\Local\PokerStars
2014-01-31 18:02 - 2014-01-31 18:02 - 00000537 _____ C:\Users\Allybongo\Desktop\crash.txt
2014-01-31 18:00 - 2014-01-31 18:00 - 375211222 _____ C:\Windows\MEMORY.DMP
2014-01-31 18:00 - 2014-01-31 18:00 - 00298400 _____ C:\Windows\Minidump\013114-22713-01.dmp
2014-01-31 18:00 - 2014-01-31 18:00 - 00000000 ____D C:\Windows\Minidump
2014-01-31 17:26 - 2014-01-31 17:26 - 00001261 _____ C:\Users\Allybongo\Desktop\aswMBR.txt
2014-01-31 17:26 - 2014-01-31 17:26 - 00000512 _____ C:\Users\Allybongo\Desktop\MBR.dat
2014-01-31 17:23 - 2014-01-31 17:23 - 04745728 _____ (AVAST Software) C:\Users\Allybongo\Downloads\aswmbr.exe
2014-01-31 17:20 - 2014-01-31 17:20 - 00000000 _____ C:\Windows\setuperr.log
2014-01-31 17:19 - 2014-01-31 17:19 - 00000598 _____ C:\Windows\PFRO.log
2014-01-31 01:00 - 2014-01-16 12:50 - 00602112 _____ (OldTimer Tools) C:\Users\Allybongo\Desktop\OTL.exe
2014-01-30 20:24 - 2013-10-03 20:04 - 00000000 ____D C:\Users\Allybongo\AppData\Roaming\uTorrent
2014-01-30 19:32 - 2013-10-03 11:47 - 00000000 ____D C:\Users\Allybongo\Documents\ConvertXtoDVD
2014-01-30 19:32 - 2013-10-03 11:44 - 00000000 ____D C:\Users\Allybongo\AppData\Roaming\Vso
2014-01-30 19:32 - 2013-10-03 11:44 - 00000000 ____D C:\ProgramData\VSO
2014-01-30 18:56 - 2013-11-17 16:52 - 00000000 ____D C:\ProgramData\ProductData
2014-01-27 21:08 - 2013-10-03 12:12 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
2014-01-27 17:34 - 2014-01-15 00:05 - 00000000 ____D C:\Users\Allybongo\AppData\Local\CrashDumps
2014-01-20 13:51 - 2009-07-14 05:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-20 01:14 - 2013-10-03 10:17 - 00000000 ____D C:\ProgramData\Oracle
2014-01-20 01:13 - 2014-01-20 01:13 - 00005175 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-20 01:13 - 2013-10-03 10:16 - 00000000 ____D C:\Program Files (x86)\Java
2014-01-19 17:52 - 2009-07-14 05:13 - 00781482 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-19 17:06 - 2013-10-03 12:12 - 00000000 ____D C:\ProgramData\Licenses
2014-01-17 13:45 - 2013-10-03 11:55 - 00000000 ____D C:\Users\Allybongo\AppData\Roaming\vlc
2014-01-16 14:24 - 2014-01-16 14:17 - 00000000 ____D C:\ProgramData\HitmanPro
2014-01-16 13:53 - 2014-01-16 13:53 - 00000000 ____D C:\SUPERDelete
2014-01-16 13:53 - 2013-10-03 12:37 - 00000000 ____D C:\Users\Allybongo\AppData\Roaming\IObit
2014-01-16 12:35 - 2013-10-03 07:40 - 00000000 ___RD C:\Users\Allybongo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-16 12:14 - 2014-01-16 12:14 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2014-01-15 21:34 - 2014-01-15 21:34 - 00000000 ____D C:\ProgramData\Doctor Web
2014-01-15 21:07 - 2013-11-19 21:50 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2014-01-15 20:57 - 2014-01-15 20:57 - 00003200 _____ C:\Windows\System32\Tasks\GoogleUpdateSetup
2014-01-15 20:35 - 2009-07-14 04:45 - 00281856 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-15 20:32 - 2013-10-03 10:45 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 20:30 - 2013-10-03 10:44 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 17:49 - 2013-12-18 16:46 - 00000000 ____D C:\Program Files (x86)\Line6
2014-01-15 11:53 - 2014-01-14 20:49 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-15 11:53 - 2014-01-14 20:49 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-15 11:53 - 2014-01-14 20:49 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-15 11:53 - 2013-12-02 06:34 - 00000000 ____D C:\Users\Allybongo\AppData\Local\Adobe
2014-01-15 00:10 - 2014-01-15 00:10 - 00000396 __RSH C:\ProgramData\ntuser.pol
2014-01-15 00:08 - 2009-07-14 03:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2014-01-14 19:48 - 2013-10-03 09:09 - 00000000 ___RD C:\Users\Allybongo\Desktop\Security
2014-01-14 19:47 - 2013-10-03 12:03 - 00000000 ____D C:\Program Files (x86)\Auslogics
2014-01-12 08:47 - 2013-12-14 15:06 - 00000000 ____D C:\ProgramData\DivX
2014-01-12 08:47 - 2013-12-14 15:06 - 00000000 ____D C:\Program Files (x86)\DivX
2014-01-12 08:46 - 2013-12-14 15:06 - 00000000 _____ C:\END
2014-01-11 23:26 - 2013-11-21 22:53 - 00000000 ____D C:\Users\Allybongo\AppData\Local\Google
2014-01-11 04:45 - 2014-01-11 04:45 - 00002780 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-01-11 04:45 - 2014-01-11 04:45 - 00000000 ____D C:\Program Files\CCleaner
2014-01-11 04:32 - 2013-10-03 12:30 - 00000000 ____D C:\Users\Allybongo\Documents\My Kindle Content
2014-01-07 23:24 - 2014-01-07 23:19 - 00000000 ____D C:\Users\Allybongo\AppData\Local\Jaksta_Technologies_Pty_L
2014-01-07 23:19 - 2014-01-07 23:19 - 00000000 ____D C:\Program Files (x86)\WinPcap
2014-01-07 23:04 - 2014-01-07 23:04 - 00000000 ____D C:\Users\Allybongo\dwhelper
2014-01-07 23:04 - 2013-10-03 07:40 - 00000000 ____D C:\Users\Allybongo
2014-01-04 09:46 - 2013-10-03 12:37 - 00000000 ____D C:\ProgramData\IObit
2014-01-03 11:30 - 2014-01-03 11:27 - 00000000 ____D C:\Users\Allybongo\AppData\Roaming\TorrentPrivacy
2014-01-03 08:38 - 2013-12-18 17:50 - 00000000 ____D C:\Users\Allybongo\AppData\Roaming\Line 6
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-21 15:45
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-01-2014 01
Ran by Allybongo at 2014-01-31 20:27:28
Running from C:\Users\Allybongo\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: ZoneAlarm Antivirus (Enabled - Up to date) {DE038A5B-9EDD-18A9-2361-FF7D98D43730}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ZoneAlarm Anti-Spyware (Enabled - Up to date) {65626BBF-B8E7-1727-19D1-C40FE3537D8D}
FW: ZoneAlarm Firewall (Enabled) {E6380B7E-D4B2-19F1-083E-56486607704B}
==================== Installed Programs ======================
µTorrent (HKCU Version: 3.3.2.30303 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0 - Igor Pavlov)
Ace Stream Media 2.1.5 (HKCU Version: 2.1.5 - Ace Stream Media)
Adobe Flash Player 12 ActiveX (x32 Version: 12.0.0.38 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.43 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) (x32 Version: 11.0.06 - Adobe Systems Incorporated)
Advanced SystemCare 7 (x32 Version: 7.1.0 - IObit)
Amazon Kindle (HKCU Version: - Amazon)
Auslogics DiskDefrag (x32 Version: 4.4.2.0 - Auslogics Labs Pty Ltd)
Auslogics Registry Cleaner (x32 Version: 3.4.0.0 - Auslogics Labs Pty Ltd)
CCleaner (Version: 4.09 - Piriform)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
DivX Setup (x32 Version: 2.6.1.90 - DivX, LLC)
DW WLAN Card Utility (Version: 5.100.235.13 - Dell Inc.)
Firebird v2.0 (x32 Version: - Tone2)
ImgBurn (x32 Version: 2.5.8.0 - LIGHTNING UK!)
Intel® Management Engine Components (x32 Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (x32 Version: 9.17.10.3040 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149 - Intel Corporation)
IObit Uninstaller (x32 Version: 3.0.5.1228 - IObit)
Java 7 Update 51 (x32 Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 en-US) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
O2Micro Flash Memory Card Windows Driver (x32 Version: 3.0.07.19 - O2Micro International LTD.)
O2Micro Flash Memory Card Windows Driver (x32 Version: 3.0.07.19 - O2Micro International LTD.) Hidden
PokerStars (x32 Version: - PokerStars)
Sansa Updater (HKCU Version: 1.406 - SanDisk Corporation)
SpywareBlaster 5.0 (x32 Version: 5.0.0 - BrightFort LLC)
SUPERAntiSpyware (Version: 5.6.1042 - SUPERAntiSpyware.com)
Surfing Protection (x32 Version: 1.0 - IObit)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.1.2 (x32 Version: 2.1.2 - VideoLAN)
VSO ConvertXToDVD (x32 Version: 5.0.0.75 - VSO Software)
Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8 - Microsoft Corp)
WinPcap 4.1.3 (x32 Version: 4.1.0.2980 - Riverbed Technology, Inc.)
ZoneAlarm Antivirus (x32 Version: 12.0.104.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Antivirus (x32 Version: 12.0.104.000 - Check Point)
ZoneAlarm Firewall (x32 Version: 12.0.104.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Security (x32 Version: 12.0.104.000 - Check Point Software Technologies Ltd.) Hidden
==================== Restore Points =========================
15-01-2014 17:55:57 Device Driver Package Install: Line 6 Sound, video and game controllers
15-01-2014 17:56:13 Device Driver Package Install: Line 6 Sound, video and game controllers
15-01-2014 20:30:12 Windows Update
20-01-2014 01:12:34 Installed Java 7 Update 51
21-01-2014 14:08:41 Windows Update
30-01-2014 19:00:59 Windows Update
31-01-2014 01:50:18 OTL Restore Point - 31/01/2014 01:50:18
31-01-2014 20:14:57 OTL Restore Point - 31/01/2014 20:14:54
==================== Hosts content: ==========================
2009-07-14 02:34 - 2014-01-31 20:15 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {6F12657A-416C-4A44-9EEB-3373EAE5690E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-15] (Adobe Systems Incorporated)
Task: {7077CE01-797A-46C3-97B5-3EF91CFE4229} - System32\Tasks\JetBoost_AutoUpdate => C:\Program Files (x86)\BlueSprig\JetBoost\AutoUpdate.exe
Task: {904901F7-B5E2-4E04-8E20-C1397B810B54} - System32\Tasks\RunAsStdUser Task for VeohWebPlayer => C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
Task: {93FDBE9D-378F-4607-BCB1-20A184A00E65} - System32\Tasks\GoogleUpdateSetup => C:\Windows\GOOGLE~1.EXE [2009-07-14] ()
Task: {AFE68210-DC96-40BE-B88F-EC5E25BDCDEA} - System32\Tasks\ASC7_SkipUac_Allybongo => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe [2013-12-16] (IObit)
Task: {C684A0F0-79FC-432E-B0E0-B5F1C5B53FEE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2013-10-03 08:04 - 2013-02-22 13:43 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-11-17 16:52 - 2013-10-25 12:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\sqlite3.dll
2013-11-15 00:49 - 2013-11-15 00:49 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/31/2014 08:18:22 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/31/2014 06:02:00 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/31/2014 05:21:43 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/30/2014 06:56:43 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/28/2014 03:33:36 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/28/2014 02:33:34 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/28/2014 07:12:30 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/28/2014 07:11:10 AM) (Source: ZAPrivacyService) (User: )
Description: Service cannot be started. The service process could not connect to the service controller
Error: (01/28/2014 07:11:04 AM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (01/28/2014 07:11:04 AM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.
Context: Windows Application
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
System errors:
=============
Error: (01/31/2014 08:17:50 PM) (Source: Service Control Manager) (User: )
Description: The LiveUpdate service terminated unexpectedly. It has done this 1 time(s).
Error: (01/31/2014 08:16:55 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
tcoifh
Error: (01/31/2014 08:14:40 PM) (Source: Service Control Manager) (User: )
Description: The Advanced SystemCare Service 7 service terminated unexpectedly. It has done this 1 time(s).
Error: (01/31/2014 06:01:40 PM) (Source: Service Control Manager) (User: )
Description: The LiveUpdate service terminated unexpectedly. It has done this 1 time(s).
Error: (01/31/2014 06:00:47 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
tcoifh
Error: (01/31/2014 06:00:26 PM) (Source: BugCheck) (User: )
Description: 0x00000109 (0xa3a039d898e07654, 0xb3b7465eeb5eb30e, 0xfffff880035e05c0, 0x0000000000000002)C:\Windows\MEMORY.DMP013114-22713-01
Error: (01/31/2014 06:00:18 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 17:58:48 on 31/01/2014 was unexpected.
Error: (01/31/2014 05:21:24 PM) (Source: Service Control Manager) (User: )
Description: The LiveUpdate service terminated unexpectedly. It has done this 1 time(s).
Error: (01/31/2014 05:20:28 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
tcoifh
Error: (01/30/2014 06:56:13 PM) (Source: Service Control Manager) (User: )
Description: The LiveUpdate service terminated unexpectedly. It has done this 1 time(s).
Microsoft Office Sessions:
=========================
Error: (01/31/2014 08:18:22 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/31/2014 06:02:00 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/31/2014 05:21:43 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/30/2014 06:56:43 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/28/2014 03:33:36 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/28/2014 02:33:34 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/28/2014 07:12:30 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/28/2014 07:11:10 AM) (Source: ZAPrivacyService)(User: )
Description: Service cannot be started. The service process could not connect to the service controller
Error: (01/28/2014 07:11:04 AM) (Source: Windows Search Service)(User: )
Description:
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (01/28/2014 07:11:04 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
CodeIntegrity Errors:
===================================
Date: 2014-01-18 17:51:51.803
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x86\win8\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-01-18 17:51:51.803
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x86\win8\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-01-18 17:51:51.803
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x86\win8\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-01-18 17:51:50.243
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x64\win8\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-01-18 17:51:50.243
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x64\win8\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-01-18 17:51:50.243
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x64\win8\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-01-16 16:32:52.931
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x86\win8\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-01-16 16:32:52.915
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x86\win8\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-01-16 16:32:52.915
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x86\win8\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-01-16 16:32:51.667
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x64\win8\klelam.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Percentage of memory in use: 36%
Total physical RAM: 3993.05 MB
Available physical RAM: 2519.14 MB
Total Pagefile: 7984.28 MB
Available Pagefile: 6413.55 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:232.79 GB) (Free:199.84 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 34DE6125)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=233 GB) - (Type=07 NTFS)
==================== End Of Log ============================