Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Games Lagging after 10ish minutes


  • Please log in to reply

#1
Terryc250

Terryc250

    Member

  • Member
  • PipPip
  • 54 posts

For some reason after playing games online for about 10 minutes i'll get high latency delay.  I think it might have to do with spyware on my computer.

 

OTL logfile created on: 6/6/2014 12:28:51 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = A:\Users\Terry\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.98 Gb Total Physical Memory | 1.80 Gb Available Physical Memory | 45.29% Memory free
11.26 Gb Paging File | 8.39 Gb Available in Paging File | 74.55% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111.69 Gb Total Space | 36.95 Gb Free Space | 33.08% Space Free | Partition Type: NTFS
Drive F: | 931.51 Gb Total Space | 761.63 Gb Free Space | 81.76% Space Free | Partition Type: NTFS
 
Computer Name: TERRY-PC | User Name: terry | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/06/06 00:28:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- A:\Users\Terry\Downloads\OTL.exe
PRC - [2014/05/29 10:36:48 | 001,754,816 | ---- | M] (Valve Corporation) -- F:\Program Files (x86)\Steam\Steam.exe
PRC - [2014/05/19 16:10:40 | 000,413,128 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2014/01/20 11:10:14 | 000,746,904 | ---- | M] (OpenVPN Technologies, Inc) -- A:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ptcore.exe
PRC - [2014/01/20 11:10:14 | 000,017,816 | ---- | M] (OpenVPN Technologies, Inc) -- A:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ptservice.exe
PRC - [2014/01/09 22:26:44 | 001,861,968 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2013/12/10 04:11:08 | 000,317,792 | ---- | M] (Steganos Software GmbH) -- C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe
PRC - [2013/08/07 02:42:30 | 004,308,320 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2012/12/18 15:29:16 | 000,045,056 | ---- | M] () -- C:\Windows\SysWOW64\UTSCSI.EXE
PRC - [2012/12/18 12:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/12/07 01:30:11 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011/08/17 00:29:20 | 004,527,424 | ---- | M] (DT Soft Ltd) -- F:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
PRC - [2011/08/17 00:28:14 | 003,120,448 | ---- | M] (DT Soft Ltd) -- F:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
PRC - [2010/05/04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2010/04/22 16:05:26 | 001,011,712 | ---- | M] (Gigabyte Technology CO., LTD.) -- C:\Program Files (x86)\GIGABYTE\smart6\timelock\AlarmClock.exe
PRC - [2010/02/19 05:04:32 | 000,528,512 | -H-- | M] (Cisco Consumer Products LLC) -- C:\Program Files (x86)\Cisco Systems\Cisco Valet Connector\CiscoAdapterSvc.exe
PRC - [2009/10/13 17:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) -- C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe
PRC - [2009/06/17 17:13:06 | 000,068,136 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
PRC - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/06/24 16:06:06 | 001,840,424 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
PRC - [2006/12/19 10:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\Windows\SysWOW64\IoctlSvc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/05/29 10:37:34 | 002,139,840 | ---- | M] () -- F:\Program Files (x86)\Steam\video.dll
MOD - [2014/05/29 10:36:54 | 001,116,864 | ---- | M] () -- F:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2014/05/29 10:36:54 | 000,131,264 | ---- | M] () -- F:\Program Files (x86)\Steam\bin\audio.dll
MOD - [2014/05/16 18:36:10 | 000,756,224 | ---- | M] () -- F:\Program Files (x86)\Steam\SDL2.dll
MOD - [2014/05/14 06:23:10 | 016,361,136 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
MOD - [2014/05/13 16:40:54 | 000,414,536 | ---- | M] () -- C:\Users\terry\AppData\Local\Google\Chrome\Application\35.0.1916.114\ppgooglenaclpluginchrome.dll
MOD - [2014/05/13 16:40:50 | 004,217,672 | ---- | M] () -- C:\Users\terry\AppData\Local\Google\Chrome\Application\35.0.1916.114\pdf.dll
MOD - [2014/05/13 16:40:45 | 000,716,616 | ---- | M] () -- C:\Users\terry\AppData\Local\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
MOD - [2014/05/13 16:40:44 | 000,126,280 | ---- | M] () -- C:\Users\terry\AppData\Local\Google\Chrome\Application\35.0.1916.114\libegl.dll
MOD - [2014/05/13 16:40:43 | 001,732,424 | ---- | M] () -- C:\Users\terry\AppData\Local\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
MOD - [2014/05/01 16:35:22 | 020,628,160 | ---- | M] () -- F:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2014/04/29 17:08:08 | 001,135,104 | ---- | M] () -- F:\Program Files (x86)\Steam\libavcodec-55.dll
MOD - [2014/04/29 17:08:08 | 000,471,552 | ---- | M] () -- F:\Program Files (x86)\Steam\libavutil-53.dll
MOD - [2014/04/29 17:08:08 | 000,404,992 | ---- | M] () -- F:\Program Files (x86)\Steam\libavformat-55.dll
MOD - [2014/04/29 17:08:08 | 000,340,992 | ---- | M] () -- F:\Program Files (x86)\Steam\libavresample-1.dll
MOD - [2014/04/28 17:37:22 | 000,519,168 | ---- | M] () -- F:\Program Files (x86)\Steam\libswscale-2.dll
MOD - [2014/01/09 22:28:18 | 000,100,688 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2014/01/09 22:26:44 | 001,861,968 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2013/06/14 16:49:16 | 000,153,088 | ---- | M] () -- F:\Program Files (x86)\Steam\bin\mssvoice.asi
MOD - [2013/06/14 16:49:16 | 000,071,680 | ---- | M] () -- F:\Program Files (x86)\Steam\bin\mssmp3.asi
MOD - [2013/06/14 16:49:12 | 001,100,800 | ---- | M] () -- F:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2013/06/14 16:49:12 | 000,192,000 | ---- | M] () -- F:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2013/06/14 16:49:12 | 000,124,416 | ---- | M] () -- F:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2012/11/25 19:01:42 | 000,041,984 | ---- | M] () -- A:\Program Files (x86)\FFsplit\FFsource.ax
MOD - [2012/08/17 00:16:56 | 000,121,856 | ---- | M] () -- A:\Program Files (x86)\FFsplit\FFSplit Overlay Filter.ax
MOD - [2012/05/25 04:25:00 | 000,921,600 | ---- | M] () -- C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
MOD - [2012/04/30 00:55:48 | 000,026,112 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\Cultures\swresample-0.dll
MOD - [2012/04/30 00:55:45 | 008,358,400 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\Cultures\avcodec-54.dll
MOD - [2012/04/30 00:55:45 | 001,152,512 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\Cultures\avformat-54.dll
MOD - [2012/04/30 00:55:45 | 000,333,824 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\Cultures\swscale-2.dll
MOD - [2012/04/30 00:55:45 | 000,151,040 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\Cultures\avutil-51.dll
MOD - [2012/03/08 20:11:36 | 000,070,424 | ---- | M] () -- C:\Program Files\TortoiseSVN\bin\libsasl32.dll
MOD - [2011/03/17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/10/20 16:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2010/04/06 17:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 18:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014/05/19 16:10:40 | 000,413,128 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014/05/14 06:23:10 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/05/10 03:52:03 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/02/07 20:18:42 | 000,569,024 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014/01/20 11:10:14 | 000,017,816 | ---- | M] (OpenVPN Technologies, Inc) [Auto | Running] -- A:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ptservice.exe -- (ptservice)
SRV - [2013/12/10 04:11:08 | 000,317,792 | ---- | M] (Steganos Software GmbH) [Auto | Running] -- C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe -- (OkayFreedom VPN Starter Service)
SRV - [2013/10/23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/08/07 02:42:30 | 004,308,320 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013/05/13 04:56:02 | 002,245,232 | ---- | M] (Giraffic) [Auto | Stopped] -- C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe -- (Giraffic)
SRV - [2012/12/18 15:29:16 | 000,045,056 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\UTSCSI.EXE -- (UTSCSI)
SRV - [2012/12/18 12:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/12/16 04:25:38 | 000,123,664 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- A:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV - [2012/12/07 01:30:11 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012/10/22 00:12:01 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/12/01 22:38:50 | 000,014,216 | ---- | M] (Hi-Rez Studios) [Auto | Paused] -- F:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe -- (HiPatchService)
SRV - [2010/05/04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010/02/19 05:04:32 | 000,528,512 | -H-- | M] (Cisco Consumer Products LLC) [Auto | Running] -- C:\Program Files (x86)\Cisco Systems\Cisco Valet Connector\CiscoAdapterSvc.exe -- (RaAutoInstSrv_AM10)
SRV - [2009/10/20 11:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2009/10/13 17:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) [Auto | Running] -- C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe -- (Smart TimeLock)
SRV - [2009/06/17 17:13:06 | 000,068,136 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe -- (DES2 Service)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2006/12/19 10:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Auto | Running] -- C:\Windows\SysWOW64\IoctlSvc.exe -- (PLFlash DeviceIoControl Service)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/05/20 02:07:47 | 000,054,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pcouffin64a.sys -- (Pcouffin64)
DRV:64bit: - [2014/05/19 19:44:03 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2014/01/20 10:38:30 | 000,040,664 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ptun0901.sys -- (ptun0901)
DRV:64bit: - [2014/01/14 15:50:02 | 000,042,184 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss6.sys -- (taphss6)
DRV:64bit: - [2013/09/05 17:32:43 | 000,090,624 | ---- | M] (Eugene V. Muzychenko) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vrtaucbl.sys -- (EuMusDesignVirtualAudioCableWdm)
DRV:64bit: - [2013/09/04 02:42:48 | 000,040,664 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2013/01/17 12:15:12 | 000,066,800 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys -- (LGSHidFilt)
DRV:64bit: - [2012/08/17 00:01:22 | 000,110,592 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rzudd.sys -- (rzudd)
DRV:64bit: - [2012/08/17 00:01:20 | 000,021,504 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rzendpt.sys -- (rzendpt)
DRV:64bit: - [2012/07/09 14:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/05/22 16:56:34 | 000,112,128 | ---- | M] (SteelSeries Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SteelBus64.sys -- (busenum)
DRV:64bit: - [2012/05/21 08:14:32 | 000,034,944 | ---- | M] (SteelSeries Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SAlpham64.sys -- (SAlphamHid)
DRV:64bit: - [2012/03/26 15:50:12 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/04 16:01:54 | 000,037,888 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)
DRV:64bit: - [2011/12/10 13:08:48 | 000,271,424 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011/09/21 10:25:54 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:64bit: - [2011/07/25 17:44:46 | 000,074,752 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2011/07/20 14:58:22 | 000,044,032 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
DRV:64bit: - [2011/03/28 17:15:00 | 001,254,464 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AE1200w764.sys -- (Linksys_adapter_H)
DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/07 02:22:00 | 000,065,280 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV:64bit: - [2011/03/07 02:22:00 | 000,040,832 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3)
DRV:64bit: - [2011/01/13 04:58:00 | 000,413,800 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/01/10 19:16:08 | 000,021,104 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2010/11/20 06:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 04:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 04:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010/10/20 00:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/10/01 01:16:34 | 000,013,312 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VKbms.sys -- (VKbms)
DRV:64bit: - [2010/08/12 19:26:16 | 001,310,720 | ---- | M] (C-Media Electronics Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CM10864.sys -- (USBPNPA)
DRV:64bit: - [2010/07/01 14:21:50 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)
DRV:64bit: - [2010/02/13 05:36:42 | 001,101,600 | -H-- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\am10w7.sys -- (AM10)
DRV:64bit: - [2009/12/21 22:50:00 | 000,007,552 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vHidDev.sys -- (vhidmini)
DRV:64bit: - [2009/11/23 17:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009/11/23 17:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009/10/30 11:53:50 | 000,010,880 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Abyssus.sys -- (Abyssus)
DRV:64bit: - [2009/10/20 11:19:54 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 17:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009/07/13 17:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009/07/13 17:01:09 | 000,679,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xnacc.sys -- (xnacc)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2014/05/30 17:42:12 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2012/12/16 04:25:34 | 000,202,632 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- A:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV - [2012/05/15 10:12:31 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2012/03/11 00:27:53 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\etdrv.sys -- (etdrv)
DRV - [2010/03/22 12:19:50 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\npf.sys -- (NPF)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 07 23 18 91 F8 74 CE 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..extensions.enabledAddons: %7B9c51bd27-6ed8-4000-a2bf-36cb95c0c947%7D:11.0.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0.1
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: A:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0: A:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@raidcall.en/RCplugin: C:\Users\terry\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF - HKLM\Software\MozillaPlugins\@raidcall.kr/RCplugin: C:\Users\terry\AppData\Roaming\RCKR\plugins\nprcplugin.dll (Raidcall)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\BYOND: A:\Program Files (x86)\BYOND\bin\npbyond.dll (BYOND)
FF - HKCU\Software\MozillaPlugins\@citrixonline.com/appdetectorplugin: C:\Users\terry\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\terry\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\terry\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\terry\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/10/14 06:11:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/05/10 03:52:01 | 000,000,000 | ---D | M]
 
[2011/12/10 22:33:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\terry\AppData\Roaming\Mozilla\Extensions
[2014/06/05 22:18:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\terry\AppData\Roaming\Mozilla\Firefox\Profiles\lzu6ryzk.default\extensions
[2014/04/29 03:08:34 | 000,000,000 | ---D | M] (HTTPS-Everywhere) -- C:\Users\terry\AppData\Roaming\Mozilla\Firefox\Profiles\lzu6ryzk.default\extensions\[email protected]
[2014/01/05 20:15:48 | 000,020,502 | ---- | M] () (No name found) -- C:\Users\terry\AppData\Roaming\Mozilla\Firefox\Profiles\lzu6ryzk.default\extensions\[email protected]
[2014/05/12 03:05:18 | 003,570,288 | ---- | M] () (No name found) -- C:\Users\terry\AppData\Roaming\Mozilla\Firefox\Profiles\lzu6ryzk.default\extensions\[email protected]
[2013/06/04 10:43:39 | 000,080,872 | ---- | M] () (No name found) -- C:\Users\terry\AppData\Roaming\Mozilla\Firefox\Profiles\lzu6ryzk.default\extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}.xpi
[2014/06/04 21:19:24 | 000,967,387 | ---- | M] () (No name found) -- C:\Users\terry\AppData\Roaming\Mozilla\Firefox\Profiles\lzu6ryzk.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/12/05 08:22:54 | 000,769,830 | ---- | M] () (No name found) -- C:\Users\terry\AppData\Roaming\Mozilla\Firefox\Profiles\lzu6ryzk.default\extensions\{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi
[2014/05/10 03:52:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/05/10 03:52:03 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012/07/15 17:03:52 | 000,040,960 | ---- | M] (BYOND) -- C:\Program Files (x86)\mozilla firefox\plugins\npbyond.dll
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\terry\AppData\Local\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\terry\AppData\Local\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\terry\AppData\Local\Google\Chrome\Application\35.0.1916.114\pdf.dll
CHR - plugin: Microsoft® Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: BYOND stub plugin for Mozilla (Enabled) = A:\Program Files (x86)\BYOND\bin\npbyond.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = A:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = A:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: Java™ Platform SE 7 U21 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
CHR - plugin: RealNetworks™ Chrome Background Extension Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\terry\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Google Update (Enabled) = C:\Users\terry\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Raidcall plugin (Enabled) = C:\Users\terry\AppData\Roaming\RCKR\plugins\nprcplugin.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
CHR - plugin: Java Deployment Toolkit 7.0.210.11 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - Extension: OkayFreedom = C:\Users\terry\AppData\Local\Google\Chrome\User Data\Default\Extensions\bckipplcmnfhblnpibpbehenelnkpecd\1.2.0_0\
CHR - Extension: Adblock Plus = C:\Users\terry\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.3_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\terry\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_1\
CHR - Extension: FVD Downloader = C:\Users\terry\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp\5.8.3_0\
CHR - Extension: Google Wallet = C:\Users\terry\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Grooveshark Downloader = C:\Users\terry\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooblpjoncpjmbncgocjlnannofkjjhnp\3.4.2_0\
 
O1 HOSTS File: ([2014/06/05 22:18:30 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [Cm108Sound] C:\Windows\Syswow64\cm108.dll (C-Media Corporation)
O4:64bit: - HKLM..\Run: [Greenshot] A:\Program Files\Greenshot\Greenshot.exe (Greenshot)
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [DivXMediaServer] A:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [NBKeyScan] A:\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKCU..\Run: [DAEMON Tools Pro Agent] F:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Hyperdesktop] C:\Users\terry\AppData\Roaming\Hyperdesktop\hyperdesktop.exe (Hyperdesktop)
O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [SandboxieControl] A:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
O4 - HKCU..\Run: [Steam] F:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.59.144.93 64.59.150.139
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{36855C26-5310-4E3D-9255-9BD223ADE5E3}: DhcpNameServer = 64.59.144.93 64.59.150.139
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{41E1FF7A-390B-47DC-A0DC-3A228374DBBF}: DhcpNameServer = 172.20.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{62FBDB9F-C653-47CE-BB82-916FE1E5B1AF}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{63D23D4F-BC51-4C6F-A95E-8330DF67186E}: DhcpNameServer = 64.59.144.93 64.59.150.139
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6831C16F-4B1F-456B-B5E1-7C9213935103}: DhcpNameServer = 64.59.144.93 64.59.150.139
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{75E05F4C-EF9D-484C-BCB4-B9BBAFE85C75}: DhcpNameServer = 64.59.144.91 64.59.150.137
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{797B3E40-D43F-4B36-8D1F-081F47D6747E}: DhcpNameServer = 64.59.144.91 64.59.150.137
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7DD52480-4008-4E7C-882D-4C46E1700C19}: DhcpNameServer = 64.59.144.93 64.59.150.139
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{89298873-670E-4331-81A3-EDD9547DC871}: DhcpNameServer = 64.59.144.91 64.59.150.137
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8F29EE05-137D-4622-80A6-0A604CAA58A3}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C1453C9B-D56F-4719-9997-2F9F10D2A337}: DhcpNameServer = 192.168.1.254 75.153.176.9
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D95BF8A6-F97C-4561-9D37-68EE112D4D99}: DhcpNameServer = 64.59.144.93 64.59.150.139
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/06/05 22:19:59 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014/06/05 22:19:57 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2014/06/02 04:00:09 | 000,000,000 | ---D | C] -- C:\Users\terry\AppData\Local\SkinSoft
[2014/06/01 03:32:12 | 000,000,000 | ---D | C] -- C:\Users\terry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center
[2014/05/31 00:01:48 | 000,000,000 | ---D | C] -- C:\Users\terry\AppData\Roaming\Watch Dogs
[2014/05/31 00:01:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
[2014/05/30 17:51:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2014/05/30 17:50:58 | 000,061,216 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2014/05/30 17:50:58 | 000,052,056 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2014/05/30 17:18:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2014/05/23 16:26:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Betcoin Poker
[2014/05/20 02:45:59 | 000,000,000 | ---D | C] -- C:\Users\terry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Car music DVD Burner
[2014/05/20 02:45:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Car music DVD Burner
[2014/05/20 02:07:47 | 000,054,816 | ---- | C] (VSO Software) -- C:\Windows\SysNative\drivers\pcouffin64a.sys
[2014/05/20 02:07:46 | 000,000,000 | ---D | C] -- A:\Users\Terry\Documents\PcSetup
[2014/05/20 02:07:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio DVD Creator
[2014/05/10 03:52:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/05/08 17:44:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
 
========== Files - Modified Within 30 Days ==========
 
[2014/06/06 00:28:00 | 000,000,538 | ---- | M] () -- C:\Windows\tasks\G2MUpdateTask-S-1-5-21-816131170-1439977655-1545633551-1000.job
[2014/06/06 00:23:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/06/06 00:20:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/06/05 23:40:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-816131170-1439977655-1545633551-1000UA.job
[2014/06/05 22:25:53 | 003,108,064 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/06/05 22:25:53 | 000,948,788 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/06/05 22:25:53 | 000,190,490 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/06/05 22:25:53 | 000,157,312 | ---- | M] () -- C:\Windows\SysNative\perfh011.dat
[2014/06/05 22:25:53 | 000,036,616 | ---- | M] () -- C:\Windows\SysNative\perfc011.dat
[2014/06/05 22:25:53 | 000,015,326 | ---- | M] () -- C:\Windows\SysNative\perfh012.dat
[2014/06/05 22:25:53 | 000,005,070 | ---- | M] () -- C:\Windows\SysNative\perfc012.dat
[2014/06/05 22:18:30 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014/06/05 22:11:30 | 005,205,146 | R--- | M] (Swearware) -- C:\Users\terry\Desktop\ComboFix.exe
[2014/06/05 16:40:27 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/06/05 16:40:15 | 000,000,791 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/06/05 14:40:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-816131170-1439977655-1545633551-1000Core.job
[2014/06/05 11:20:00 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/06/04 15:56:34 | 000,000,221 | ---- | M] () -- C:\Users\terry\Desktop\Sniper Elite V2.url
[2014/06/01 03:32:12 | 000,001,290 | ---- | M] () -- C:\Users\terry\Desktop\CopyTrans Control Center.lnk
[2014/05/31 00:01:48 | 000,000,967 | ---- | M] () -- C:\Users\terry\Desktop\Watch Dogs.lnk
[2014/05/30 17:52:34 | 000,002,748 | ---- | M] () -- C:\Windows\Sandboxie.ini
[2014/05/30 17:49:17 | 000,014,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/05/30 17:49:17 | 000,014,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/05/30 17:42:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/05/30 17:42:05 | 3207,946,240 | -HS- | M] () -- C:\hiberfil.sys
[2014/05/24 04:42:12 | 000,002,328 | ---- | M] () -- C:\Users\terry\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/05/24 04:42:12 | 000,002,326 | ---- | M] () -- C:\Users\terry\Desktop\Google Chrome.lnk
[2014/05/23 16:26:50 | 000,000,657 | ---- | M] () -- C:\Users\Public\Desktop\Betcoin Poker.lnk
[2014/05/20 02:45:59 | 000,000,812 | ---- | M] () -- C:\Users\terry\Desktop\Car music DVD Burner.lnk
[2014/05/20 02:26:05 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2014/05/20 02:08:03 | 000,000,000 | ---- | M] () -- C:\Windows\AudioDVD.INI
[2014/05/20 02:07:47 | 000,054,816 | ---- | M] (VSO Software) -- C:\Windows\SysNative\drivers\pcouffin64a.sys
[2014/05/20 02:07:46 | 000,000,772 | ---- | M] () -- C:\Users\terry\Desktop\Audio DVD Creator.lnk
[2014/05/19 19:44:03 | 000,061,216 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2014/05/19 19:44:03 | 000,052,056 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2014/05/19 19:44:03 | 000,026,069 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2014/05/14 16:49:42 | 003,774,821 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
[2014/05/12 07:26:10 | 000,063,704 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/05/12 07:26:00 | 000,091,352 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/05/12 07:25:56 | 000,025,816 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
 
========== Files Created - No Company Name ==========
 
[2014/06/04 15:56:34 | 000,000,221 | ---- | C] () -- C:\Users\terry\Desktop\Sniper Elite V2.url
[2014/05/31 00:01:48 | 000,000,967 | ---- | C] () -- C:\Users\terry\Desktop\Watch Dogs.lnk
[2014/05/30 17:51:01 | 003,774,821 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2014/05/30 17:49:56 | 000,026,069 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2014/05/23 16:26:50 | 000,000,657 | ---- | C] () -- C:\Users\Public\Desktop\Betcoin Poker.lnk
[2014/05/20 02:45:59 | 000,000,812 | ---- | C] () -- C:\Users\terry\Desktop\Car music DVD Burner.lnk
[2014/05/20 02:08:03 | 000,000,000 | ---- | C] () -- C:\Windows\AudioDVD.INI
[2014/05/20 02:07:46 | 000,000,772 | ---- | C] () -- C:\Users\terry\Desktop\Audio DVD Creator.lnk
[2014/05/19 05:47:36 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2014/05/01 15:22:45 | 000,000,026 | ---- | C] () -- C:\Windows\Irremote.ini
[2014/05/01 15:22:40 | 000,001,024 | ---- | C] () -- C:\Users\terry\.rnd
[2014/02/09 14:23:53 | 000,003,016 | ---- | C] () -- C:\Windows\SysWow64\EasyRedirect.ini
[2014/02/09 14:23:53 | 000,001,696 | ---- | C] () -- C:\Windows\SysWow64\EasyRedirectOff.ini
[2013/06/29 11:35:54 | 000,000,132 | ---- | C] () -- C:\Users\terry\AppData\Roaming\Adobe BMP Format CS5 Prefs
[2013/02/16 17:06:02 | 000,002,748 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2013/01/22 10:09:28 | 000,000,000 | ---- | C] () -- C:\Windows\EEventManager.INI
[2013/01/20 18:56:24 | 000,000,079 | ---- | C] () -- C:\Windows\ENX130.ini
[2013/01/15 04:36:54 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2012/12/18 15:29:16 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\UTSCSI.EXE
[2012/12/07 01:30:11 | 000,281,688 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/12/07 01:30:11 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/12/05 19:34:49 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/12/05 19:34:49 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/12/05 19:34:49 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/12/05 19:34:49 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/12/05 19:34:49 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/11/04 18:49:34 | 000,249,344 | ---- | C] () -- C:\Windows\SysWow64\imsised.exe
[2012/11/04 18:49:33 | 000,070,656 | ---- | C] () -- C:\Windows\SysWow64\imsfchk.dll
[2012/08/25 02:43:39 | 000,000,132 | ---- | C] () -- C:\Users\terry\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012/08/08 18:17:32 | 000,001,038 | ---- | C] () -- C:\Users\terry\AppData\Roaming\MPQEditor.ini
[2012/04/18 16:05:55 | 000,007,605 | ---- | C] () -- C:\Users\terry\AppData\Local\Resmon.ResmonCfg
[2012/03/19 11:14:23 | 000,003,584 | ---- | C] () -- C:\Users\terry\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 22:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 21:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\SysWow64\wbem\fastprox.dll -- [2010/11/20 05:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012/07/11 05:13:48 | 000,000,000 | ---D | M] -- C:\Users\terry\AppData\Roaming\Activision
[2012/11/04 17:50:38 | 000,000,000 | ---D | M] -- C:\Users\terry\AppData\Roaming\aHisoft
[2012/11/04 18:53:09 | 000,000,000 | ---D | M] -- C:\Users\terry\AppData\Roaming\Anvil Studio
[2014/02/28 01:41:01 | 000,000,000 | ---D | M] -- C:\Users\terry\AppData\Roaming\Audacity
[2014/01/31 11:26:41 | 000,000,000 | ---D | M] -- C:\Users\terry\AppData\Roaming\Battle.net
[2012/11/06 00:39:03 | 000,000,000 | ---D | M] -- C:\Users\terry\AppData\Roaming\Character Creator
[2014/02/18 00:49:19 | 000,000,000 | ---D | M] -- C:\Users\terry\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013/11/17 13:53:56 | 000,000,000 | ---D | M] -- C:\Users\terry\AppData\Roaming\DAEMON Tools Pro
[2012/09/14 00:32:25 | 000,000,000 | ---D | M] -- C:\Users\terry\AppData\Roaming\DarknessII
[2012/02/22 15:06:09 | 000,000,000 | ---D | M] -- C:\Users\terry\AppData\Roaming\Downloaded Installations
[2012/11/04 17:44:11 | 000,000,000 | ---D | M] -- C:\Users\terry\AppData\Roaming\dream-mp3-to-midi-converter
[2013/01/21 10:47:59 | 000,000,000 | ---D | M] -- C:\Users\terry\AppData\Roaming\Epson
[2014/05/26 19:08:10 | 000,000,000 | ---D | M] -- C:\Users\terry\AppData\Roaming\foobar2000
[2014/01/24 16:22:58 | 000,000,000 | ---D | M] -- C:\Users\terry\AppData\Roaming\Greenshot
[2012/11/28 18:59:20 | 000,000,000 | ---D | M] -- C:\Users\terry\AppData\Roaming\Hyperdesktop
[2013/11/13 07:01:34 | 000,000,000 | ---D | M] -- C:\Users\terry\AppData\Roaming\iDealshare VideoGo
[2013/01/20 19:00:14 | 000,000,000 | ---D | M] -- C:\Users\terry\AppData\Roaming\Leadertech
[2011/12/27 18:43:40 | 000,000,000 | ---D | M] -- C:\Users\terry\AppData\Roaming\Lionhead Studios
[2012/06/21 14:10:56 | 000,000,000 | ---D | M] -- C:\Users\terry\AppData\Roaming\LolClient
[2012/06/16 22:35:05 | 000,000,000 | ---D | M] -- C:\Users\terry\AppData\Roaming\LolClient2
[2013/08/16 00:13:59 | 000,000,000 | ---D | M] -- C:\Users\terry\AppData\Roaming\Mumble
[2013/08/13 17:06:33 | 000,000,000 | ---D | M] -- C:\Users\terry\AppData\Roaming\Natural Selection 2
[2012/02/07 17:42:49 | 000,000,000 | ---D | M] -- C:\Users\terry\AppData\Roaming\NetMedia Providers
[2013/09/05 17:27:36 | 000,000,000 | ---D | M] -- C:\Users\terry\AppData\Roaming\OBS
[2013/08/07 17:38:32 | 000,000,000 | ---D | M] -- C:\Users\terry\AppData\Roaming\Origin
[2012/12/24 19:11:37 | 000,000,000 | ---D | M] -- C:\Users\terry\AppData\Roaming\PacificPoker
[2013/11/08 21:58:20 | 000,000,000 | ---D | M] -- C:\Users\terry\AppData\Roaming\Publish Providers
[2014/05/06 17:10:14 | 000,000,000 | ---D | M] -- C:\Users\terry\AppData\Roaming\raidcall
[2012/11/28 23:43:05 | 000,000,000 | ---D | M] -- C:\Users\terry\AppData\Roaming\RCKR
[2012/03/13 12:50:11 | 000,000,000 | ---D | M] -- C:\Users\terry\AppData\Roaming\Research In Motion
[2013/07/12 02:47:22 | 000,000,000 | ---D | M] -- C:\Users\terry\AppData\Roaming\Screaming Bee
[2012/02/07 19:39:10 | 000,000,000 | ---D | M] -- C:\Users\terry\AppData\Roaming\Sony
[2011/12/16 02:23:08 | 000,000,000 | ---D | M] -- C:\Users\terry\AppData\Roaming\SplitMediaLabs
[2013/06/03 13:48:41 | 000,000,000 | ---D | M] -- C:\Users\terry\AppData\Roaming\Spotify
[2012/02/08 11:58:40 | 000,000,000 | ---D | M] -- C:\Users\terry\AppData\Roaming\SteelSeries
[2014/02/09 15:04:31 | 000,000,000 | ---D | M] -- C:\Users\terry\AppData\Roaming\Steganos
[2014/02/09 15:05:30 | 000,000,000 | ---D | M] -- C:\Users\terry\AppData\Roaming\Steganos VPN
[2012/03/19 23:59:11 | 000,000,000 | ---D | M] -- C:\Users\terry\AppData\Roaming\Subversion
[2012/11/04 19:16:27 | 000,000,000 | ---D | M] -- C:\Users\terry\AppData\Roaming\SynthMaker
[2014/02/17 20:25:41 | 000,000,000 | ---D | M] -- C:\Users\terry\AppData\Roaming\TeamViewer
[2011/12/25 07:10:06 | 000,000,000 | ---D | M] -- C:\Users\terry\AppData\Roaming\Trine2
[2014/05/16 21:21:14 | 000,000,000 | ---D | M] -- C:\Users\terry\AppData\Roaming\TS3Client
[2012/12/13 20:04:09 | 000,000,000 | ---D | M] -- C:\Users\terry\AppData\Roaming\Unity
[2014/06/04 12:30:10 | 000,000,000 | ---D | M] -- C:\Users\terry\AppData\Roaming\uTorrent
[2014/05/31 00:01:48 | 000,000,000 | ---D | M] -- C:\Users\terry\AppData\Roaming\Watch Dogs
[2013/09/19 23:41:28 | 000,000,000 | ---D | M] -- C:\Users\terry\AppData\Roaming\WindSolutions
 
========== Purity Check ==========
 
 
 
========== Files - Unicode (All) ==========
[2012/06/07 17:31:01 | 000,001,870 | ---- | M] ()(C:\Users\terry\Desktop\????.lnk) -- C:\Users\terry\Desktop\星际大脚.lnk
[2012/06/07 17:31:01 | 000,001,870 | ---- | C] ()(C:\Users\terry\Desktop\????.lnk) -- C:\Users\terry\Desktop\星际大脚.lnk
[2011/12/11 00:19:50 | 000,001,870 | ---- | M] ()(C:\Users\Public\Desktop\????.lnk) -- C:\Users\Public\Desktop\星际大脚.lnk
[2011/12/11 00:19:50 | 000,001,870 | ---- | C] ()(C:\Users\Public\Desktop\????.lnk) -- C:\Users\Public\Desktop\星际大脚.lnk
(C:\Users\terry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\«???? II») -- C:\Users\terry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\《星海爭霸 II》
(C:\Users\terry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\?????? II) -- C:\Users\terry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\스타크래프트 II
(C:\ProgramData\Microsoft\Windows\Start Menu\Programs\178???) -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\178游戏网
(C:\ProgramData\Microsoft\Windows\Start Menu\Programs\?????? II) -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\스타크래프트 II
 
< End of report >
 

  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP