Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Not Valid Win32 application+Admin/access denied [Solved]


  • This topic is locked This topic is locked

#1
Jcab

Jcab

    Member

  • Member
  • PipPip
  • 19 posts
So I have this problem back starting in Jan 25ish, some of the applications I use such as a web browser or other .exe programs give me the "c:\...\comodo dragon.exe is not a valid win32 application", this happens in programs that are installed on my "C:" drive, since if i moved a translator program that had this "not a valid win32 application" to my alternative "G:" drive it's able to run just fine.

The 2nd problem is not having Administrative access or access denied, this happens when I tried to download a new anti-virus program in which during installation, I receive a error such as "Access Denied" for Avg, or "You do not have permission" for other anti-virus I've attempted to install, it also used to happen when I attempted to download Avg but i managed to get past it leading me to access denied when I tried to install.
I've only managed to install IObit malware fighter recently but scans don't turn anything up.

The 3rd problem I've recently noticed as well was that under my "C:\Users\Donkey Kong\Documents", all the folders that had files there give me an error when I attempt to open them being "C:\Users\Donkey Kong\Documents\Visual Studio 2012 refers to a location that is unavailable. It could be on a hard drive on this computer, or on a network. Check to make sure that the disk is properly inserted, or that you are connected to the internet or your network, and then try again. If it still cannot be located, the information might have been moved to a different location."
I'm sure I was able to access the files in "C:\Users\Donkey Kong\Documents" before I encountered these problems since I used to access the files often.
Also one last thing to add, since the problems started back in jan. i selected "60 days" in the OTL scan options, i wasn't exactly sure so changed it to that instead of 30.




OTL logfile created on: 2014/03/09 15:17:54 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Donkey Kong\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000411 | Country: Japan | Language: JPN | Date Format: yyyy/MM/dd

7.93 Gb Total Physical Memory | 5.43 Gb Available Physical Memory | 68.51% Memory free
10.86 Gb Paging File | 8.22 Gb Available in Paging File | 75.74% Paging File free
Paging file location(s): c:\pagefile.sys 3000 3000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 98.50 Gb Total Space | 3.24 Gb Free Space | 3.29% Space Free | Partition Type: NTFS
Drive D: | 164.85 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive E: | 199.50 Gb Total Space | 0.59 Gb Free Space | 0.30% Space Free | Partition Type: NTFS
Drive G: | 298.09 Gb Total Space | 106.73 Gb Free Space | 35.80% Space Free | Partition Type: NTFS

Computer Name: JOSE | User Name: Donkey Kong | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

========== Processes (SafeList) ==========

PRC - [2014/03/09 14:28:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Donkey Kong\Desktop\OTL.exe
PRC - [2014/02/26 01:45:34 | 000,976,160 | ---- | M] (FlashPeak Inc.) -- C:\Program Files (x86)\SlimBrowser\SBRender.exe
PRC - [2014/02/26 01:45:32 | 004,452,640 | ---- | M] (FlashPeak Inc.) -- C:\Program Files (x86)\SlimBrowser\sbframe.exe
PRC - [2014/02/02 06:14:05 | 000,243,712 | ---- | M] () -- C:\NTKernel\nt32.exe
PRC - [2014/01/24 17:09:44 | 000,342,336 | ---- | M] (IObit) -- G:\IObit Malware Fighter PRO v2.3.0.13 Final\Ifighter\IMFsrv.exe
PRC - [2013/12/19 13:20:16 | 000,411,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013/12/19 01:07:52 | 001,821,384 | ---- | M] () -- C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe
PRC - [2013/12/18 11:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/12/09 19:15:27 | 002,279,712 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2013/12/09 19:14:56 | 001,494,304 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2013/12/03 11:59:24 | 001,075,264 | ---- | M] (iolo technologies, LLC) -- C:\Program Files (x86)\iolo\System Mechanic\SMTrayNotify.exe
PRC - [2013/12/03 10:59:32 | 001,168,960 | ---- | M] (iolo technologies, LLC) -- C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
PRC - [2013/09/18 12:51:02 | 000,106,472 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
PRC - [2010/03/12 15:43:38 | 000,241,808 | ---- | M] (Paltiosoft Inc.) -- C:\Program Files (x86)\SoftDenchi\UCManSvc.exe
PRC - [2009/10/15 15:06:46 | 000,223,464 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
PRC - [2009/09/30 05:02:50 | 002,320,920 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2009/09/30 05:02:48 | 000,268,824 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe


========== Modules (No Company Name) ==========

MOD - [2012/05/16 21:26:32 | 000,088,496 | ---- | M] () -- C:\Program Files (x86)\SlimBrowser\EasyHook32.dll


========== Services (SafeList) ==========

SRV:64bit: - [2014/01/31 15:14:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/12/15 07:32:04 | 000,476,096 | ---- | M] (Protection Technology) [Disabled | Stopped] -- C:\Windows\SysNative\appdrvrem01.exe -- (appdrvrem01)
SRV:64bit: - [2013/12/09 19:14:39 | 015,129,376 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2012/06/17 00:52:14 | 000,098,576 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV:64bit: - [2010/12/28 01:00:34 | 001,296,728 | ---- | M] (www.BitComet.com) [On_Demand | Stopped] -- C:\Program Files\BitComet\tools\BitCometService.exe -- (BITCOMET_HELPER_SERVICE)
SRV:64bit: - [2010/04/06 17:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV:64bit: - [2009/10/16 13:10:44 | 001,039,872 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxdxcoms.exe -- (lxdx_device)
SRV:64bit: - [2009/10/16 13:00:52 | 000,029,184 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxdxserv.exe -- (lxdxCATSCustConnectService)
SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 18:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014/02/21 12:03:16 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/01/24 17:09:44 | 000,342,336 | ---- | M] (IObit) [Auto | Running] -- G:\IObit Malware Fighter PRO v2.3.0.13 Final\Ifighter\IMFsrv.exe -- (IMFservice)
SRV - [2013/12/20 01:57:21 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/12/19 13:20:16 | 000,411,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013/12/19 01:07:52 | 001,821,384 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe -- (IceDragonUpdater)
SRV - [2013/12/18 11:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/12/09 19:14:56 | 001,494,304 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2013/12/03 10:59:32 | 001,168,960 | ---- | M] (iolo technologies, LLC) [Auto | Running] -- C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService)
SRV - [2013/09/18 12:51:02 | 000,106,472 | ---- | M] (Razer Inc.) [Auto | Running] -- C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe -- (RzKLService)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/09/05 22:32:46 | 003,937,472 | ---- | M] (ThreatTrack Security, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\VIPRE\SBAMSvc.exe -- (SBAMSvc)
SRV - [2013/09/05 22:32:42 | 000,176,016 | ---- | M] (ThreatTrack Security, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\VIPRE\SBPIMSvc.exe -- (SBPIMSvc)
SRV - [2010/03/12 15:43:38 | 000,241,808 | ---- | M] (Paltiosoft Inc.) [Auto | Running] -- C:\Program Files (x86)\SoftDenchi\UCManSvc.exe -- (UCManSvc)
SRV - [2009/10/16 13:10:34 | 000,589,824 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\lxdxcoms.exe -- (lxdx_device)
SRV - [2009/10/16 13:00:52 | 000,029,184 | ---- | M] () [Auto | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\\lxdxserv.exe -- (lxdxCATSCustConnectService)
SRV - [2009/10/15 15:06:46 | 000,223,464 | ---- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe -- (BCUService)
SRV - [2009/09/30 05:02:50 | 002,320,920 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009/09/30 05:02:48 | 000,268,824 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/12/15 07:32:04 | 002,325,872 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\appdrv01.sys -- (appdrv01)
DRV:64bit: - [2013/12/05 01:42:30 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013/12/03 10:54:50 | 000,082,160 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\PDFsFilter.sys -- (PDFsFilter)
DRV:64bit: - [2013/12/03 10:54:48 | 000,030,752 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElRawDsk.sys -- (ElRawDisk)
DRV:64bit: - [2013/11/28 06:38:18 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012/06/17 00:52:12 | 000,166,576 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV:64bit: - [2012/03/16 22:49:37 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/09/22 22:01:54 | 000,311,144 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\RsFx0105.sys -- (RsFx0105)
DRV:64bit: - [2011/08/01 15:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2011/05/18 08:08:32 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2011/04/13 15:04:38 | 000,023,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)
DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/01/19 01:50:42 | 000,867,064 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/11/20 06:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 04:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 04:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010/10/26 12:08:08 | 000,406,632 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/08/25 20:36:04 | 010,611,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/07/27 02:47:46 | 000,040,960 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50a64.sys -- (MRESP50a64)
DRV:64bit: - [2010/07/27 02:47:36 | 000,043,008 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50a64.sys -- (MREMP50a64)
DRV:64bit: - [2010/04/27 12:56:38 | 000,021,544 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2009/09/16 21:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2014/02/25 01:14:00 | 000,057,024 | ---- | M] (Emsisoft GmbH) [File_System | On_Demand | Stopped] -- G:\test5\cleanhlp64.sys -- (cleanhlp)
DRV - [2014/02/25 01:13:56 | 000,026,176 | ---- | M] (Emsisoft GmbH) [File_System | System | Running] -- G:\test5\a2ddax64.sys -- (A2DDA)
DRV - [2013/11/26 16:00:30 | 000,086,352 | ---- | M] () [Kernel | On_Demand | Stopped] -- G:\AeriaGames\AuraKingdom\avital\hxsy64.sys -- (hxsyol)
DRV - [2013/11/19 17:10:36 | 000,034,848 | ---- | M] (IObit.com) [Kernel | On_Demand | Stopped] -- G:\IObit Malware Fighter PRO v2.3.0.13 Final\Ifighter\Drivers\win7_amd64\RegFilter.sys -- (RegFilter)
DRV - [2013/11/19 17:10:36 | 000,023,016 | ---- | M] (IObit.com) [Kernel | On_Demand | Stopped] -- G:\IObit Malware Fighter PRO v2.3.0.13 Final\Ifighter\Drivers\win7_amd64\UrlFilter.sys -- (UrlFilter)
DRV - [2013/03/23 16:48:48 | 000,023,048 | ---- | M] (IObit) [File_System | Disabled | Stopped] -- G:\IObit Malware Fighter PRO v2.3.0.13 Final\Ifighter\Drivers\win7_amd64\FileMonitor.sys -- (FileMonitor)
DRV - [2013/01/22 23:12:38 | 000,013,368 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI Afterburner\RTCore64.sys -- (RTCore64)
DRV - [2011/09/19 08:10:28 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2011/09/18 07:13:02 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2011/01/02 13:07:02 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\etdrv.sys -- (etdrv)
DRV - [2010/07/27 02:47:30 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2010/07/27 02:47:10 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2005/01/03 17:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)
DRV - [2004/10/05 10:40:18 | 000,015,872 | ---- | M] (Interlex Inc.) [Kernel | Auto | Stopped] -- C:\Program Files (x86)\VMLaunch\BuddyVM.sys -- ({09BB444F-B2E2-4009-BAF2-7B727681223E})


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {86EC86A2-FBC3-4A7A-9AFA-4928FBD37C05}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snapdo.c...Date=20/08/2013
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = G:\
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.c...Date=20/08/2013
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.c...Date=20/08/2013
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.c...Date=20/08/2013
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.c...Date=20/08/2013
IE - HKCU\..\SearchScopes,DefaultScope = {8EEC8A94-ED86-45f9-B203-1E16FA330C0E}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKCU\..\SearchScopes\{6D67D610-C4F7-4e90-8140-5114ED0E8A27}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\..\SearchScopes\{8EEC8A94-ED86-45f9-B203-1E16FA330C0E}: "URL" = http://www.google.co...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@g2.com/iggweb3dupdater: C:\Users\Donkey Kong\AppData\Roaming\IGG\Web3D\1.0.0.38\NPIGGWeb3DUpdater.dll (IGG)
FF - HKCU\Software\MozillaPlugins\@g2.com/joyconnectshell: C:\Users\Donkey Kong\AppData\Roaming\IGG\Web3D\1.0.0.38\NPJoyConnectShell.dll (IGG)
FF - HKCU\Software\MozillaPlugins\@tools.coowon.com/Coowon Update;version=3: C:\Users\Donkey Kong\AppData\Local\Coowon\Update\1.3.31.0\npCoowonUpdate3.dll (Coowon.)
FF - HKCU\Software\MozillaPlugins\@tools.coowon.com/Coowon Update;version=9: C:\Users\Donkey Kong\AppData\Local\Coowon\Update\1.3.31.0\npCoowonUpdate3.dll (Coowon.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Donkey Kong\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Donkey Kong\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Donkey Kong\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX [2012/05/03 07:47:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/01/18 23:25:53 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2011/02/12 23:58:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Donkey Kong\AppData\Roaming\mozilla\Extensions
[2014/03/08 19:01:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Donkey Kong\AppData\Roaming\mozilla\Firefox\Profiles\3bm2ao04.default\extensions
[2014/03/08 19:01:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Donkey Kong\AppData\Roaming\mozilla\Firefox\Profiles\3bm2ao04.default\extensions\trash
[2014/02/11 04:03:17 | 000,000,916 | ---- | M] () -- C:\Users\Donkey Kong\AppData\Roaming\mozilla\firefox\profiles\3bm2ao04.default\searchplugins\yahoo_ff.xml
[2014/03/08 15:09:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2014/03/08 15:09:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2014/03/08 15:09:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/03/08 15:09:06 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\PROGRAM FILES (X86)\IOBIT APPS TOOLBAR\FF

========== Chrome ==========

CHR - homepage: http://search.condui...B9B9DD846&SSPV=
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Donkey Kong\AppData\Local\Google\Chrome\Application\29.0.1547.62\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Donkey Kong\AppData\Local\Google\Chrome\Application\29.0.1547.62\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Donkey Kong\AppData\Local\Google\Chrome\Application\29.0.1547.62\pdf.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Donkey Kong\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Java™ Platform SE 7 U4 (Enabled) = C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Donkey Kong\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll
CHR - plugin: Java Deployment Toolkit 7.0.40.255 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll

O1 HOSTS File: ([2011/05/20 19:32:34 | 000,000,852 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 cadb.nflavor.com
O2:64bit: - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension64.dll ()
O2:64bit: - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (ATLAS Toolbar) - {3C6301ED-0F78-4AF2-8150-D9C052361A8E} - C:\Program Files (x86)\ATLAS V14\ATLIECP.DLL (FUJITSU LIMITED)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (VIPRE Search Guard Helper) - {963C8283-AE7F-4AA6-9B3B-847A8FC62C5E} - C:\Program Files (x86)\VIPRE\VSG.dll ()
O2 - BHO: (Ads Removal) - {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} - G:\IObit Malware Fighter PRO v2.3.0.13 Final\Ifighter\adsremoval\IE\Adblock.dll (Adblock)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {E8923E6B-A808-8214-0061-0C631B3A04EB} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (ATLAS Toolbar) - {3C6301ED-0F78-4AF2-8150-D9C052361A8E} - C:\Program Files (x86)\ATLAS V14\ATLIECP.DLL (FUJITSU LIMITED)
O3 - HKLM\..\Toolbar: (VIPRE Search Guard Toolbar) - {A924C17A-5E94-4E02-BED5-49720BA6F7FA} - C:\Program Files (x86)\VIPRE\VSG.dll ()
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O4:64bit: - HKLM..\Run: [ctfmon] C:\Windows\SysNative\ctfmon.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [EzPrint] C:\Program Files (x86)\Lexmark 3600-4600 Series\ezprint.exe (Lexmark International Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [lxdxmon.exe] C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe ()
O4:64bit: - HKLM..\Run: [New Value #2] “ctfmon”=”CTFMON.EXE” File not found
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SBRegRebootCleaner] C:\Program Files (x86)\VIPRE\SBRC.exe (ThreatTrack Security, Inc.)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [BCU] C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe ()
O4 - HKLM..\Run: [IObit Malware Fighter] G:\IObit Malware Fighter PRO v2.3.0.13 Final\Ifighter\IMF.exe (IObit)
O4 - HKLM..\Run: [NT Kernel Service] C:\NTKernel\nt32.exe -rundll32 /SYSTEM32 "C:\Windows\System32\taskmgr.exe" "C:\Program Files\Microsoft\Windows" File not found
O4 - Startup: C:\Users\Donkey Kong\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Update.Microsoft.com.url ()
F3:64bit: - HKCU WinNT: Load - (C:\NTKernel\nt32.exe) - C:\NTKernel\nt32.exe ()
F3 - HKCU WinNT: Load - (C:\NTKernel\nt32.exe) - C:\NTKernel\nt32.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O9 - Extra Button: ATLAS Translation - {B7707A72-4355-11D4-82BD-00000EBBEF8D} - C:\Program Files (x86)\ATLAS V14\atlscript.html ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: aeriagames.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: aeriagames.com ([]https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.syste...yri_4.5.1.0.cab (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F5F54B66-F45B-4D87-89F0-A41B18571B17}: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\vipresg - No CLSID value found
O18 - Protocol\Handler\vipresg {47BE2E5B-703B-444F-ABD3-05717D2191C6} - C:\Program Files (x86)\VIPRE\VSG.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - ("C:\ProgramData\load32.exe") - C:\ProgramData\load32.exe ()
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\AvastSvc.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27:64bit: - HKLM IFEO\AvastUI.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27:64bit: - HKLM IFEO\avcenter.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27:64bit: - HKLM IFEO\avconfig.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27:64bit: - HKLM IFEO\avgcsrvx.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27:64bit: - HKLM IFEO\avgidsagent.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27:64bit: - HKLM IFEO\avgnt.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27:64bit: - HKLM IFEO\avgrsx.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27:64bit: - HKLM IFEO\avguard.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27:64bit: - HKLM IFEO\avgui.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27:64bit: - HKLM IFEO\avgwdsvc.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27:64bit: - HKLM IFEO\avp.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27:64bit: - HKLM IFEO\avscan.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27:64bit: - HKLM IFEO\bdagent.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27:64bit: - HKLM IFEO\ccuac.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27:64bit: - HKLM IFEO\ComboFix.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27:64bit: - HKLM IFEO\egui.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27:64bit: - HKLM IFEO\hijackthis.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27:64bit: - HKLM IFEO\instup.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27:64bit: - HKLM IFEO\keyscrambler.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27:64bit: - HKLM IFEO\mbam.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27:64bit: - HKLM IFEO\mbamgui.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27:64bit: - HKLM IFEO\mbampt.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27:64bit: - HKLM IFEO\mbamscheduler.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27:64bit: - HKLM IFEO\mbamservice.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27:64bit: - HKLM IFEO\MpCmdRun.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27:64bit: - HKLM IFEO\MSASCui.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27:64bit: - HKLM IFEO\MsMpEng.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27:64bit: - HKLM IFEO\msseces.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27:64bit: - HKLM IFEO\rstrui.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27:64bit: - HKLM IFEO\SBAMSvc.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27:64bit: - HKLM IFEO\SBAMTray.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27:64bit: - HKLM IFEO\SBPIMSvc.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27:64bit: - HKLM IFEO\spybotsd.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27:64bit: - HKLM IFEO\wireshark.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27:64bit: - HKLM IFEO\zlclient.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27 - HKLM IFEO\AvastSvc.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27 - HKLM IFEO\AvastUI.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27 - HKLM IFEO\avcenter.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27 - HKLM IFEO\avconfig.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27 - HKLM IFEO\avgcsrvx.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27 - HKLM IFEO\avgidsagent.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27 - HKLM IFEO\avgnt.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27 - HKLM IFEO\avgrsx.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27 - HKLM IFEO\avguard.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27 - HKLM IFEO\avgui.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27 - HKLM IFEO\avgwdsvc.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27 - HKLM IFEO\avp.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27 - HKLM IFEO\avscan.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27 - HKLM IFEO\bdagent.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27 - HKLM IFEO\ccuac.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27 - HKLM IFEO\ComboFix.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27 - HKLM IFEO\egui.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27 - HKLM IFEO\hijackthis.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27 - HKLM IFEO\instup.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27 - HKLM IFEO\keyscrambler.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27 - HKLM IFEO\mbam.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27 - HKLM IFEO\mbamgui.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27 - HKLM IFEO\mbampt.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27 - HKLM IFEO\mbamscheduler.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27 - HKLM IFEO\mbamservice.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27 - HKLM IFEO\MpCmdRun.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27 - HKLM IFEO\MSASCui.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27 - HKLM IFEO\MsMpEng.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27 - HKLM IFEO\msseces.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27 - HKLM IFEO\rstrui.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27 - HKLM IFEO\SBAMSvc.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27 - HKLM IFEO\SBAMTray.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27 - HKLM IFEO\SBPIMSvc.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27 - HKLM IFEO\spybotsd.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27 - HKLM IFEO\wireshark.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O27 - HKLM IFEO\zlclient.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 60 Days ==========

[2014/03/09 14:28:10 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Donkey Kong\Desktop\OTL.exe
[2014/03/09 12:13:27 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2014/03/08 15:09:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/03/08 10:19:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
[2014/03/08 10:18:17 | 000,000,000 | ---D | C] -- C:\Users\Donkey Kong\AppData\Roaming\IObit
[2014/03/07 20:11:48 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2014/03/07 20:07:11 | 000,000,000 | ---D | C] -- C:\Users\Donkey Kong\AppData\Roaming\Malwarebytes
[2014/03/07 19:59:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2014/03/05 09:53:42 | 000,000,000 | -HSD | C] -- C:\found.000
[2014/02/26 00:34:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BLUEGALE
[2014/02/24 21:54:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2014/02/24 20:19:31 | 000,000,000 | ---D | C] -- C:\Program Files\Webroot
[2014/02/24 20:19:30 | 000,000,000 | ---D | C] -- C:\ProgramData\WRData
[2014/02/24 20:03:32 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2014/02/24 20:03:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2014/02/18 23:37:43 | 000,000,000 | ---D | C] -- C:\Users\Donkey Kong\Documents\セイバーフィッシュ
[2014/02/16 16:57:42 | 000,000,000 | ---D | C] -- C:\Users\Donkey Kong\Documents\ZION
[2014/02/14 18:20:55 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2014/02/14 17:28:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BackRex Internet Explorer Backup
[2014/02/14 17:28:00 | 000,000,000 | ---D | C] -- C:\BackRex Internet Explorer Backup
[2014/02/13 14:52:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WBFS to ISO
[2014/02/13 03:32:05 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014/02/13 03:23:59 | 000,000,000 | ---D | C] -- C:\ComboFix
[2014/02/13 03:23:26 | 005,180,679 | R--- | C] (Swearware) -- C:\Users\Donkey Kong\Desktop\ComboFix.exe
[2014/02/12 23:32:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\pk2
[2014/02/10 20:49:29 | 002,155,152 | ---- | C] (iolo technologies, LLC) -- C:\Windows\SysNative\Incinerator64.dll
[2014/02/10 20:49:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Mechanic
[2014/02/10 20:49:28 | 002,097,984 | ---- | C] (iolo technologies, LLC) -- C:\Windows\SysWow64\Incinerator32.dll
[2014/02/10 20:49:28 | 000,082,160 | ---- | C] (Raxco Software, Inc.) -- C:\Windows\SysNative\drivers\PDFsFilter.sys
[2014/02/10 20:49:19 | 000,057,584 | ---- | C] (iolo technologies, LLC) -- C:\Windows\SysNative\iolobtdfg.exe
[2014/02/10 20:49:19 | 000,026,184 | ---- | C] (iolo technologies, LLC) -- C:\Windows\SysNative\smrgdf.exe
[2014/02/10 20:49:18 | 000,000,000 | ---D | C] -- C:\Users\Donkey Kong\AppData\Roaming\ioloGovernor
[2014/02/10 20:48:26 | 000,030,752 | ---- | C] (EldoS Corporation) -- C:\Windows\SysNative\drivers\ElRawDsk.sys
[2014/02/10 20:47:55 | 000,000,000 | ---D | C] -- C:\Users\Donkey Kong\AppData\Roaming\iolo
[2014/02/10 20:16:55 | 000,000,000 | ---D | C] -- C:\ProgramData\iolo
[2014/02/10 20:16:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iolo
[2014/02/08 03:13:18 | 000,000,000 | ---D | C] -- C:\Users\Donkey Kong\Documents\Dolphin Emulator
[2014/02/08 03:12:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolphin
[2014/02/08 03:12:06 | 000,000,000 | ---D | C] -- C:\Users\Donkey Kong\Desktop\Dolphin
[2014/02/07 11:04:21 | 000,000,000 | ---D | C] -- C:\Users\Donkey Kong\AppData\Roaming\Unity
[2014/02/03 12:27:40 | 000,000,000 | ---D | C] -- C:\Users\Donkey Kong\Documents\aisare_savedata
[2014/02/03 12:02:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reon
[2014/02/02 19:15:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\My Daugther
[2014/02/02 19:05:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Comodo - Copy
[2014/01/31 14:12:49 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2014/01/31 14:09:53 | 000,093,696 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll
[2014/01/31 14:09:20 | 000,116,224 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll
[2014/01/27 08:59:36 | 000,000,000 | ---D | C] -- C:\Users\Donkey Kong\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Guilty
[2014/01/26 21:02:13 | 000,000,000 | ---D | C] -- C:\Users\Donkey Kong\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\piriri
[2014/01/26 20:59:29 | 000,000,000 | ---D | C] -- C:\Users\Donkey Kong\AppData\Roaming\piriri
[2014/01/26 20:55:49 | 000,000,000 | ---D | C] -- C:\Users\Donkey Kong\Desktop\Grisaia Info
[2014/01/26 01:36:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Puran File Recovery
[2014/01/26 01:36:36 | 000,000,000 | ---D | C] -- C:\Program Files\Puran File Recovery
[2014/01/25 12:57:21 | 000,000,000 | ---D | C] -- C:\Users\Donkey Kong\AppData\Roaming\deb27c1a-00e6-4263-94b2-8b78ea4d32ae
[2014/01/25 12:56:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VIPRE
[2014/01/25 12:56:44 | 000,000,000 | ---D | C] -- C:\ProgramData\VIPRE
[2014/01/25 12:56:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations
[2014/01/25 12:55:38 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\VIPRE
[2014/01/25 12:55:26 | 000,000,000 | ---D | C] -- C:\Users\Donkey Kong\AppData\Roaming\VIPRE
[2014/01/25 12:55:26 | 000,000,000 | ---D | C] -- C:\Users\Donkey Kong\AppData\Local\VIPRE
[2014/01/25 12:03:03 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
[2014/01/25 10:34:12 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2014/01/25 10:22:03 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2014/01/25 09:06:41 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2014/01/25 08:46:19 | 000,000,000 | ---D | C] -- C:\Users\Donkey Kong\AppData\Roaming\TuneUp Software
[2014/01/25 08:32:35 | 000,000,000 | R--D | C] -- C:\ProgramData\Malwarebytes
[2014/01/25 08:27:10 | 000,421,704 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\ckliqnlc.sys
[2014/01/25 08:27:03 | 000,421,704 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\vgoovxmq.sys
[2014/01/25 05:57:21 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014/01/25 04:43:26 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2014/01/25 04:35:08 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014/01/25 04:34:50 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2014/01/25 03:57:36 | 000,000,000 | ---D | C] -- C:\Program Files\Fighters
[2014/01/25 03:43:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox - Copy
[2014/01/25 03:15:11 | 000,000,000 | -H-D | C] -- C:\ProgramData\NTKernel
[2014/01/25 02:46:09 | 000,000,000 | -H-D | C] -- C:\NTKernel
[2014/01/22 14:26:22 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\new_gamedata
[2014/01/22 12:18:16 | 000,000,000 | ---D | C] -- C:\Users\Donkey Kong\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames
[2014/01/22 12:12:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames
[2014/01/22 12:12:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Aeria Games
[2014/01/22 12:11:34 | 000,000,000 | ---D | C] -- C:\Users\Donkey Kong\AppData\Roaming\Apple Computer
[2014/01/22 12:11:34 | 000,000,000 | ---D | C] -- C:\Users\Donkey Kong\AppData\Local\Apple Computer
[2014/01/22 12:11:16 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2014/01/22 12:10:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2014/01/22 12:10:33 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2014/01/22 12:09:42 | 000,000,000 | ---D | C] -- C:\Users\Donkey Kong\AppData\Local\Apple
[2014/01/22 12:09:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2014/01/22 11:34:55 | 000,000,000 | ---D | C] -- C:\Users\Donkey Kong\AppData\Local\Akamai
[2014/01/22 11:34:54 | 000,000,000 | ---D | C] -- C:\AeriaGames
[2014/01/16 05:12:17 | 000,000,000 | ---D | C] -- C:\Users\Donkey Kong\Documents\CYC_NO-NOS
[2014/01/16 05:11:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CYC_NO-NOS
[2014/01/14 01:41:48 | 000,000,000 | ---D | C] -- C:\Users\Donkey Kong\AppData\Roaming\Tanuki Soft
[2014/01/14 01:41:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\たぬきそふと
[2014/01/13 04:03:50 | 000,000,000 | ---D | C] -- C:\Users\Donkey Kong\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PHANTOMSOFT
[2014/01/09 16:26:06 | 000,000,000 | ---D | C] -- C:\first_launch
[2011/09/15 07:59:59 | 000,167,936 | ---- | C] (有限会社ツートツー/DELTA) -- C:\Users\Donkey Kong\AppData\Roaming\TAUNINST.EXE
[2007/04/24 00:00:20 | 000,176,128 | ---- | C] (アリスソフト) -- C:\Users\Donkey Kong\AppData\Local\Tempals_inst.exe

========== Files - Modified Within 60 Days ==========

[2014/03/09 15:15:00 | 000,000,724 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2481818962-1579234034-314252365-1000UA.job
[2014/03/09 15:03:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/03/09 14:28:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Donkey Kong\Desktop\OTL.exe
[2014/03/09 12:28:27 | 000,014,416 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/03/09 12:28:27 | 000,014,416 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/03/09 12:25:23 | 001,685,326 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/03/09 12:25:23 | 000,786,564 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/03/09 12:25:23 | 000,549,136 | ---- | M] () -- C:\Windows\SysNative\perfh011.dat
[2014/03/09 12:25:23 | 000,172,138 | ---- | M] () -- C:\Windows\SysNative\perfc011.dat
[2014/03/09 12:25:23 | 000,172,056 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/03/09 12:20:56 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2014/03/09 12:20:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/03/08 18:15:00 | 000,000,672 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2481818962-1579234034-314252365-1000Core.job
[2014/03/01 19:23:20 | 000,000,698 | ---- | M] () -- C:\Users\Donkey Kong\Desktop\GakuenNTR.exe - Shortcut.lnk
[2014/03/01 03:02:59 | 000,000,967 | ---- | M] () -- C:\Users\Public\Desktop\DS3 Tool.lnk
[2014/03/01 03:02:59 | 000,000,866 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/03/01 03:02:59 | 000,000,856 | ---- | M] () -- C:\Users\Public\Desktop\BitComet.lnk
[2014/02/26 18:37:17 | 000,000,702 | ---- | M] () -- C:\Users\Donkey Kong\Desktop\姦染 COMPLETE BOX メニュー.lnk
[2014/02/26 00:34:53 | 000,000,737 | ---- | M] () -- C:\Users\Public\Desktop\なつドキッ!.lnk
[2014/02/24 19:59:12 | 000,001,941 | ---- | M] () -- C:\Users\Donkey Kong\Application Data\Microsoft\Internet Explorer\Quick Launch\Avant Browser.lnk
[2014/02/16 16:59:52 | 000,000,830 | ---- | M] () -- C:\Users\Donkey Kong\Desktop\巨乳JK生主生ハメ生中出し.exe.lnk
[2014/02/14 18:34:59 | 000,440,040 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/02/14 18:22:00 | 001,669,838 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/02/14 17:28:00 | 000,001,534 | ---- | M] () -- C:\Users\Public\Desktop\BackRex Internet Explorer Backup.lnk
[2014/02/13 03:23:59 | 000,000,332 | ---- | M] () -- C:\Start_.cmd
[2014/02/13 03:19:25 | 005,180,679 | R--- | M] (Swearware) -- C:\Users\Donkey Kong\Desktop\ComboFix.exe
[2014/02/12 17:03:35 | 000,002,052 | ---- | M] () -- C:\Windows\epplauncher.mif
[2014/02/12 03:46:42 | 000,000,069 | ---- | M] () -- C:\Users\Donkey Kong\AppData\Roaming\mbam.context.scan
[2014/02/11 20:35:10 | 000,000,833 | ---- | M] () -- C:\Users\Donkey Kong\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2014/02/10 20:50:37 | 000,000,406 | ---- | M] () -- C:\Windows\SysNative\ioloBootDefrag.cfg
[2014/02/10 20:49:29 | 000,001,385 | ---- | M] () -- C:\Users\Donkey Kong\Desktop\System Mechanic.lnk
[2014/02/10 20:49:19 | 000,000,282 | ---- | M] () -- C:\Windows\tasks\iolo Process Governor.job
[2014/02/10 20:16:56 | 000,074,703 | ---- | M] () -- C:\Windows\SysWow64\mfc45.dat
[2014/02/04 14:47:33 | 000,000,538 | ---- | M] () -- C:\Users\Donkey Kong\Desktop\MeltyMoment.lnk
[2014/02/03 23:48:33 | 000,000,850 | ---- | M] () -- C:\Users\Donkey Kong\Desktop\SYOTAMANE.EXE - Shortcut.lnk
[2014/02/03 23:44:00 | 000,000,615 | ---- | M] () -- C:\Users\Donkey Kong\Desktop\桃色恋恋 ~姉妹とつむぐエッチな関係~.lnk
[2014/02/03 23:44:00 | 000,000,066 | ---- | M] () -- C:\Windows\AMML003.ini
[2014/02/03 12:02:15 | 000,000,641 | ---- | M] () -- C:\Users\Public\Desktop\愛サレるームメイト.lnk
[2014/02/02 19:15:19 | 000,000,674 | ---- | M] () -- C:\Users\Public\Desktop\恋人でできること.lnk
[2014/02/02 19:00:25 | 000,001,701 | ---- | M] () -- C:\Users\Donkey Kong\Desktop\ダークロード.lnk
[2014/02/02 06:14:05 | 000,243,712 | ---- | M] () -- C:\ProgramData\load32.exe
[2014/01/31 15:24:32 | 000,000,278 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{8C914C5E-67AB-46B5-AF54-98100DAD828C}.job
[2014/01/31 15:14:10 | 000,016,284 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/01/31 15:14:10 | 000,016,284 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2014/01/31 00:46:29 | 000,000,636 | ---- | M] () -- C:\Users\Donkey Kong\Desktop\机乙女.lnk
[2014/01/27 09:02:48 | 000,001,017 | ---- | M] () -- C:\Users\Donkey Kong\Desktop\yobai.exe - Shortcut.lnk
[2014/01/26 21:02:13 | 000,000,736 | ---- | M] () -- C:\Users\Donkey Kong\Desktop\きみと僕との騎士の日々‐楽園のシュバリエ‐.lnk
[2014/01/26 12:14:03 | 000,001,303 | ---- | M] () -- C:\Users\Donkey Kong\Desktop\熟恋母~ダチのママはマイダッチ~ - Shortcut.lnk
[2014/01/25 12:56:48 | 000,001,842 | ---- | M] () -- C:\Users\Public\Desktop\VIPRE.lnk
[2014/01/25 12:39:18 | 000,007,436 | ---- | M] () -- C:\Windows\SysNative\.crusader
[2014/01/25 08:27:10 | 000,421,704 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\ckliqnlc.sys
[2014/01/25 08:27:03 | 000,421,704 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\vgoovxmq.sys
[2014/01/25 05:25:18 | 000,020,840 | ---- | M] () -- C:\bootsqm.dat
[2014/01/25 02:46:57 | 000,000,046 | ---- | M] () -- C:\Users\Donkey Kong\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Update.Microsoft.com.url
[2014/01/22 14:10:40 | 000,001,060 | ---- | M] () -- C:\Users\Donkey Kong\Desktop\_Launcher.exe - Shortcut.lnk
[2014/01/22 11:38:09 | 000,000,598 | ---- | M] () -- C:\Users\Donkey Kong\Desktop\Mabinogi.exe - Shortcut.lnk
[2014/01/16 05:11:53 | 000,000,492 | ---- | M] () -- C:\Users\Donkey Kong\Desktop\midarana.exe - Shortcut.lnk
[2014/01/14 01:41:25 | 000,001,717 | ---- | M] () -- C:\Users\Public\Desktop\少交女HD版.lnk
[2014/01/13 04:04:54 | 000,001,125 | ---- | M] () -- C:\Users\Donkey Kong\Desktop\syakkinzuma.exe - Shortcut.lnk

========== Files Created - No Company Name ==========

[2014/03/01 19:23:20 | 000,000,698 | ---- | C] () -- C:\Users\Donkey Kong\Desktop\GakuenNTR.exe - Shortcut.lnk
[2014/02/26 18:37:17 | 000,000,702 | ---- | C] () -- C:\Users\Donkey Kong\Desktop\姦染 COMPLETE BOX メニュー.lnk
[2014/02/26 00:34:53 | 000,000,737 | ---- | C] () -- C:\Users\Public\Desktop\なつドキッ!.lnk
[2014/02/16 17:01:30 | 000,000,830 | ---- | C] () -- C:\Users\Donkey Kong\Desktop\巨乳JK生主生ハメ生中出し.exe.lnk
[2014/02/14 17:56:39 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2014/02/14 17:46:51 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2014/02/14 17:28:00 | 000,001,534 | ---- | C] () -- C:\Users\Public\Desktop\BackRex Internet Explorer Backup.lnk
[2014/02/12 12:31:24 | 000,243,712 | ---- | C] () -- C:\ProgramData\load32.exe
[2014/02/12 03:46:42 | 000,000,069 | ---- | C] () -- C:\Users\Donkey Kong\AppData\Roaming\mbam.context.scan
[2014/02/10 20:50:37 | 000,000,406 | ---- | C] () -- C:\Windows\SysNative\ioloBootDefrag.cfg
[2014/02/10 20:49:29 | 000,001,385 | ---- | C] () -- C:\Users\Donkey Kong\Desktop\System Mechanic.lnk
[2014/02/10 20:49:19 | 000,000,282 | ---- | C] () -- C:\Windows\tasks\iolo Process Governor.job
[2014/02/10 20:16:56 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dat
[2014/02/09 18:34:38 | 000,065,536 | ---- | C] () -- C:\Windows\SysNative\Ikeext.etl
[2014/02/04 14:47:33 | 000,000,538 | ---- | C] () -- C:\Users\Donkey Kong\Desktop\MeltyMoment.lnk
[2014/02/03 23:48:33 | 000,000,850 | ---- | C] () -- C:\Users\Donkey Kong\Desktop\SYOTAMANE.EXE - Shortcut.lnk
[2014/02/03 23:44:00 | 000,000,615 | ---- | C] () -- C:\Users\Donkey Kong\Desktop\桃色恋恋 ~姉妹とつむぐエッチな関係~.lnk
[2014/02/03 23:44:00 | 000,000,066 | ---- | C] () -- C:\Windows\AMML003.ini
[2014/02/03 12:02:15 | 000,000,641 | ---- | C] () -- C:\Users\Public\Desktop\愛サレるームメイト.lnk
[2014/02/02 19:15:19 | 000,000,674 | ---- | C] () -- C:\Users\Public\Desktop\恋人でできること.lnk
[2014/02/02 19:00:25 | 000,001,701 | ---- | C] () -- C:\Users\Donkey Kong\Desktop\ダークロード.lnk
[2014/01/31 15:24:32 | 000,000,278 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{8C914C5E-67AB-46B5-AF54-98100DAD828C}.job
[2014/01/31 15:14:10 | 000,016,284 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/01/31 15:14:10 | 000,016,284 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2014/01/31 14:10:12 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml
[2014/01/31 14:10:12 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml
[2014/01/31 14:10:11 | 000,146,389 | ---- | C] () -- C:\Windows\SysWow64\printmanagement.msc
[2014/01/31 14:09:28 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
[2014/01/31 14:09:28 | 000,095,744 | ---- | C] () -- C:\Windows\SysNative\RDVGHelper.exe
[2014/01/31 14:09:28 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml
[2014/01/31 14:09:27 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml
[2014/01/31 00:46:29 | 000,000,636 | ---- | C] () -- C:\Users\Donkey Kong\Desktop\机乙女.lnk
[2014/01/27 09:02:48 | 000,001,017 | ---- | C] () -- C:\Users\Donkey Kong\Desktop\yobai.exe - Shortcut.lnk
[2014/01/26 21:02:13 | 000,000,736 | ---- | C] () -- C:\Users\Donkey Kong\Desktop\きみと僕との騎士の日々‐楽園のシュバリエ‐.lnk
[2014/01/26 12:14:03 | 000,001,303 | ---- | C] () -- C:\Users\Donkey Kong\Desktop\熟恋母~ダチのママはマイダッチ~ - Shortcut.lnk
[2014/01/25 12:56:48 | 000,001,842 | ---- | C] () -- C:\Users\Public\Desktop\VIPRE.lnk
[2014/01/25 09:18:18 | 000,007,436 | ---- | C] () -- C:\Windows\SysNative\.crusader
[2014/01/25 06:11:12 | 000,002,052 | ---- | C] () -- C:\Windows\epplauncher.mif
[2014/01/25 05:25:18 | 000,020,840 | ---- | C] () -- C:\bootsqm.dat
[2014/01/25 04:35:57 | 000,000,332 | ---- | C] () -- C:\Start_.cmd
[2014/01/25 02:46:57 | 000,000,046 | ---- | C] () -- C:\Users\Donkey Kong\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Update.Microsoft.com.url
[2014/01/22 14:10:40 | 000,001,060 | ---- | C] () -- C:\Users\Donkey Kong\Desktop\_Launcher.exe - Shortcut.lnk
[2014/01/22 11:38:09 | 000,000,598 | ---- | C] () -- C:\Users\Donkey Kong\Desktop\Mabinogi.exe - Shortcut.lnk
[2014/01/16 05:11:53 | 000,000,492 | ---- | C] () -- C:\Users\Donkey Kong\Desktop\midarana.exe - Shortcut.lnk
[2014/01/14 01:41:25 | 000,001,717 | ---- | C] () -- C:\Users\Public\Desktop\少交女HD版.lnk
[2014/01/13 04:04:54 | 000,001,125 | ---- | C] () -- C:\Users\Donkey Kong\Desktop\syakkinzuma.exe - Shortcut.lnk
[2013/12/26 02:51:06 | 000,000,084 | ---- | C] () -- C:\Windows\AMML002.ini
[2013/04/07 14:03:50 | 000,000,062 | ---- | C] () -- C:\Windows\poison02_kazoku.ini
[2012/12/27 23:04:12 | 000,000,264 | ---- | C] () -- C:\Users\Donkey Kong\AppData\Roaming\DLTMPE.INI
[2012/09/28 12:45:06 | 000,247,296 | ---- | C] () -- C:\Windows\SysWow64\rtvcvfw32.dll
[2012/09/23 18:15:25 | 000,782,336 | ---- | C] () -- C:\Windows\SysWow64\lxdxdrs.dll
[2012/09/23 18:15:25 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\lxdxcaps.dll
[2012/09/23 18:15:25 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\lxdxcnv4.dll
[2012/09/23 18:15:08 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxinpa.dll
[2012/09/23 18:15:08 | 000,348,160 | ---- | C] () -- C:\Windows\SysWow64\LXDXinst.dll
[2012/09/23 18:15:08 | 000,339,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxiesc.dll
[2012/09/23 18:15:08 | 000,335,872 | ---- | C] () -- C:\Windows\SysWow64\lxdxcomx.dll
[2012/09/23 18:15:07 | 001,105,920 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxserv.dll
[2012/09/23 18:15:07 | 000,851,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxcomc.dll
[2012/09/23 18:15:07 | 000,843,776 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxusb1.dll
[2012/09/23 18:15:07 | 000,663,552 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxhbn3.dll
[2012/09/23 18:15:07 | 000,647,168 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxpmui.dll
[2012/09/23 18:15:07 | 000,589,824 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxcoms.exe
[2012/09/23 18:15:07 | 000,569,344 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxlmpm.dll
[2012/09/23 18:15:07 | 000,376,832 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxcomm.dll
[2012/09/23 18:15:07 | 000,360,448 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxcfg.exe
[2012/09/23 18:15:07 | 000,315,392 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxih.exe
[2012/09/23 18:15:07 | 000,053,248 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxprox.dll
[2012/04/28 01:18:46 | 000,000,666 | ---- | C] () -- C:\Windows\Wininit.INI
[2012/04/11 23:32:10 | 000,000,041 | ---- | C] () -- C:\Windows\.ini
[2011/04/12 19:40:27 | 000,000,632 | RHS- | C] () -- C:\Users\Donkey Kong\ntuser.pol
[2010/12/30 01:50:15 | 000,007,611 | ---- | C] () -- C:\Users\Donkey Kong\AppData\Local\Resmon.ResmonCfg

========== ZeroAccess Check ==========

[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 19:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 18:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 05:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Alternate Data Streams ==========

@Alternate Data Stream - 1948 bytes -> C:\Users\Donkey Kong\Templates:{c5a9ab1c-2ac7-40c6-8a5e-0ba38880fc25}
@Alternate Data Stream - 1948 bytes -> C:\Users\Donkey Kong\NetHood:{c5a9ab1c-2ac7-40c6-8a5e-0ba38880fc25}
@Alternate Data Stream - 1948 bytes -> C:\ProgramData:{c5a9ab1c-2ac7-40c6-8a5e-0ba38880fc25}

< End of report >
  • 0

Advertisements


#2
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts
:welcome:

  • Please double-click OTL.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  • Copy the entire content of the quote box (except the word quote) below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    :OTL
    F3:64bit: - HKCU WinNT: Load - (C:\NTKernel\nt32.exe) - C:\NTKernel\nt32.exe ()
    F3 - HKCU WinNT: Load - (C:\NTKernel\nt32.exe) - C:\NTKernel\nt32.exe ()
    O4 - HKLM..\Run: [NT Kernel Service] C:\NTKernel\nt32.exe -rundll32 /SYSTEM32 "C:\Windows\System32\taskmgr.exe" "C:\Program Files\Microsoft\Windows" File not found
    O27:64bit: - HKLM IFEO\AvastSvc.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27:64bit: - HKLM IFEO\AvastUI.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27:64bit: - HKLM IFEO\avcenter.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27:64bit: - HKLM IFEO\avconfig.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27:64bit: - HKLM IFEO\avgcsrvx.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27:64bit: - HKLM IFEO\avgidsagent.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27:64bit: - HKLM IFEO\avgnt.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27:64bit: - HKLM IFEO\avgrsx.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27:64bit: - HKLM IFEO\avguard.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27:64bit: - HKLM IFEO\avgui.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27:64bit: - HKLM IFEO\avgwdsvc.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27:64bit: - HKLM IFEO\avp.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27:64bit: - HKLM IFEO\avscan.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27:64bit: - HKLM IFEO\bdagent.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27:64bit: - HKLM IFEO\ccuac.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27:64bit: - HKLM IFEO\ComboFix.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27:64bit: - HKLM IFEO\egui.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27:64bit: - HKLM IFEO\hijackthis.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27:64bit: - HKLM IFEO\instup.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27:64bit: - HKLM IFEO\keyscrambler.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27:64bit: - HKLM IFEO\mbam.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27:64bit: - HKLM IFEO\mbamgui.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27:64bit: - HKLM IFEO\mbampt.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27:64bit: - HKLM IFEO\mbamscheduler.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27:64bit: - HKLM IFEO\mbamservice.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27:64bit: - HKLM IFEO\MpCmdRun.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27:64bit: - HKLM IFEO\MSASCui.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27:64bit: - HKLM IFEO\MsMpEng.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27:64bit: - HKLM IFEO\msseces.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27:64bit: - HKLM IFEO\rstrui.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27:64bit: - HKLM IFEO\SBAMSvc.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27:64bit: - HKLM IFEO\SBAMTray.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27:64bit: - HKLM IFEO\SBPIMSvc.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27:64bit: - HKLM IFEO\spybotsd.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27:64bit: - HKLM IFEO\wireshark.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27:64bit: - HKLM IFEO\zlclient.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27 - HKLM IFEO\AvastSvc.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27 - HKLM IFEO\AvastUI.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27 - HKLM IFEO\avcenter.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27 - HKLM IFEO\avconfig.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27 - HKLM IFEO\avgcsrvx.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27 - HKLM IFEO\avgidsagent.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27 - HKLM IFEO\avgnt.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27 - HKLM IFEO\avgrsx.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27 - HKLM IFEO\avguard.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27 - HKLM IFEO\avgui.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27 - HKLM IFEO\avgwdsvc.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27 - HKLM IFEO\avp.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27 - HKLM IFEO\avscan.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27 - HKLM IFEO\bdagent.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27 - HKLM IFEO\ccuac.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27 - HKLM IFEO\ComboFix.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27 - HKLM IFEO\egui.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27 - HKLM IFEO\hijackthis.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27 - HKLM IFEO\instup.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27 - HKLM IFEO\keyscrambler.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27 - HKLM IFEO\mbam.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27 - HKLM IFEO\mbamgui.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27 - HKLM IFEO\mbampt.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27 - HKLM IFEO\mbamscheduler.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27 - HKLM IFEO\mbamservice.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27 - HKLM IFEO\MpCmdRun.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27 - HKLM IFEO\MSASCui.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27 - HKLM IFEO\MsMpEng.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27 - HKLM IFEO\msseces.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27 - HKLM IFEO\rstrui.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27 - HKLM IFEO\SBAMSvc.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27 - HKLM IFEO\SBAMTray.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27 - HKLM IFEO\SBPIMSvc.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27 - HKLM IFEO\spybotsd.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27 - HKLM IFEO\wireshark.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found
    O27 - HKLM IFEO\zlclient.exe: Debugger - C:\Users\Donkey Kong\Documents\315load32.exe File not found

    :files
    C:\NTKernel

    :Commands
    [EMPTYTEMP]
    [RESETHOSTS]
    [EMPTYJAVA]
    [REBOOT]

  • Return to OTL, right click in the "Custom Scans/Fixes" window and choose Paste.
  • Click the red Run Fix button.
  • The computer will restart
  • A report will be produced and saved in the C:\_OTL\MovedFiles folder. Open that report and post its contents in a reply.

Upon the restart follow these steps:

Posted Image Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Download : ADWCleaner to your desktop.

NOTE: If using Internet Explorer and get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close all programs and click on the AdwCleaner icon.

Posted Image

Click on Scan and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.

The report will be saved in the C:\AdwCleaner folder. as AdwCleaner[S0].txt

Re-scan with OTL and post the new OTL.txt log.
  • 0

#3
Jcab

Jcab

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Here are they are.

OTL logfile created on: 2014/03/10 2:12:52 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Donkey Kong\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000411 | Country: Japan | Language: JPN | Date Format: yyyy/MM/dd

7.93 Gb Total Physical Memory | 5.98 Gb Available Physical Memory | 75.41% Memory free
10.86 Gb Paging File | 8.61 Gb Available in Paging File | 79.27% Paging File free
Paging file location(s): c:\pagefile.sys 3000 3000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 98.50 Gb Total Space | 3.08 Gb Free Space | 3.13% Space Free | Partition Type: NTFS
Drive E: | 199.50 Gb Total Space | 0.59 Gb Free Space | 0.30% Space Free | Partition Type: NTFS
Drive G: | 298.09 Gb Total Space | 106.73 Gb Free Space | 35.80% Space Free | Partition Type: NTFS

Computer Name: JOSE | User Name: Donkey Kong | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Donkey Kong\Desktop\OTL.exe (OldTimer Tools)
PRC - G:\IObit Malware Fighter PRO v2.3.0.13 Final\Ifighter\IMF.exe (IObit)
PRC - C:\Program Files (x86)\SlimBrowser\SBRender.exe (FlashPeak Inc.)
PRC - C:\Program Files (x86)\SlimBrowser\sbframe.exe (FlashPeak Inc.)
PRC - C:\ProgramData\load32.exe ()
PRC - G:\IObit Malware Fighter PRO v2.3.0.13 Final\Ifighter\IMFsrv.exe (IObit)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe ()
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\iolo\System Mechanic\SMTrayNotify.exe (iolo technologies, LLC)
PRC - C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe (iolo technologies, LLC)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe (Razer Inc.)
PRC - C:\Program Files (x86)\VIPRE\SBAMSvc.exe (ThreatTrack Security, Inc.)
PRC - C:\Program Files (x86)\VIPRE\SBPIMSvc.exe (ThreatTrack Security, Inc.)
PRC - C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\SoftDenchi\UCManSvc.exe (Paltiosoft Inc.)
PRC - C:\Program Files (x86)\Lexmark 3600-4600 Series\ezprint.exe (Lexmark International Inc.)
PRC - C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe ()
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)


========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\SlimBrowser\EasyHook32.dll ()
MOD - C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe ()
MOD - C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxcaps.dll ()
MOD - C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxscw.dll ()
MOD - C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxdrs.dll ()
MOD - C:\Program Files (x86)\Lexmark 3600-4600 Series\iptk.dll ()
MOD - C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxdatr.dll ()
MOD - C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxcnv4.dll ()
MOD - C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxcats.dll ()
MOD - C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxptp.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (appdrvrem01) -- C:\Windows\SysNative\appdrvrem01.exe (Protection Technology)
SRV:64bit: - (NvStreamSvc) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation)
SRV:64bit: - (SbieSvc) -- C:\Program Files\Sandboxie\SbieSvc.exe (SANDBOXIE L.T.D)
SRV:64bit: - (BITCOMET_HELPER_SERVICE) -- C:\Program Files\BitComet\tools\BitCometService.exe (www.BitComet.com)
SRV:64bit: - (AppleChargerSrv) -- C:\Windows\SysNative\AppleChargerSrv.exe ()
SRV:64bit: - (lxdx_device) -- C:\Windows\SysNative\lxdxcoms.exe ( )
SRV:64bit: - (lxdxCATSCustConnectService) -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxdxserv.exe ()
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (IMFservice) -- G:\IObit Malware Fighter PRO v2.3.0.13 Final\Ifighter\IMFsrv.exe (IObit)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (IceDragonUpdater) -- C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe ()
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (NvNetworkService) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
SRV - (ioloSystemService) -- C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe (iolo technologies, LLC)
SRV - (RzKLService) -- C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe (Razer Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SBAMSvc) -- C:\Program Files (x86)\VIPRE\SBAMSvc.exe (ThreatTrack Security, Inc.)
SRV - (SBPIMSvc) -- C:\Program Files (x86)\VIPRE\SBPIMSvc.exe (ThreatTrack Security, Inc.)
SRV - (UCManSvc) -- C:\Program Files (x86)\SoftDenchi\UCManSvc.exe (Paltiosoft Inc.)
SRV - (lxdx_device) -- C:\Windows\SysWOW64\lxdxcoms.exe ( )
SRV - (lxdxCATSCustConnectService) -- C:\Windows\system32\spool\DRIVERS\x64\3\\lxdxserv.exe ()
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (appdrv01) -- C:\Windows\SysNative\drivers\appdrv01.sys (Protection Technology)
DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation)
DRV:64bit: - (PDFsFilter) -- C:\Windows\SysNative\drivers\PDFsFilter.sys (Raxco Software, Inc.)
DRV:64bit: - (ElRawDisk) -- C:\Windows\SysNative\drivers\ElRawDsk.sys (EldoS Corporation)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (sbapifs) -- C:\Windows\SysNative\drivers\sbapifs.sys (ThreatTrack Security, Inc.)
DRV:64bit: - (SbieDrv) -- C:\Program Files\Sandboxie\SbieDrv.sys (SANDBOXIE L.T.D)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (RsFx0105) -- C:\Windows\SysNative\drivers\RsFx0105.sys (Microsoft Corporation)
DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation)
DRV:64bit: - (dc3d) -- C:\Windows\SysNative\drivers\dc3d.sys (Microsoft Corporation)
DRV:64bit: - (NuidFltr) -- C:\Windows\SysNative\drivers\nuidfltr.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys (Duplex Secure Ltd.)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (MRESP50a64) -- C:\Program Files\Common Files\Motive\MRESP50a64.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV:64bit: - (MREMP50a64) -- C:\Program Files\Common Files\Motive\MREMP50a64.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV:64bit: - (AppleCharger) -- C:\Windows\SysNative\drivers\AppleCharger.sys ()
DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (cleanhlp) -- G:\test5\cleanhlp64.sys (Emsisoft GmbH)
DRV - (A2DDA) -- G:\test5\a2ddax64.sys (Emsisoft GmbH)
DRV - (hxsyol) -- G:\AeriaGames\AuraKingdom\avital\hxsy64.sys ()
DRV - (RegFilter) -- G:\IObit Malware Fighter PRO v2.3.0.13 Final\Ifighter\Drivers\win7_amd64\RegFilter.sys (IObit.com)
DRV - (UrlFilter) -- G:\IObit Malware Fighter PRO v2.3.0.13 Final\Ifighter\Drivers\win7_amd64\UrlFilter.sys (IObit.com)
DRV - (FileMonitor) -- G:\IObit Malware Fighter PRO v2.3.0.13 Final\Ifighter\Drivers\win7_amd64\FileMonitor.sys (IObit)
DRV - (RTCore64) -- C:\Program Files (x86)\MSI Afterburner\RTCore64.sys ()
DRV - (gdrv) -- C:\Windows\gdrv.sys (Windows ® Server 2003 DDK provider)
DRV - (GVTDrv64) -- C:\Windows\GVTDrv64.sys ()
DRV - (etdrv) -- C:\Windows\etdrv.sys (Windows ® Server 2003 DDK provider)
DRV - (MRESP50) -- C:\Program Files (x86)\Common Files\Motive\MRESP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (MREMP50) -- C:\Program Files (x86)\Common Files\Motive\MREMP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (NPPTNT2) -- C:\Windows\SysWOW64\npptNT2.sys (INCA Internet Co., Ltd.)
DRV - ({09BB444F-B2E2-4009-BAF2-7B727681223E}) -- C:\Program Files (x86)\VMLaunch\BuddyVM.sys (Interlex Inc.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = G:\
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKCU\..\SearchScopes\{6D67D610-C4F7-4e90-8140-5114ED0E8A27}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\..\SearchScopes\{8EEC8A94-ED86-45f9-B203-1E16FA330C0E}: "URL" = http://www.google.co...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@g2.com/iggweb3dupdater: C:\Users\Donkey Kong\AppData\Roaming\IGG\Web3D\1.0.0.38\NPIGGWeb3DUpdater.dll (IGG)
FF - HKCU\Software\MozillaPlugins\@g2.com/joyconnectshell: C:\Users\Donkey Kong\AppData\Roaming\IGG\Web3D\1.0.0.38\NPJoyConnectShell.dll (IGG)
FF - HKCU\Software\MozillaPlugins\@tools.coowon.com/Coowon Update;version=3: C:\Users\Donkey Kong\AppData\Local\Coowon\Update\1.3.31.0\npCoowonUpdate3.dll (Coowon.)
FF - HKCU\Software\MozillaPlugins\@tools.coowon.com/Coowon Update;version=9: C:\Users\Donkey Kong\AppData\Local\Coowon\Update\1.3.31.0\npCoowonUpdate3.dll (Coowon.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Donkey Kong\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Donkey Kong\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Donkey Kong\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/01/18 23:25:53 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2011/02/12 23:58:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Donkey Kong\AppData\Roaming\mozilla\Extensions
[2014/03/08 19:01:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Donkey Kong\AppData\Roaming\mozilla\Firefox\Profiles\3bm2ao04.default\extensions
[2014/03/08 19:01:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Donkey Kong\AppData\Roaming\mozilla\Firefox\Profiles\3bm2ao04.default\extensions\trash
[2014/02/11 04:03:17 | 000,000,916 | ---- | M] () -- C:\Users\Donkey Kong\AppData\Roaming\mozilla\firefox\profiles\3bm2ao04.default\searchplugins\yahoo_ff.xml
[2014/03/10 01:34:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2014/03/08 15:09:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/03/08 15:09:06 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\PROGRAM FILES (X86)\IOBIT APPS TOOLBAR\FF

========== Chrome ==========

CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Donkey Kong\AppData\Local\Google\Chrome\Application\29.0.1547.62\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Donkey Kong\AppData\Local\Google\Chrome\Application\29.0.1547.62\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Donkey Kong\AppData\Local\Google\Chrome\Application\29.0.1547.62\pdf.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Donkey Kong\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Java™ Platform SE 7 U4 (Enabled) = C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Donkey Kong\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll
CHR - plugin: Java Deployment Toolkit 7.0.40.255 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll

O1 HOSTS File: ([2011/05/20 19:32:34 | 000,000,852 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 cadb.nflavor.com
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (ATLAS Toolbar) - {3C6301ED-0F78-4AF2-8150-D9C052361A8E} - C:\Program Files (x86)\ATLAS V14\ATLIECP.DLL (FUJITSU LIMITED)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (VIPRE Search Guard Helper) - {963C8283-AE7F-4AA6-9B3B-847A8FC62C5E} - C:\Program Files (x86)\VIPRE\VSG.dll ()
O2 - BHO: (Ads Removal) - {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} - G:\IObit Malware Fighter PRO v2.3.0.13 Final\Ifighter\adsremoval\IE\Adblock.dll (Adblock)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {E8923E6B-A808-8214-0061-0C631B3A04EB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (ATLAS Toolbar) - {3C6301ED-0F78-4AF2-8150-D9C052361A8E} - C:\Program Files (x86)\ATLAS V14\ATLIECP.DLL (FUJITSU LIMITED)
O3 - HKLM\..\Toolbar: (VIPRE Search Guard Toolbar) - {A924C17A-5E94-4E02-BED5-49720BA6F7FA} - C:\Program Files (x86)\VIPRE\VSG.dll ()
O4:64bit: - HKLM..\Run: [ctfmon] C:\Windows\SysNative\ctfmon.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [EzPrint] C:\Program Files (x86)\Lexmark 3600-4600 Series\ezprint.exe (Lexmark International Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [lxdxmon.exe] C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe ()
O4:64bit: - HKLM..\Run: [New Value #2] “ctfmon”=”CTFMON.EXE” File not found
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SBRegRebootCleaner] C:\Program Files (x86)\VIPRE\SBRC.exe (ThreatTrack Security, Inc.)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [IObit Malware Fighter] G:\IObit Malware Fighter PRO v2.3.0.13 Final\Ifighter\IMF.exe (IObit)
O4 - Startup: C:\Users\Donkey Kong\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Update.Microsoft.com.url ()
F3:64bit: - HKCU WinNT: Load - (C:\ProgramData\NTKernel\nt32.exe) - C:\ProgramData\NTKernel\nt32.exe ()
F3 - HKCU WinNT: Load - (C:\ProgramData\NTKernel\nt32.exe) - C:\ProgramData\NTKernel\nt32.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O9 - Extra Button: ATLAS Translation - {B7707A72-4355-11D4-82BD-00000EBBEF8D} - C:\Program Files (x86)\ATLAS V14\atlscript.html ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: aeriagames.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: aeriagames.com ([]https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.syste...yri_4.5.1.0.cab (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F5F54B66-F45B-4D87-89F0-A41B18571B17}: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\vipresg - No CLSID value found
O18 - Protocol\Handler\vipresg {47BE2E5B-703B-444F-ABD3-05717D2191C6} - C:\Program Files (x86)\VIPRE\VSG.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - ("C:\ProgramData\load32.exe") - C:\ProgramData\load32.exe ()
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 60 Days ==========

[2014/03/10 01:51:35 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/03/10 01:04:49 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/03/10 01:02:05 | 001,037,734 | ---- | C] (Thisisu) -- C:\Users\Donkey Kong\Desktop\JRT.exe
[2014/03/10 00:54:06 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/03/09 14:28:10 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Donkey Kong\Desktop\OTL.exe
[2014/03/09 12:13:27 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2014/03/08 15:09:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/03/08 10:19:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
[2014/03/08 10:18:17 | 000,000,000 | ---D | C] -- C:\Users\Donkey Kong\AppData\Roaming\IObit
[2014/03/07 20:11:48 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2014/03/07 20:07:11 | 000,000,000 | ---D | C] -- C:\Users\Donkey Kong\AppData\Roaming\Malwarebytes
[2014/03/07 19:59:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2014/03/05 09:53:42 | 000,000,000 | -HSD | C] -- C:\found.000
[2014/02/26 00:34:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BLUEGALE
[2014/02/24 21:54:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2014/02/24 20:19:31 | 000,000,000 | ---D | C] -- C:\Program Files\Webroot
[2014/02/24 20:19:30 | 000,000,000 | ---D | C] -- C:\ProgramData\WRData
[2014/02/24 20:03:32 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2014/02/24 20:03:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2014/02/18 23:37:43 | 000,000,000 | ---D | C] -- C:\Users\Donkey Kong\Documents\セイバーフィッシュ
[2014/02/16 16:57:42 | 000,000,000 | ---D | C] -- C:\Users\Donkey Kong\Documents\ZION
[2014/02/14 18:20:55 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2014/02/14 17:28:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BackRex Internet Explorer Backup
[2014/02/14 17:28:00 | 000,000,000 | ---D | C] -- C:\BackRex Internet Explorer Backup
[2014/02/13 14:52:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WBFS to ISO
[2014/02/13 03:32:05 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014/02/13 03:23:59 | 000,000,000 | ---D | C] -- C:\ComboFix
[2014/02/13 03:23:26 | 005,180,679 | R--- | C] (Swearware) -- C:\Users\Donkey Kong\Desktop\ComboFix.exe
[2014/02/12 23:32:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\pk2
[2014/02/10 20:49:29 | 002,155,152 | ---- | C] (iolo technologies, LLC) -- C:\Windows\SysNative\Incinerator64.dll
[2014/02/10 20:49:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Mechanic
[2014/02/10 20:49:28 | 002,097,984 | ---- | C] (iolo technologies, LLC) -- C:\Windows\SysWow64\Incinerator32.dll
[2014/02/10 20:49:28 | 000,082,160 | ---- | C] (Raxco Software, Inc.) -- C:\Windows\SysNative\drivers\PDFsFilter.sys
[2014/02/10 20:49:19 | 000,057,584 | ---- | C] (iolo technologies, LLC) -- C:\Windows\SysNative\iolobtdfg.exe
[2014/02/10 20:49:19 | 000,026,184 | ---- | C] (iolo technologies, LLC) -- C:\Windows\SysNative\smrgdf.exe
[2014/02/10 20:49:18 | 000,000,000 | ---D | C] -- C:\Users\Donkey Kong\AppData\Roaming\ioloGovernor
[2014/02/10 20:48:26 | 000,030,752 | ---- | C] (EldoS Corporation) -- C:\Windows\SysNative\drivers\ElRawDsk.sys
[2014/02/10 20:47:55 | 000,000,000 | ---D | C] -- C:\Users\Donkey Kong\AppData\Roaming\iolo
[2014/02/10 20:16:55 | 000,000,000 | ---D | C] -- C:\ProgramData\iolo
[2014/02/10 20:16:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iolo
[2014/02/08 03:13:18 | 000,000,000 | ---D | C] -- C:\Users\Donkey Kong\Documents\Dolphin Emulator
[2014/02/08 03:12:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolphin
[2014/02/08 03:12:06 | 000,000,000 | ---D | C] -- C:\Users\Donkey Kong\Desktop\Dolphin
[2014/02/07 11:04:21 | 000,000,000 | ---D | C] -- C:\Users\Donkey Kong\AppData\Roaming\Unity
[2014/02/03 12:27:40 | 000,000,000 | ---D | C] -- C:\Users\Donkey Kong\Documents\aisare_savedata
[2014/02/03 12:02:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reon
[2014/02/02 19:15:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\My Daugther
[2014/02/02 19:05:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Comodo - Copy
[2014/01/31 14:12:49 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2014/01/31 14:09:53 | 000,093,696 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll
[2014/01/31 14:09:20 | 000,116,224 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll
[2014/01/27 08:59:36 | 000,000,000 | ---D | C] -- C:\Users\Donkey Kong\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Guilty
[2014/01/26 21:02:13 | 000,000,000 | ---D | C] -- C:\Users\Donkey Kong\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\piriri
[2014/01/26 20:59:29 | 000,000,000 | ---D | C] -- C:\Users\Donkey Kong\AppData\Roaming\piriri
[2014/01/26 20:55:49 | 000,000,000 | ---D | C] -- C:\Users\Donkey Kong\Desktop\Grisaia Info
[2014/01/26 01:36:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Puran File Recovery
[2014/01/26 01:36:36 | 000,000,000 | ---D | C] -- C:\Program Files\Puran File Recovery
[2014/01/25 12:57:21 | 000,000,000 | ---D | C] -- C:\Users\Donkey Kong\AppData\Roaming\deb27c1a-00e6-4263-94b2-8b78ea4d32ae
[2014/01/25 12:56:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VIPRE
[2014/01/25 12:56:44 | 000,000,000 | ---D | C] -- C:\ProgramData\VIPRE
[2014/01/25 12:56:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations
[2014/01/25 12:55:38 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\VIPRE
[2014/01/25 12:55:26 | 000,000,000 | ---D | C] -- C:\Users\Donkey Kong\AppData\Roaming\VIPRE
[2014/01/25 12:55:26 | 000,000,000 | ---D | C] -- C:\Users\Donkey Kong\AppData\Local\VIPRE
[2014/01/25 12:03:03 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
[2014/01/25 10:34:12 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2014/01/25 10:22:03 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2014/01/25 09:06:41 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2014/01/25 08:46:19 | 000,000,000 | ---D | C] -- C:\Users\Donkey Kong\AppData\Roaming\TuneUp Software
[2014/01/25 08:32:35 | 000,000,000 | R--D | C] -- C:\ProgramData\Malwarebytes
[2014/01/25 08:27:10 | 000,421,704 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\ckliqnlc.sys
[2014/01/25 08:27:03 | 000,421,704 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\vgoovxmq.sys
[2014/01/25 05:57:21 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014/01/25 04:43:26 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2014/01/25 04:35:08 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014/01/25 04:34:50 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2014/01/25 03:57:36 | 000,000,000 | ---D | C] -- C:\Program Files\Fighters
[2014/01/25 03:43:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox - Copy
[2014/01/25 03:15:11 | 000,000,000 | -H-D | C] -- C:\ProgramData\NTKernel
[2014/01/25 02:46:09 | 000,000,000 | -H-D | C] -- C:\NTKernel
[2014/01/22 14:26:22 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\new_gamedata
[2014/01/22 12:18:16 | 000,000,000 | ---D | C] -- C:\Users\Donkey Kong\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames
[2014/01/22 12:12:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames
[2014/01/22 12:12:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Aeria Games
[2014/01/22 12:11:34 | 000,000,000 | ---D | C] -- C:\Users\Donkey Kong\AppData\Roaming\Apple Computer
[2014/01/22 12:11:34 | 000,000,000 | ---D | C] -- C:\Users\Donkey Kong\AppData\Local\Apple Computer
[2014/01/22 12:11:16 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2014/01/22 12:10:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2014/01/22 12:10:33 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2014/01/22 12:09:42 | 000,000,000 | ---D | C] -- C:\Users\Donkey Kong\AppData\Local\Apple
[2014/01/22 12:09:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2014/01/22 11:34:55 | 000,000,000 | ---D | C] -- C:\Users\Donkey Kong\AppData\Local\Akamai
[2014/01/22 11:34:54 | 000,000,000 | ---D | C] -- C:\AeriaGames
[2014/01/16 05:12:17 | 000,000,000 | ---D | C] -- C:\Users\Donkey Kong\Documents\CYC_NO-NOS
[2014/01/16 05:11:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CYC_NO-NOS
[2014/01/14 01:41:48 | 000,000,000 | ---D | C] -- C:\Users\Donkey Kong\AppData\Roaming\Tanuki Soft
[2014/01/14 01:41:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\たぬきそふと
[2014/01/13 04:03:50 | 000,000,000 | ---D | C] -- C:\Users\Donkey Kong\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PHANTOMSOFT
[2014/01/09 16:26:06 | 000,000,000 | ---D | C] -- C:\first_launch
[2011/09/15 07:59:59 | 000,167,936 | ---- | C] (有限会社ツートツー/DELTA) -- C:\Users\Donkey Kong\AppData\Roaming\TAUNINST.EXE
[2007/04/24 00:00:20 | 000,176,128 | ---- | C] (アリスソフト) -- C:\Users\Donkey Kong\AppData\Local\Tempals_inst.exe

========== Files - Modified Within 60 Days ==========

[2014/03/10 02:17:49 | 000,000,724 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2481818962-1579234034-314252365-1000UA.job
[2014/03/10 02:15:38 | 000,014,416 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/03/10 02:15:38 | 000,014,416 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/03/10 02:11:56 | 001,685,326 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/03/10 02:11:56 | 000,786,564 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/03/10 02:11:56 | 000,549,136 | ---- | M] () -- C:\Windows\SysNative\perfh011.dat
[2014/03/10 02:11:56 | 000,172,138 | ---- | M] () -- C:\Windows\SysNative\perfc011.dat
[2014/03/10 02:11:56 | 000,172,056 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/03/10 02:06:41 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2014/03/10 02:06:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/03/10 02:03:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/03/10 01:48:51 | 001,244,192 | ---- | M] () -- C:\Users\Donkey Kong\Desktop\AdwCleaner.exe
[2014/03/10 01:02:06 | 001,037,734 | ---- | M] (Thisisu) -- C:\Users\Donkey Kong\Desktop\JRT.exe
[2014/03/09 17:15:00 | 000,000,672 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2481818962-1579234034-314252365-1000Core.job
[2014/03/09 14:28:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Donkey Kong\Desktop\OTL.exe
[2014/03/01 19:23:20 | 000,000,698 | ---- | M] () -- C:\Users\Donkey Kong\Desktop\GakuenNTR.exe - Shortcut.lnk
[2014/03/01 03:02:59 | 000,000,967 | ---- | M] () -- C:\Users\Public\Desktop\DS3 Tool.lnk
[2014/03/01 03:02:59 | 000,000,866 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/03/01 03:02:59 | 000,000,856 | ---- | M] () -- C:\Users\Public\Desktop\BitComet.lnk
[2014/02/26 18:37:17 | 000,000,702 | ---- | M] () -- C:\Users\Donkey Kong\Desktop\姦染 COMPLETE BOX メニュー.lnk
[2014/02/26 00:34:53 | 000,000,737 | ---- | M] () -- C:\Users\Public\Desktop\なつドキッ!.lnk
[2014/02/24 19:59:12 | 000,001,941 | ---- | M] () -- C:\Users\Donkey Kong\Application Data\Microsoft\Internet Explorer\Quick Launch\Avant Browser.lnk
[2014/02/16 16:59:52 | 000,000,830 | ---- | M] () -- C:\Users\Donkey Kong\Desktop\巨乳JK生主生ハメ生中出し.exe.lnk
[2014/02/14 18:34:59 | 000,440,040 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/02/14 18:22:00 | 001,669,838 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/02/14 17:28:00 | 000,001,534 | ---- | M] () -- C:\Users\Public\Desktop\BackRex Internet Explorer Backup.lnk
[2014/02/13 03:23:59 | 000,000,332 | ---- | M] () -- C:\Start_.cmd
[2014/02/13 03:19:25 | 005,180,679 | R--- | M] (Swearware) -- C:\Users\Donkey Kong\Desktop\ComboFix.exe
[2014/02/12 17:03:35 | 000,002,052 | ---- | M] () -- C:\Windows\epplauncher.mif
[2014/02/12 03:46:42 | 000,000,069 | ---- | M] () -- C:\Users\Donkey Kong\AppData\Roaming\mbam.context.scan
[2014/02/11 20:35:10 | 000,000,833 | ---- | M] () -- C:\Users\Donkey Kong\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2014/02/10 20:50:37 | 000,000,406 | ---- | M] () -- C:\Windows\SysNative\ioloBootDefrag.cfg
[2014/02/10 20:49:29 | 000,001,385 | ---- | M] () -- C:\Users\Donkey Kong\Desktop\System Mechanic.lnk
[2014/02/10 20:49:19 | 000,000,282 | ---- | M] () -- C:\Windows\tasks\iolo Process Governor.job
[2014/02/10 20:16:56 | 000,074,703 | ---- | M] () -- C:\Windows\SysWow64\mfc45.dat
[2014/02/04 14:47:33 | 000,000,538 | ---- | M] () -- C:\Users\Donkey Kong\Desktop\MeltyMoment.lnk
[2014/02/03 23:48:33 | 000,000,850 | ---- | M] () -- C:\Users\Donkey Kong\Desktop\SYOTAMANE.EXE - Shortcut.lnk
[2014/02/03 23:44:00 | 000,000,615 | ---- | M] () -- C:\Users\Donkey Kong\Desktop\桃色恋恋 ~姉妹とつむぐエッチな関係~.lnk
[2014/02/03 23:44:00 | 000,000,066 | ---- | M] () -- C:\Windows\AMML003.ini
[2014/02/03 12:02:15 | 000,000,641 | ---- | M] () -- C:\Users\Public\Desktop\愛サレるームメイト.lnk
[2014/02/02 19:15:19 | 000,000,674 | ---- | M] () -- C:\Users\Public\Desktop\恋人でできること.lnk
[2014/02/02 19:00:25 | 000,001,701 | ---- | M] () -- C:\Users\Donkey Kong\Desktop\ダークロード.lnk
[2014/02/02 06:14:05 | 000,243,712 | ---- | M] () -- C:\ProgramData\load32.exe
[2014/01/31 15:24:32 | 000,000,278 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{8C914C5E-67AB-46B5-AF54-98100DAD828C}.job
[2014/01/31 15:14:10 | 000,016,284 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/01/31 15:14:10 | 000,016,284 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2014/01/31 00:46:29 | 000,000,636 | ---- | M] () -- C:\Users\Donkey Kong\Desktop\机乙女.lnk
[2014/01/27 09:02:48 | 000,001,017 | ---- | M] () -- C:\Users\Donkey Kong\Desktop\yobai.exe - Shortcut.lnk
[2014/01/26 21:02:13 | 000,000,736 | ---- | M] () -- C:\Users\Donkey Kong\Desktop\きみと僕との騎士の日々‐楽園のシュバリエ‐.lnk
[2014/01/26 12:14:03 | 000,001,303 | ---- | M] () -- C:\Users\Donkey Kong\Desktop\熟恋母~ダチのママはマイダッチ~ - Shortcut.lnk
[2014/01/25 12:56:48 | 000,001,842 | ---- | M] () -- C:\Users\Public\Desktop\VIPRE.lnk
[2014/01/25 12:39:18 | 000,007,436 | ---- | M] () -- C:\Windows\SysNative\.crusader
[2014/01/25 08:27:10 | 000,421,704 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\ckliqnlc.sys
[2014/01/25 08:27:03 | 000,421,704 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\vgoovxmq.sys
[2014/01/25 05:25:18 | 000,020,840 | ---- | M] () -- C:\bootsqm.dat
[2014/01/25 02:46:57 | 000,000,046 | ---- | M] () -- C:\Users\Donkey Kong\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Update.Microsoft.com.url
[2014/01/22 14:10:40 | 000,001,060 | ---- | M] () -- C:\Users\Donkey Kong\Desktop\_Launcher.exe - Shortcut.lnk
[2014/01/22 11:38:09 | 000,000,598 | ---- | M] () -- C:\Users\Donkey Kong\Desktop\Mabinogi.exe - Shortcut.lnk
[2014/01/16 05:11:53 | 000,000,492 | ---- | M] () -- C:\Users\Donkey Kong\Desktop\midarana.exe - Shortcut.lnk
[2014/01/14 01:41:25 | 000,001,717 | ---- | M] () -- C:\Users\Public\Desktop\少交女HD版.lnk
[2014/01/13 04:04:54 | 000,001,125 | ---- | M] () -- C:\Users\Donkey Kong\Desktop\syakkinzuma.exe - Shortcut.lnk

========== Files Created - No Company Name ==========

[2014/03/10 01:51:42 | 001,244,192 | ---- | C] () -- C:\Users\Donkey Kong\Desktop\AdwCleaner.exe
[2014/03/01 19:23:20 | 000,000,698 | ---- | C] () -- C:\Users\Donkey Kong\Desktop\GakuenNTR.exe - Shortcut.lnk
[2014/02/26 18:37:17 | 000,000,702 | ---- | C] () -- C:\Users\Donkey Kong\Desktop\姦染 COMPLETE BOX メニュー.lnk
[2014/02/26 00:34:53 | 000,000,737 | ---- | C] () -- C:\Users\Public\Desktop\なつドキッ!.lnk
[2014/02/16 17:01:30 | 000,000,830 | ---- | C] () -- C:\Users\Donkey Kong\Desktop\巨乳JK生主生ハメ生中出し.exe.lnk
[2014/02/14 17:56:39 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2014/02/14 17:46:51 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2014/02/14 17:28:00 | 000,001,534 | ---- | C] () -- C:\Users\Public\Desktop\BackRex Internet Explorer Backup.lnk
[2014/02/12 12:31:24 | 000,243,712 | ---- | C] () -- C:\ProgramData\load32.exe
[2014/02/12 03:46:42 | 000,000,069 | ---- | C] () -- C:\Users\Donkey Kong\AppData\Roaming\mbam.context.scan
[2014/02/10 20:50:37 | 000,000,406 | ---- | C] () -- C:\Windows\SysNative\ioloBootDefrag.cfg
[2014/02/10 20:49:29 | 000,001,385 | ---- | C] () -- C:\Users\Donkey Kong\Desktop\System Mechanic.lnk
[2014/02/10 20:49:19 | 000,000,282 | ---- | C] () -- C:\Windows\tasks\iolo Process Governor.job
[2014/02/10 20:16:56 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dat
[2014/02/09 18:34:38 | 000,065,536 | ---- | C] () -- C:\Windows\SysNative\Ikeext.etl
[2014/02/04 14:47:33 | 000,000,538 | ---- | C] () -- C:\Users\Donkey Kong\Desktop\MeltyMoment.lnk
[2014/02/03 23:48:33 | 000,000,850 | ---- | C] () -- C:\Users\Donkey Kong\Desktop\SYOTAMANE.EXE - Shortcut.lnk
[2014/02/03 23:44:00 | 000,000,615 | ---- | C] () -- C:\Users\Donkey Kong\Desktop\桃色恋恋 ~姉妹とつむぐエッチな関係~.lnk
[2014/02/03 23:44:00 | 000,000,066 | ---- | C] () -- C:\Windows\AMML003.ini
[2014/02/03 12:02:15 | 000,000,641 | ---- | C] () -- C:\Users\Public\Desktop\愛サレるームメイト.lnk
[2014/02/02 19:15:19 | 000,000,674 | ---- | C] () -- C:\Users\Public\Desktop\恋人でできること.lnk
[2014/02/02 19:00:25 | 000,001,701 | ---- | C] () -- C:\Users\Donkey Kong\Desktop\ダークロード.lnk
[2014/01/31 15:24:32 | 000,000,278 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{8C914C5E-67AB-46B5-AF54-98100DAD828C}.job
[2014/01/31 15:14:10 | 000,016,284 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/01/31 15:14:10 | 000,016,284 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2014/01/31 14:10:12 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml
[2014/01/31 14:10:12 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml
[2014/01/31 14:10:11 | 000,146,389 | ---- | C] () -- C:\Windows\SysWow64\printmanagement.msc
[2014/01/31 14:09:28 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
[2014/01/31 14:09:28 | 000,095,744 | ---- | C] () -- C:\Windows\SysNative\RDVGHelper.exe
[2014/01/31 14:09:28 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml
[2014/01/31 14:09:27 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml
[2014/01/31 00:46:29 | 000,000,636 | ---- | C] () -- C:\Users\Donkey Kong\Desktop\机乙女.lnk
[2014/01/27 09:02:48 | 000,001,017 | ---- | C] () -- C:\Users\Donkey Kong\Desktop\yobai.exe - Shortcut.lnk
[2014/01/26 21:02:13 | 000,000,736 | ---- | C] () -- C:\Users\Donkey Kong\Desktop\きみと僕との騎士の日々‐楽園のシュバリエ‐.lnk
[2014/01/26 12:14:03 | 000,001,303 | ---- | C] () -- C:\Users\Donkey Kong\Desktop\熟恋母~ダチのママはマイダッチ~ - Shortcut.lnk
[2014/01/25 12:56:48 | 000,001,842 | ---- | C] () -- C:\Users\Public\Desktop\VIPRE.lnk
[2014/01/25 09:18:18 | 000,007,436 | ---- | C] () -- C:\Windows\SysNative\.crusader
[2014/01/25 06:11:12 | 000,002,052 | ---- | C] () -- C:\Windows\epplauncher.mif
[2014/01/25 05:25:18 | 000,020,840 | ---- | C] () -- C:\bootsqm.dat
[2014/01/25 04:35:57 | 000,000,332 | ---- | C] () -- C:\Start_.cmd
[2014/01/25 02:46:57 | 000,000,046 | ---- | C] () -- C:\Users\Donkey Kong\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Update.Microsoft.com.url
[2014/01/22 14:10:40 | 000,001,060 | ---- | C] () -- C:\Users\Donkey Kong\Desktop\_Launcher.exe - Shortcut.lnk
[2014/01/22 11:38:09 | 000,000,598 | ---- | C] () -- C:\Users\Donkey Kong\Desktop\Mabinogi.exe - Shortcut.lnk
[2014/01/16 05:11:53 | 000,000,492 | ---- | C] () -- C:\Users\Donkey Kong\Desktop\midarana.exe - Shortcut.lnk
[2014/01/14 01:41:25 | 000,001,717 | ---- | C] () -- C:\Users\Public\Desktop\少交女HD版.lnk
[2014/01/13 04:04:54 | 000,001,125 | ---- | C] () -- C:\Users\Donkey Kong\Desktop\syakkinzuma.exe - Shortcut.lnk
[2013/12/26 02:51:06 | 000,000,084 | ---- | C] () -- C:\Windows\AMML002.ini
[2013/04/07 14:03:50 | 000,000,062 | ---- | C] () -- C:\Windows\poison02_kazoku.ini
[2012/12/27 23:04:12 | 000,000,264 | ---- | C] () -- C:\Users\Donkey Kong\AppData\Roaming\DLTMPE.INI
[2012/09/28 12:45:06 | 000,247,296 | ---- | C] () -- C:\Windows\SysWow64\rtvcvfw32.dll
[2012/09/23 18:15:25 | 000,782,336 | ---- | C] () -- C:\Windows\SysWow64\lxdxdrs.dll
[2012/09/23 18:15:25 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\lxdxcaps.dll
[2012/09/23 18:15:25 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\lxdxcnv4.dll
[2012/09/23 18:15:08 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxinpa.dll
[2012/09/23 18:15:08 | 000,348,160 | ---- | C] () -- C:\Windows\SysWow64\LXDXinst.dll
[2012/09/23 18:15:08 | 000,339,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxiesc.dll
[2012/09/23 18:15:08 | 000,335,872 | ---- | C] () -- C:\Windows\SysWow64\lxdxcomx.dll
[2012/09/23 18:15:07 | 001,105,920 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxserv.dll
[2012/09/23 18:15:07 | 000,851,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxcomc.dll
[2012/09/23 18:15:07 | 000,843,776 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxusb1.dll
[2012/09/23 18:15:07 | 000,663,552 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxhbn3.dll
[2012/09/23 18:15:07 | 000,647,168 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxpmui.dll
[2012/09/23 18:15:07 | 000,589,824 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxcoms.exe
[2012/09/23 18:15:07 | 000,569,344 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxlmpm.dll
[2012/09/23 18:15:07 | 000,376,832 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxcomm.dll
[2012/09/23 18:15:07 | 000,360,448 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxcfg.exe
[2012/09/23 18:15:07 | 000,315,392 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxih.exe
[2012/09/23 18:15:07 | 000,053,248 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxprox.dll
[2012/04/28 01:18:46 | 000,000,666 | ---- | C] () -- C:\Windows\Wininit.INI
[2012/04/11 23:32:10 | 000,000,041 | ---- | C] () -- C:\Windows\.ini
[2011/04/12 19:40:27 | 000,000,632 | RHS- | C] () -- C:\Users\Donkey Kong\ntuser.pol
[2010/12/30 01:50:15 | 000,007,611 | ---- | C] () -- C:\Users\Donkey Kong\AppData\Local\Resmon.ResmonCfg

========== ZeroAccess Check ==========

[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 19:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 18:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 05:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/08/20 14:21:35 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\Aile
[2013/07/10 12:29:44 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\AlarmClock
[2012/07/09 22:00:13 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\Avant Downloader
[2013/06/15 05:59:39 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\BDL+D
[2012/11/20 23:07:15 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\BDL+P
[2014/02/12 16:42:49 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\BitComet
[2010/12/30 20:04:16 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\BITS
[2012/08/30 18:45:12 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\bluegale
[2013/12/30 03:58:36 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\cjklib
[2013/05/18 11:53:18 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\Coby
[2014/02/12 16:42:49 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\CometPlayer
[2012/03/16 23:02:39 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\DAEMON Tools Lite
[2010/12/24 22:02:09 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\DAEMON Tools Pro
[2014/01/25 12:57:21 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\deb27c1a-00e6-4263-94b2-8b78ea4d32ae
[2011/01/10 17:28:29 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\dieselmine
[2014/01/31 05:35:23 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\DVDVideoSoft
[2011/06/02 09:19:59 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\EGIS
[2013/12/30 04:08:56 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\enchant
[2011/03/29 23:32:24 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\FFSJ
[2010/12/29 04:53:07 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\FlashGet
[2010/12/29 04:53:06 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\FlashGetBHO
[2013/08/04 22:53:10 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\Frontwing
[2014/02/12 16:42:49 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\FrostWire
[2011/04/22 22:36:31 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\Fujitsu
[2013/04/21 00:33:09 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\HdoC
[2013/12/11 20:02:23 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\Hulotte
[2013/07/06 01:29:13 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\IGG
[2013/12/10 23:11:14 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\INTERHEART
[2014/03/08 10:18:17 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\IObit
[2014/02/10 20:50:24 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\iolo
[2014/02/10 20:49:18 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\ioloGovernor
[2014/01/01 18:22:58 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\LolClient
[2014/01/31 00:50:37 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\Mink
[2013/04/28 19:42:56 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\more
[2013/06/24 22:07:07 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\MotioninJoy
[2011/08/16 11:05:09 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\Musicmatch
[2012/02/14 04:07:41 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\MyAdv
[2011/05/24 15:03:10 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\Opera
[2013/12/30 03:59:10 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\org.sakuradite.reader
[2012/05/25 23:09:41 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\PE Explorer
[2014/01/26 20:59:29 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\piriri
[2012/12/28 20:13:15 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\Puzzlebox
[2013/03/17 11:15:02 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\RenPy
[2011/01/19 18:32:37 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\Reviversoft
[2013/12/28 18:18:34 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\Riot Games
[2010/12/25 06:06:47 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\savedata
[2014/03/10 02:13:52 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\SlimBrowser
[2012/12/08 06:42:30 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\SOFTPAL
[2014/01/14 01:41:48 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\Tanuki Soft
[2011/08/16 11:24:41 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\tigerplayer
[2014/01/25 08:46:19 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\TuneUp Software
[2014/02/07 11:04:21 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\Unity
[2014/03/09 02:34:37 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\uTorrent
[2014/01/25 22:25:20 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\VIPRE
[2013/12/04 01:32:59 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\WillPlus
[2012/07/02 14:04:29 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\ういんどみる
[2013/04/04 00:15:56 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\じぃすぽっと
[2012/10/27 03:46:50 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\すたじお緑茶
[2013/12/20 17:09:20 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\フロントウイング
[2012/10/06 15:00:16 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\優しい魔法の唱え方 SaveData
[2012/02/27 14:17:20 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\普通じゃない SaveData
[2012/08/12 11:52:30 | 000,000,000 | ---D | M] -- C:\Users\Donkey Kong\AppData\Roaming\魔王の淫具 SaveData

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 1948 bytes -> C:\Users\Donkey Kong\Templates:{c5a9ab1c-2ac7-40c6-8a5e-0ba38880fc25}
@Alternate Data Stream - 1948 bytes -> C:\Users\Donkey Kong\NetHood:{c5a9ab1c-2ac7-40c6-8a5e-0ba38880fc25}
@Alternate Data Stream - 1948 bytes -> C:\ProgramData:{c5a9ab1c-2ac7-40c6-8a5e-0ba38880fc25}

< End of report >

Attached Files


  • 0

#4
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts
Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Make sure that under Optional Scans, there is a checkmark on Addition.txt and Shortcut.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another two logs (Addition.txt and Shortcut.txt). Please attach these to your reply.

  • 0

#5
Jcab

Jcab

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Here you go.

Attached Files


  • 0

#6
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts
Please remove the following program throughout the Control Panel:

BrowseToSave

Download the enclosed file.

Save it in the same location FRST is saved.

Run FRST and click on the Fix button. Wait until finished.

The tool will make a log in the same location FRST is saved, (Fixlog.txt) please post it to your reply.

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    Posted Image
  • Put a checkmark beside loaded modules.
    Posted Image
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
    Posted Image
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
    Posted Image
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Posted Image
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

  • 0

#7
Jcab

Jcab

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Here you go.

Attached Files


  • 0

#8
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts
All looks clear. How is the computer doing?
  • 0

#9
Jcab

Jcab

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Yes, I noticed I could install Avg now without getting the Access denied problem, I've yet to try seeing what other programs that gave me the same error say but I'll have to try when I have a bit more available time. Though it still happens with one of my web browsers, like this:
Posted Image
The not win32 problem that was happening with some programs is still there, mainly one of my web browsers (I'll try re-installing it later) but not sure what i'll do for the rest.
Also to add on, I ran one of my programs that displays a few of my current "status" and it says "Current privileges : Not Aadministrator". I've always been the only user and administrator of this computer so not sure if its just an error.

I still have that weird error of not being able to access my documents folder however, guess that would be just a problem on my end?
  • 0

#10
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts
Download Windows Repair (All in One) from here

Install the program then run it. (Be patient as it should take some time to finish)

NOTE 1. In Windows Vista, 7 and 8 right click on the program, click "Run As Administrator".
NOTE 2. Disable your antivirus program before running Windows Repair.


Go to Step 2 and allow it to run CheckDisk by clicking on Do It button:

Posted Image


Once that is done then go to Step 3 and allow it to run System File Check by clicking on Do It button:

Posted Image


Go to Step 4 and under "System Restore" click on Create button:

Posted Image


Go to Start Repairs tab and click Start button.

Leave all checkmarks as they're.
NOTE for Windows 8 users. Reset Registry Permissions is NOT checked by design.

Click on Start button.

Posted Image

Post Windows Repair log (_windows_repair_log.txt) which is located in the following folder:

64-bit systems - C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Logs

32-bit systems - C:\Program Files\Tweaking.com\Windows Repair (All in One)\Logs
  • 0

Advertisements


#11
Jcab

Jcab

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
This is the _Windows_Repair_Log.txt that was inside the 2014.03.14_13.24.14 folder under the specefied folder.
The web browser that I showed in the screen shot now works, however the problem with not being able to access my folders in my documents still remains.

Attached Files


  • 0

#12
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts
What is the error message when you attempt to open a file in your documents?
  • 0

#13
Jcab

Jcab

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
It'd be this one:
Posted Image
  • 0

#14
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts
Download the enclosed file.

Save and extract its contents to the desktop.

Once extracted, open the folder and click on the RunMe.bat file.

Please post back the contents to the Report.txt that will be produced.
  • 0

#15
Jcab

Jcab

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Here it is.

Attached Files


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP