Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Particularly stubborn malware prevents internet access

Started by Noctis4 , Jun 11 2014 12:46 PM

Please log in to reply

#16
Noctis4

Posted 14 June 2014 - 02:12 PM

Member

Topic Starter
Member
27 posts

Yes the page fails to load and I get the "sad face" page and at the bottom it says:

Error code: ERR_CONNECTION_RESET

#17
Noctis4

Posted 14 June 2014 - 02:13 PM

Member

Topic Starter
Member
27 posts

Oh I should also mention that some other times when it fails to load a page, it will instead say:

Error code: ERR_TIMED_OUT

#18
zep516

Posted 14 June 2014 - 02:20 PM

Trusted Helper

Malware Removal
8,093 posts

Can you ping Google.com

Click start, in the search field type cmd in the results right click cmd, run as administrator, in the command window type

Ping Google .com

Do you get a series of replies ?

Reference link--->http://www.mediacoll...ooter/ping.html

#19
Noctis4

Posted 14 June 2014 - 02:30 PM

Member

Topic Starter
Member
27 posts

Alright, this is what it sent back:

Pinging Google.com [2607:f8b0:400f:801::1003] with 32 bytes of data:

Reply from 2607:f8b0:400f:801::1003: time=62ms

Reply from 2607:f8b0:400f:801::1003: time=57ms

Ping statistics for 2607:f8b0:400f:801::1003:

Packets: Sent = 4, Received = 4, Lost = 0 <0% loss>,

Approximate round trip times in milli-seconds:

Minimum = 57ms, Maximum = 62ms, Average = 58ms

#20
zep516

Posted 14 June 2014 - 02:39 PM

Trusted Helper

Malware Removal
8,093 posts

The most likely program to mess the internet up is Firewall or Anti virus, booting to safemode with networking eliminates those programs. You have already tried that correct? Connecting to a web site in safe mode with networking and there is no difference right?

#21
Noctis4

Posted 14 June 2014 - 02:52 PM

Member

Topic Starter
Member
27 posts

Just tried again and no, there is no difference.

#22
zep516

Posted 14 June 2014 - 02:56 PM

Trusted Helper

Malware Removal
8,093 posts

Please download MiniToolBox http://download.blee...MiniToolBox.exe and run it.

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (Only Problems)
List Minidump Files
List Restore Points

Click Go and post the result.

Next

Please download FarbarServiceScanner and run it on the computer with the issue.

Make sure the following options are checked:

Internet Services
Windows Firewall
System Restore
Security Center/Action Center
Windows Update

Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.

In you next reply:

Post the minitoolbox log
Post the farber log.

#23
Noctis4

Posted 14 June 2014 - 03:03 PM

Member

Topic Starter
Member
27 posts

Ok here ya go:

MiniToolBox by Farbar Version: 13-06-2014

Ran by Mark (administrator) on 14-06-2014 at 16:59:58

Running from "C:\Users\Mark\Downloads"

Microsoft Windows 7 Home Premium Service Pack 1 (X64)

Boot Mode: Normal

***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.

No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection 2 (Connected)

D-Link DWA-556 Xtreme N PCIe Desktop Adapter = Wireless Network Connection 2 (Connected)

# ----------------------------------

# IPv4 Configuration

# ----------------------------------

pushd interface ipv4

reset

set global icmpredirects=enabled

popd

# End of IPv4 configuration

Windows IP Configuration

Host Name . . . . . . . . . . . . : Mark-PC

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Hybrid

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : hsd1.fl.comcast.net.

Wireless LAN adapter Wireless Network Connection 2:

Connection-specific DNS Suffix . : hsd1.fl.comcast.net.

Description . . . . . . . . . . . : D-Link DWA-556 Xtreme N PCIe Desktop Adapter

Physical Address. . . . . . . . . : 00-26-5A-BF-0A-B1

DHCP Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IPv6 Address. . . . . . . . . . . : 2601:5:c480:16f:998b:77c9:7300:bed2(Preferred)

Temporary IPv6 Address. . . . . . : 2601:5:c480:16f:f9f6:2167:7d5a:7b95(Preferred)

Link-local IPv6 Address . . . . . : fe80::998b:77c9:7300:bed2%23(Preferred)

IPv4 Address. . . . . . . . . . . : 10.0.0.5(Preferred)

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Lease Obtained. . . . . . . . . . : Saturday, June 14, 2014 4:46:04 PM

Lease Expires . . . . . . . . . . : Saturday, June 21, 2014 4:46:06 PM

Default Gateway . . . . . . . . . : fe80::ea89:2cff:fe66:6ba1%23

10.0.0.1

DHCP Server . . . . . . . . . . . : 10.0.0.1

DHCPv6 IAID . . . . . . . . . . . : 486549082

DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-92-4D-7F-00-1B-21-CB-CC-C0

DNS Servers . . . . . . . . . . . : 2001:558:feed::1

2001:558:feed::2

75.75.75.75

75.75.76.76

NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection 2:

Connection-specific DNS Suffix . : hsd1.fl.comcast.net.

Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet

Physical Address. . . . . . . . . : 00-25-22-D0-B8-4D

DHCP Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IPv6 Address. . . . . . . . . . . : 2601:5:c480:16f:65ca:9df5:8028:b975(Preferred)

Temporary IPv6 Address. . . . . . : 2601:5:c480:16f:10f0:9bca:f650:a2d9(Preferred)

Link-local IPv6 Address . . . . . : fe80::65ca:9df5:8028:b975%13(Preferred)

IPv4 Address. . . . . . . . . . . : 10.0.0.12(Preferred)

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Lease Obtained. . . . . . . . . . : Saturday, June 14, 2014 4:46:04 PM

Lease Expires . . . . . . . . . . : Saturday, June 21, 2014 4:46:04 PM

Default Gateway . . . . . . . . . : fe80::ea89:2cff:fe66:6ba1%13

10.0.0.1

DHCP Server . . . . . . . . . . . : 10.0.0.1

DHCPv6 IAID . . . . . . . . . . . : 318776610

DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-92-4D-7F-00-1B-21-CB-CC-C0

DNS Servers . . . . . . . . . . . : 2001:558:feed::1

2001:558:feed::2

75.75.75.75

75.75.76.76

NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 9:

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface

Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:20a7:3514:ba09:5a9c(Preferred)

Link-local IPv6 Address . . . . . : fe80::20a7:3514:ba09:5a9c%19(Preferred)

Default Gateway . . . . . . . . . :

NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.hsd1.fl.comcast.net.:

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . : hsd1.fl.comcast.net.

Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3

Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

Server: cdns01.comcast.net

Address: 2001:558:feed::1

Name: google.com

Addresses: 2607:f8b0:4000:800::1002

173.194.115.41

173.194.115.40

173.194.115.32

173.194.115.39

173.194.115.35

173.194.115.33

173.194.115.36

173.194.115.37

173.194.115.46

173.194.115.34

173.194.115.38

Pinging google.com [2607:f8b0:4000:807::1005] with 32 bytes of data:

Reply from 2607:f8b0:4000:807::1005: time=31ms

Reply from 2607:f8b0:4000:807::1005: time=45ms

Ping statistics for 2607:f8b0:4000:807::1005:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 31ms, Maximum = 45ms, Average = 38ms

Server: cdns01.comcast.net

Address: 2001:558:feed::1

Name: yahoo.com

Addresses: 98.139.183.24

206.190.36.45

98.138.253.109

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:

Reply from 98.139.183.24: bytes=32 time=91ms TTL=47

Reply from 98.139.183.24: bytes=32 time=66ms TTL=45

Ping statistics for 98.139.183.24:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 66ms, Maximum = 91ms, Average = 78ms

Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================

Interface List

23...00 26 5a bf 0a b1 ......D-Link DWA-556 Xtreme N PCIe Desktop Adapter

13...00 25 22 d0 b8 4d ......Broadcom NetLink ™ Gigabit Ethernet

1...........................Software Loopback Interface 1

19...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface

22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3

===========================================================================

IPv4 Route Table

===========================================================================

Active Routes:

Network Destination Netmask Gateway Interface Metric

0.0.0.0 0.0.0.0 10.0.0.1 10.0.0.5 25

0.0.0.0 0.0.0.0 10.0.0.1 10.0.0.12 10

10.0.0.0 255.255.255.0 On-link 10.0.0.5 281

10.0.0.0 255.255.255.0 On-link 10.0.0.12 266

10.0.0.5 255.255.255.255 On-link 10.0.0.5 281

10.0.0.12 255.255.255.255 On-link 10.0.0.12 266

10.0.0.255 255.255.255.255 On-link 10.0.0.5 281

10.0.0.255 255.255.255.255 On-link 10.0.0.12 266

127.0.0.0 255.0.0.0 On-link 127.0.0.1 306

127.0.0.1 255.255.255.255 On-link 127.0.0.1 306

127.255.255.255 255.255.255.255 On-link 127.0.0.1 306

224.0.0.0 240.0.0.0 On-link 127.0.0.1 306

224.0.0.0 240.0.0.0 On-link 10.0.0.12 266

224.0.0.0 240.0.0.0 On-link 10.0.0.5 281

255.255.255.255 255.255.255.255 On-link 127.0.0.1 306

255.255.255.255 255.255.255.255 On-link 10.0.0.12 266

255.255.255.255 255.255.255.255 On-link 10.0.0.5 281

===========================================================================

Persistent Routes:

None

IPv6 Route Table

===========================================================================

Active Routes:

If Metric Network Destination Gateway

13 266 ::/0 fe80::ea89:2cff:fe66:6ba1

23 281 ::/0 fe80::ea89:2cff:fe66:6ba1

1 306 ::1/128 On-link

19 58 2001::/32 On-link

19 306 2001:0:5ef5:79fb:20a7:3514:ba09:5a9c/128

On-link

13 18 2601:5:c480:16f::/64 On-link

23 33 2601:5:c480:16f::/64 On-link

13 266 2601:5:c480:16f:10f0:9bca:f650:a2d9/128

On-link

13 266 2601:5:c480:16f:65ca:9df5:8028:b975/128

On-link

23 281 2601:5:c480:16f:998b:77c9:7300:bed2/128

On-link

23 281 2601:5:c480:16f:f9f6:2167:7d5a:7b95/128

On-link

13 266 fe80::/64 On-link

23 281 fe80::/64 On-link

19 306 fe80::/64 On-link

19 306 fe80::20a7:3514:ba09:5a9c/128

On-link

13 266 fe80::65ca:9df5:8028:b975/128

On-link

23 281 fe80::998b:77c9:7300:bed2/128

On-link

1 306 ff00::/8 On-link

19 306 ff00::/8 On-link

13 266 ff00::/8 On-link

23 281 ff00::/8 On-link

===========================================================================

Persistent Routes:

None

========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)

Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)

Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)

Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)

Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)

Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)

x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)

x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)

x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)

x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)

x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:

==================

Error: (06/14/2014 04:46:08 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/14/2014 04:44:56 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/14/2014 04:42:19 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (User: )

Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (06/14/2014 02:43:30 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/14/2014 02:36:38 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/14/2014 02:26:06 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (User: )

Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (06/14/2014 01:22:40 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/14/2014 01:21:14 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (User: )

Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (06/14/2014 03:22:51 AM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/14/2014 00:31:07 AM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.

The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

System errors:

=============

Error: (06/14/2014 04:46:05 PM) (Source: Service Control Manager) (User: )

Description: The MBAMService service depends on the MBAMProtector service which failed to start because of the following error:

%%193

Error: (06/14/2014 04:46:05 PM) (Source: Service Control Manager) (User: )

Description: The MBAMScheduler service failed to start due to the following error:

%%5

Error: (06/14/2014 04:45:59 PM) (Source: Service Control Manager) (User: )

Description: The MBAMProtector service failed to start due to the following error:

%%193

Error: (06/14/2014 04:43:36 PM) (Source: Service Control Manager) (User: )

Description: The Computer Browser service depends on the Server service which failed to start because of the following error:

%%1068

Error: (06/14/2014 04:43:36 PM) (Source: Service Control Manager) (User: )

Description: The Computer Browser service depends on the Server service which failed to start because of the following error:

%%1068

Error: (06/14/2014 04:43:36 PM) (Source: Service Control Manager) (User: )

Description: The Computer Browser service depends on the Server service which failed to start because of the following error:

%%1068

Error: (06/14/2014 04:43:36 PM) (Source: Service Control Manager) (User: )

Description: The Computer Browser service depends on the Server service which failed to start because of the following error:

%%1068

Error: (06/14/2014 04:43:36 PM) (Source: Service Control Manager) (User: )

Description: The Computer Browser service depends on the Server service which failed to start because of the following error:

%%1068

Error: (06/14/2014 04:43:36 PM) (Source: Service Control Manager) (User: )

Description: The Computer Browser service depends on the Server service which failed to start because of the following error:

%%1068

Error: (06/14/2014 04:43:34 PM) (Source: Service Control Manager) (User: )

Description: The Computer Browser service depends on the Server service which failed to start because of the following error:

%%1068

Microsoft Office Sessions:

=========================

Error: (06/14/2014 04:46:08 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/14/2014 04:44:56 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/14/2014 04:42:19 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe)(User: )

Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (06/14/2014 02:43:30 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/14/2014 02:36:38 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/14/2014 02:26:06 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe)(User: )

Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (06/14/2014 01:22:40 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/14/2014 01:21:14 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe)(User: )

Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (06/14/2014 03:22:51 AM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/14/2014 00:31:07 AM) (Source: SideBySide)(User: )

Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

=========================== Installed Programs ============================

4500_G510af_Help (x32 Version: 000.0.439.000 - Hewlett-Packard) Hidden

4500G510af (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden

4500G510af_Software_Min (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden

Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)

Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.0.4990 - Adobe Systems Inc.)

Adobe AIR (x32 Version: 1.0.8.4990 - Adobe Systems Inc.) Hidden

Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)

Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)

Age of Empires III (HKLM-x32\...\InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}) (Version: 1.00.0000 - Microsoft Game Studios)

Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden

APN Updater (HKCU\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.0.20007 - Ask.com)

Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Ask Toolbar (HKLM-x32\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.14.1.0 - Ask.com)

ASRock App Charger v1.0.4 (HKLM\...\ASRock App Charger_is1) (Version: - ASRock Inc.)

ASRock eXtreme Tuner v0.1.71 (HKLM-x32\...\ASRock eXtreme Tuner_is1) (Version: - )

ASRock InstantBoot v1.26 (HKLM-x32\...\ASRock InstantBoot_is1) (Version: - )

AVG Security Toolbar (HKLM-x32\...\AVG Secure Search) (Version: 18.1.0.443 - AVG Technologies)

Baldur's Gate (HKLM-x32\...\Baldur's Gate) (Version: - )

Baldur's Gate Complete (HKLM-x32\...\Baldur's Gate Complete) (Version: - GameStop)

Baldur's Gate II - Shadows of Amn + Throne Bhaal (HKLM-x32\...\Baldur's Gate II - Shadows of Amn + Throne Bhaal) (Version: - GameStop)

Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)

Beneath a Steel Sky (HKLM-x32\...\Beneath a Steel Sky_is1) (Version: - GOG.com)

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Broadcom Gigabit NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.6.1.3 - Broadcom Corporation)

BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden

CenturyLink Help (HKLM-x32\...\CLink) (Version: - )

Cisco EAP-FAST Module (HKLM-x32\...\{415B2719-AD3A-4944-B404-C472DB6085B3}) (Version: 2.1.6 - Cisco Systems, Inc.)

Cisco LEAP Module (HKLM-x32\...\{83770D14-21B9-44B3-8689-F7B523F94560}) (Version: 1.0.12 - Cisco Systems, Inc.)

Cisco PEAP Module (HKLM-x32\...\{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}) (Version: 1.0.13 - Cisco Systems, Inc.)

Command & Conquer The First Decade (HKLM-x32\...\{66D6F3BD-CA23-41A4-9FA3-96B26B32528C}) (Version: 1.00.0000 - Electronic Arts)

Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1611_37043 - CyberLink Corp.)

CyberLink MediaEspresso (x32 Version: 6.5.1611_37043 - CyberLink Corp.) Hidden

Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden

DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden

Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)

Dishonored (HKLM-x32\...\Steam App 205100) (Version: - )

DocMgr (x32 Version: 130.0.000.000 - Hewlett-Packard) Hidden

DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden

Dragonsphere (HKLM-x32\...\Dragonsphere_is1) (Version: - GOG.com)

DWA-556 (HKLM-x32\...\{6F6F39E3-D24D-4EEE-9AEA-DEDAF991385D}) (Version: 1.20b01 - D-Link)

Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.96 - Etron Technology)

Etron USB3.0 Host Controller (x32 Version: 0.96 - Etron Technology) Hidden

Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden

FINAL FANTASY XI (x32 Version: 1.010.0 - SQUARE ENIX CO., LTD.) Hidden

FINAL FANTASY XI: Chains of Promathia (x32 Version: 1.27.0 - SQUARE ENIX CO., LTD.) Hidden

FINAL FANTASY XI: Rise of the Zilart (x32 Version: 1.18.0 - SQUARE ENIX CO., LTD.) Hidden

FINAL FANTASY XI: Treasures of Aht Urhgan (x32 Version: 1.35.0 - SQUARE ENIX CO., LTD.) Hidden

FINAL FANTASY XI: Wings of the Goddess (x32 Version: 1.42.0 - SQUARE ENIX CO., LTD.) Hidden

GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden

Google Chrome (HKCU\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)

Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)

HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)

HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)

HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)

HP Officejet 4500 G510a-f (HKLM\...\{C98517B6-DCE9-49B7-B19E-E384178D3986}) (Version: 13.0 - HP)

HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)

HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)

HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden

HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden

Icewind Dale - Heart of Winter (HKLM-x32\...\{433BF933-81D6-4646-A318-3DE5DB6108F2}) (Version: - )

Icewind Dale (HKLM-x32\...\Icewind Dale) (Version: - )

Icewind Dale Complete (HKLM-x32\...\Icewind Dale Complete) (Version: - GameStop)

Icewind Dale II (HKLM-x32\...\{588C135F-0B15-4A02-8F2D-04697BE2904E}) (Version: 1.00.000 - Black Isle)

Icewind Dale II (HKLM-x32\...\Icewind Dale II) (Version: - GameStop)

Impulse® (HKLM-x32\...\Impulse®) (Version: 3.30 - GameStop)

Impulse® (x32 Version: 3.30 - GameStop) Hidden

Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2361 - Intel Corporation)

iTunes (HKLM\...\{76FF0F03-B707-4332-B5D1-A56C8303514E}) (Version: 11.0.4.4 - Apple Inc.)

Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.550 - Oracle)

Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden

Java™ 6 Update 27 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416027FF}) (Version: 6.0.270 - Oracle)

jZip (HKLM-x32\...\jZip) (Version: - Bandoo Media Inc.)

Lure of the Temptress (HKLM-x32\...\Lure of the Temptress_is1) (Version: - GOG.com)

MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden

marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.2.0.1003 - Marvell)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden

Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.0.161.0 - Microsoft Corporation)

Microsoft Mouse and Keyboard Center (Version: 2.0.161.0 - Microsoft Corporation) Hidden

Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)

Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

Neverwinter Nights 2 (HKLM-x32\...\Neverwinter Nights 2) (Version: - GameStop)

Neverwinter Nights Diamond (HKLM-x32\...\Neverwinter Nights Diamond) (Version: - GameStop)

NVIDIA 3D Vision Controller Driver 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)

NVIDIA 3D Vision Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)

NVIDIA Control Panel 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden

NVIDIA GeForce Experience 1.8.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.1 - NVIDIA Corporation)

NVIDIA Graphics Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)

NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)

NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden

NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden

NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden

NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden

NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)

NVIDIA ShadowPlay 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden

NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3523 - NVIDIA Corporation) Hidden

NVIDIA Supersonic Sled demo (HKLM-x32\...\Supersonic Sled) (Version: - )

NVIDIA Update 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden

NVIDIA Update Core (Version: 10.11.15 - NVIDIA Corporation) Hidden

NVIDIA Virtual Audio 1.2.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.19 - NVIDIA Corporation)

OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)

Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)

Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)

Pepakura Viewer 3 (HKLM-x32\...\pepakura_viewer3en) (Version: - TamaSoftware)

Planescape Torment (HKLM-x32\...\Planescape Torment) (Version: - GameStop)

PlayOnline Viewer & Tetra Master (HKLM-x32\...\InstallShield_{47004155-7376-403E-89E9-4C9F44AAF0D0}) (Version: 1.18.00 - SQUARE ENIX CO., LTD.)

PlayOnline Viewer & Tetra Master (x32 Version: 1.18.00 - SQUARE ENIX CO., LTD.) Hidden

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6257 - Realtek Semiconductor Corp.)

Rosewill Wireless Network 11N PCI adapter RNX-N300 (HKLM-x32\...\{E0827C2F-E482-41FF-8921-9077AABA666F}) (Version: 1.0.10.0 - Rosewill)

Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version: - Volition)

Saitek Cyborg Keyboard Volume 6.2.1.3 (HKLM\...\{34280DB1-8558-4709-AB7E-62A572C03355}) (Version: 6.2.1.3 - Saitek)

Saitek SD6 Programming Software 6.2.1.3 (HKLM\...\{315ADCE4-CCD6-49FC-BB26-D14E82E6AD7F}) (Version: 6.2.1.3 - Saitek)

Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden

Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.13.1.47 - Client Connect LTD)

SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden

Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)

Sid Meier's Civilization 4 Complete (HKLM-x32\...\{30D1F3D2-54CF-481D-A005-F94B0E98FEEC}) (Version: 1.74 - Firaxis Games)

Sid Meier's Civilization IV Colonization (HKLM-x32\...\{EF36A836-BF89-4A4F-B079-057B0C68C1E0}) (Version: 1.00 - Firaxis Games)

SimCity™ Societies (HKLM-x32\...\{9B0F9788-3141-4009-846E-52E59843E963}) (Version: 1.0.0.0 - Electronic Arts)

SimCity™ Societies (x32 Version: 1.0.0.0 - Electronic Arts) Hidden

SimCity™ Societies Destinations (HKLM-x32\...\{D1C7BB12-BE01-11DC-AAC9-EEBA55D89593}) (Version: 1.0.0.1 - Electronic Arts)

Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)

SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden

Source SDK (HKLM-x32\...\Steam App 211) (Version: - Valve)

Splashtop Connect IE (HKLM-x32\...\{F9F5EF72-18CF-4DCF-A721-EC86B94DAC46}) (Version: 1.1.12.1 - Splashtop Inc.)

StarCraft (HKLM-x32\...\StarCraft) (Version: - Blizzard Entertainment)

StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)

Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden

Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)

swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version: - )

Teenagent (HKLM-x32\...\Teenagent_is1) (Version: - GOG.com)

Temple of Elemental Evil (HKLM-x32\...\Temple of Elemental Evil) (Version: - GameStop)

TERA (HKLM-x32\...\{0FCDA0F8-F3E5-402E-B9B6-13CB2B01182B}) (Version: 1.36 - En Masse Entertainment)

Terraria (HKLM-x32\...\Steam App 105600) (Version: - )

The Witcher 2 (HKLM-x32\...\{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}) (Version: 1.00.0000 - CD Projekt Red)

The Witcher Enhanced Edition Director's Cut (HKLM-x32\...\The Witcher Enhanced Edition Director's Cut_is1) (Version: - GOG.com)

TidyNetwork.com (HKCU\...\TidyNetwork.com) (Version: - TidyNetwork.com)

TomTom HOME 2.8.3.2499 (HKLM-x32\...\TomTom HOME) (Version: 2.8.3.2499 - TomTom)

TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)

Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden

TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden

Tyrian 2000 (HKLM-x32\...\Tyrian 2000_is1) (Version: - GOG.com)

Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)

Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)

Warcraft III (HKLM-x32\...\Warcraft III) (Version: - Blizzard Entertainment)

WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden

WinRAR 4.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.10.0 - win.rar GmbH)

WinRAR 4.11 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)

World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)

XFastUsb (HKLM-x32\...\XFastUsb) (Version: - )

========================= Devices: ================================

========================= Memory info: ===================================

Percentage of memory in use: 12%

Total physical RAM: 16296.57 MB

Available physical RAM: 14183.77 MB

Total Pagefile: 32591.32 MB

Available Pagefile: 30262.13 MB

Total Virtual: 4095.88 MB

Available Virtual: 3960.39 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:465.66 GB) (Free:147.46 GB) NTFS

2 Drive d: (GW2_DVD1) (CDROM) (Total:7.84 GB) (Free:0 GB) UDF

========================= Users: ========================================

User accounts for \\MARK-PC

Administrator Guest Mark

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

29-05-2014 18:59:01 Removed DWA-556

29-05-2014 20:42:14 Installed DWA-556

30-05-2014 02:54:26 Windows Update

10-06-2014 14:03:02 Scheduled Checkpoint

12-06-2014 18:25:56 OTL Restore Point - 6/12/2014 1:25:54 PM

13-06-2014 21:20:16 Removed League of Legends

13-06-2014 21:21:37 Removed LogMeIn Hamachi

13-06-2014 21:58:02 OTL Restore Point - 6/13/2014 4:58:02 PM

14-06-2014 05:31:19 Windows Update

14-06-2014 08:00:13 Windows Update

14-06-2014 18:20:40 OTL Restore Point - 6/14/2014 1:20:38 PM

**** End of log ****

Farbar Service Scanner Version: 10-06-2014

Ran by Mark (administrator) on 14-06-2014 at 17:01:53

Running from "C:\Users\Mark\Downloads"

Microsoft Windows 7 Home Premium Service Pack 1 (X64)

Boot Mode: Normal

****************************************************************

Internet Services:

============

Connection Status:

==============

Localhost is accessible.

LAN connected.

Google IP is accessible.

Google.com is accessible.

Yahoo.com is accessible.

Windows Firewall:

=============

Firewall Disabled Policy:

==================

System Restore:

============

System Restore Disabled Policy:

========================

Action Center:

============

Windows Update:

============

Windows Autoupdate Disabled Policy:

============================

Other Services:

==============

File Check:

========

C:\Windows\System32\nsisvc.dll => File is digitally signed

C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed

C:\Windows\System32\dhcpcore.dll => File is digitally signed

C:\Windows\System32\drivers\afd.sys => File is digitally signed

C:\Windows\System32\drivers\tdx.sys => File is digitally signed

C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed

C:\Windows\System32\dnsrslvr.dll => File is digitally signed

C:\Windows\System32\mpssvc.dll => File is digitally signed

C:\Windows\System32\bfe.dll => File is digitally signed

C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed

C:\Windows\System32\SDRSVC.dll => File is digitally signed

C:\Windows\System32\vssvc.exe => File is digitally signed

C:\Windows\System32\wscsvc.dll => File is digitally signed

C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed

C:\Windows\System32\wuaueng.dll => File is digitally signed

C:\Windows\System32\qmgr.dll => File is digitally signed

C:\Windows\System32\es.dll => File is digitally signed

C:\Windows\System32\cryptsvc.dll => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

**** End of log ****

#24
Noctis4

Posted 14 June 2014 - 03:05 PM

Member

Topic Starter
Member
27 posts

Oh, and I'm running these programs on my faulty computer while connected via Ethernet. I don't know if that makes a difference or not but I can rerun the tests after unplugging it if need be....

#25
zep516

Posted 14 June 2014 - 08:12 PM

Trusted Helper

Malware Removal
8,093 posts

Hello,

We need to do a fix to delete some files using OTL

Double click on the to open the program. On Vista/Win7/Win8 right click select Run As Administrator to start the program. If prompted by UAC, please allow it.

Under the Custom Scans/Fixes box at the bottom, paste in the following

:COMMANDS
[CREATERESTOREPOINT]

:OTL
SRV - [2014/04/27 22:19:16 | 001,801,240 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe -- (vToolbarUpdater18.1.0)
DRV:64bit: - [2014/04/27 22:19:16 | 000,050,464 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
CHR - Extension: BrowserPlus2 = C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\
CHR - Extension: BrowserPlus2 = C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\nativeMessaging\nmHost
O4 - HKLM..\Run: [SmartViewAgent] "C:\Program Files (x86)\DeviceVM\SmartView\SmartViewAgent.exe" File not found
O4 - HKCU..\Run: [ASRockXTU]  File not found
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O1364bit: - gopher Prefix: missing
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.0\ViProtocol.dll (AVG Secure Search)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O33 - MountPoints2\{57ada66b-e93a-11e2-8d81-002522d0b84d}\Shell - "" = AutoRun
O33 - MountPoints2\{57ada66b-e93a-11e2-8d81-002522d0b84d}\Shell\AutoRun\command - "" = E:\VerizonSWUpgradeAssistantLauncher.exe
O33 - MountPoints2\{a6d6a144-9c05-11e0-879c-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{a6d6a144-9c05-11e0-879c-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Gw2Setup.exe -- [2012/06/15 16:42:27 | 021,760,064 | R--- | M] (ArenaNet)
O33 - MountPoints2\{bf2ce0ec-b7eb-11e1-b035-002522d0b84d}\Shell - "" = AutoRun
O33 - MountPoints2\{bf2ce0ec-b7eb-11e1-b035-002522d0b84d}\Shell\AutoRun\command - "" = "E:\WD SmartWare.exe" autoplay=true

:Files
C:\Program Files (x86)\Impulse\Now\SDSecurity.dll
ipconfig /flushdns /c
ipconfig /release /c
ipconfig /renew /c
netsh advfirewall reset /c
netsh winsock reset  /c
netsh int ipv4 reset  /c
netsh int ipv6 reset /c


:Commands
[emptytemp]

Make sure all other windows are closed.
Click the Run Fix button at the top
Let the program run uninterrupted. The computer should reboot when the scan is done. If not, please reboot the computer.
Post the log that is found in C:\_OTL\Moved Files in your next reply.
Open OTL again and click the Quick Scan button.

Please run these tools again,

Next

Please download AdwCleaner by Xplode onto your Desktop.
Close all open programs and internet browsers.
Double click on AdwCleaner.exe to run the tool.
Click the Scan button and wait for the process to complete.
Click the Report button and the report will open in Notepad.
NOTE: If you get an error message, it means that nothing was found. Exit from AdwCleaner.
Click on the Clean button follow the prompts.
A log file will automatically open after the scan has finished and the PC has rebooted.
Please post the content of that log file with your next answer.
You can find the log file at C:\AdwCleaner

Next

Please download Junkware Removal Tool to your Desktop.

Please close your security software to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
The tool will open and start scanning your system.
Please be patient as this can take a while to complete, depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
Please post the contents of JRT.txt into your reply.

In you next reply

1- Post the otl fix log
2- Post a New OTL after quick scan
3- Post the AdwCleaner [so].txt log
4- Post the JRT Log.

Thanks
Joe

#26
Noctis4

Posted 15 June 2014 - 08:24 AM

Member

Topic Starter
Member
27 posts

Ok, here are all the scans' logs.

Attached Files

06152014_080302.log 58.21KB 225 downloads
AdwCleanerS0.txt 29.51KB 188 downloads
JRT.txt 1.13KB 204 downloads
OTLafter.txt 95.79KB 188 downloads

#27
zep516

Posted 15 June 2014 - 09:28 AM

Trusted Helper

Malware Removal
8,093 posts

Hello,
Don't attach logs makes more work, I will copy them all in so there all in one place. Let me look them over.

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
Service vToolbarUpdater18.1.0 stopped successfully!
Service vToolbarUpdater18.1.0 deleted successfully!
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe moved successfully.
Service avgtp stopped successfully!
Service avgtp deleted successfully!
C:\Windows\SysNative\drivers\avgtpx64.sys moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\_locales\en folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\_locales folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\sl folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\lib\jquery.jscrollpane folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\lib\jquery.alerts\images folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\lib\jquery.alerts folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\lib folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\core folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\wa\WEATHER\js folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\wa\WEATHER\css folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\wa\WEATHER folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\wa\TWITTER\js folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\wa\TWITTER\img folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\wa\TWITTER folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\wa\SEARCH\view\style\rsx folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\wa\SEARCH\view\style folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\wa\SEARCH\view\script folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\wa\SEARCH\view folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\wa\SEARCH\resources folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\wa\SEARCH\js folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\wa\SEARCH\Css folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\wa\SEARCH\buildSettings folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\wa\SEARCH folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\wa\RADIO_PLAYER\js\resources folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\wa\RADIO_PLAYER\js folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\wa\RADIO_PLAYER\css\custom-theme folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\wa\RADIO_PLAYER\css folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\wa\RADIO_PLAYER folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\wa\PRICE_GONG\images folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\wa\PRICE_GONG\css\custom-theme folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\wa\PRICE_GONG\css folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\wa\PRICE_GONG\agreement folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\wa\PRICE_GONG folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\wa\Optimizer\js folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\wa\Optimizer folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\wa\NOTIFICATION\js folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\wa\NOTIFICATION\images\light folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\wa\NOTIFICATION\images\dark folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\wa\NOTIFICATION\images folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\wa\NOTIFICATION\css folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\wa\NOTIFICATION folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\wa\MULTI_RSS\js\resources folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\wa\MULTI_RSS\js folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\wa\MULTI_RSS\img folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\wa\MULTI_RSS\css folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\wa\MULTI_RSS folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\wa\HIGHLIGHTER\js folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\wa\HIGHLIGHTER\css folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\wa\HIGHLIGHTER folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\wa\EMAIL_NOTIFIER\js folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\wa\EMAIL_NOTIFIER\css folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\wa\EMAIL_NOTIFIER folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\wa\APPLICATION_BUTTON\resources folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\wa\APPLICATION_BUTTON\Js folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\wa\APPLICATION_BUTTON folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\wa folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\ui\menu\js folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\ui\menu\img folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\ui\menu\css folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\ui\menu folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\ui\gf\js folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\ui\gf\img folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\ui\gf\css folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\ui\gf folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\ui\gadgetFrame folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\ui\dlg\restart\images folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\ui\dlg\restart folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\ui\dlg\ftd\images folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\ui\dlg\ftd folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\ui\dlg folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\ui folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\sp\spsd\images folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\sp\spsd folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\sp\spbd\images folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\sp\spbd folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\sp\js folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\sp folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\options\js\resources folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\options\js folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\options\images folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\options\css folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\options folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\msd folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\api folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\ac\res folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\ac\img folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\ac\css folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\ac folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\aboutBox\js folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\aboutBox\images folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al\aboutBox folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb\al folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\tb folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\Search\NewTabPages\js folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\Search\NewTabPages\img folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\Search\NewTabPages\html folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\Search\NewTabPages\css folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\Search\NewTabPages\API folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\Search\NewTabPages folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\Search\html folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\Search folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\plugins folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\nativeMessaging folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\mam\scripts\contentScripts folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\mam\scripts folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\mam folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\js\toolbarAPI folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\js\tabs\back folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\js\tabs folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\js\options folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\js\lib folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\js folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\APISupport folder moved successfully.
C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0 folder moved successfully.
File C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.31.0.526_0\nativeMessaging\nmHost not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SmartViewAgent deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ASRockXTU deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\vProt deleted successfully.
C:\Program Files (x86)\AVG Secure Search\vprot.exe moved successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\0x00000001\ not found.
File Protocol\Handler\msdaipp\0x00000001 - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\oledb\ not found.
File Protocol\Handler\msdaipp\oledb - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-itss\ deleted successfully.
File Protocol\Handler\ms-itss - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\mso-offdap\ deleted successfully.
File Protocol\Handler\mso-offdap - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\mso-offdap11\ deleted successfully.
File Protocol\Handler\mso-offdap11 - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol\ deleted successfully.
File Protocol\Handler\viprotocol - No CLSID value found not found.
C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.0\ViProtocol.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol\ not found.
Invalid CLSID key: C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.0\ViProtocol.dll
File C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.0\ViProtocol.dll not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{57ada66b-e93a-11e2-8d81-002522d0b84d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{57ada66b-e93a-11e2-8d81-002522d0b84d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{57ada66b-e93a-11e2-8d81-002522d0b84d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{57ada66b-e93a-11e2-8d81-002522d0b84d}\ not found.
File E:\VerizonSWUpgradeAssistantLauncher.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a6d6a144-9c05-11e0-879c-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a6d6a144-9c05-11e0-879c-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a6d6a144-9c05-11e0-879c-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a6d6a144-9c05-11e0-879c-806e6f6e6963}\ not found.
File move failed. D:\Gw2Setup.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bf2ce0ec-b7eb-11e1-b035-002522d0b84d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf2ce0ec-b7eb-11e1-b035-002522d0b84d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bf2ce0ec-b7eb-11e1-b035-002522d0b84d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf2ce0ec-b7eb-11e1-b035-002522d0b84d}\ not found.
File "E:\WD SmartWare.exe" autoplay=true not found.
========== FILES ==========
C:\Program Files (x86)\Impulse\Now\SDSecurity.dll moved successfully.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
E:\cmd.bat deleted successfully.
E:\cmd.txt deleted successfully.
< ipconfig /release /c >
Windows IP Configuration
Wireless LAN adapter Wireless Network Connection 2:
Connection-specific DNS Suffix . :
IPv6 Address. . . . . . . . . . . : 2601:5:c480:16f:998b:77c9:7300:bed2
Temporary IPv6 Address. . . . . . : 2601:5:c480:16f:f9f6:2167:7d5a:7b95
Link-local IPv6 Address . . . . . : fe80::998b:77c9:7300:bed2%23
Default Gateway . . . . . . . . . : fe80::ea89:2cff:fe66:6ba1%23
Ethernet adapter Local Area Connection 2:
Connection-specific DNS Suffix . :
IPv6 Address. . . . . . . . . . . : 2601:5:c480:16f:65ca:9df5:8028:b975
Temporary IPv6 Address. . . . . . : 2601:5:c480:16f:10f0:9bca:f650:a2d9
Link-local IPv6 Address . . . . . : fe80::65ca:9df5:8028:b975%13
Default Gateway . . . . . . . . . : fe80::ea89:2cff:fe66:6ba1%13
Tunnel adapter Local Area Connection* 9:
Connection-specific DNS Suffix . :
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:90d7:3835:3e1:f5ff:fff3
Link-local IPv6 Address . . . . . : fe80::3835:3e1:f5ff:fff3%19
Default Gateway . . . . . . . . . :
Tunnel adapter isatap.hsd1.fl.comcast.net.:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
E:\cmd.bat deleted successfully.
E:\cmd.txt deleted successfully.
< ipconfig /renew /c >
Windows IP Configuration
Wireless LAN adapter Wireless Network Connection 2:
Connection-specific DNS Suffix . : hsd1.fl.comcast.net.
IPv6 Address. . . . . . . . . . . : 2601:5:c480:16f:998b:77c9:7300:bed2
Temporary IPv6 Address. . . . . . : 2601:5:c480:16f:f9f6:2167:7d5a:7b95
Link-local IPv6 Address . . . . . : fe80::998b:77c9:7300:bed2%23
IPv4 Address. . . . . . . . . . . : 10.0.0.5
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : fe80::ea89:2cff:fe66:6ba1%23
10.0.0.1
Ethernet adapter Local Area Connection 2:
Connection-specific DNS Suffix . : hsd1.fl.comcast.net.
IPv6 Address. . . . . . . . . . . : 2601:5:c480:16f:65ca:9df5:8028:b975
Temporary IPv6 Address. . . . . . : 2601:5:c480:16f:10f0:9bca:f650:a2d9
Link-local IPv6 Address . . . . . : fe80::65ca:9df5:8028:b975%13
IPv4 Address. . . . . . . . . . . : 10.0.0.12
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : fe80::ea89:2cff:fe66:6ba1%13
10.0.0.1
Tunnel adapter Local Area Connection* 9:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Tunnel adapter isatap.hsd1.fl.comcast.net.:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
E:\cmd.bat deleted successfully.
E:\cmd.txt deleted successfully.
< netsh advfirewall reset /c >
Ok.
E:\cmd.bat deleted successfully.
E:\cmd.txt deleted successfully.
< netsh winsock reset /c >
Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.
E:\cmd.bat deleted successfully.
E:\cmd.txt deleted successfully.
< netsh int ipv4 reset /c >
Reseting Global, OK!
Reseting Interface, OK!
Restart the computer to complete this action.
E:\cmd.bat deleted successfully.
E:\cmd.txt deleted successfully.
< netsh int ipv6 reset /c >
Reseting Interface, OK!
Reseting Unicast Address, OK!
Reseting Route, OK!
Restart the computer to complete this action.
E:\cmd.bat deleted successfully.
E:\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Mark
->Temp folder emptied: 704286014 bytes
->Temporary Internet Files folder emptied: 6145452 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 32727110 bytes
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 17424984 bytes
%systemroot%\System32 (64bit) .tmp files removed: 22378576 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 79112 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 747.00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 06152014_080302

Files\Folders moved on Reboot...
File move failed. D:\Gw2Setup.exe scheduled to be moved on reboot.
File move failed. C:\Users\Mark\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\6d1026b4fa6d4c49d77d65f8805a9c0_fce8395c8fd8a861_6229ccd76215aea1_0_0.bin scheduled to be moved on reboot.
File move failed. C:\Users\Mark\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\6d1026b4fa6d4c49d77d65f8805a9c0_fce8395c8fd8a861_6229ccd76215aea1_0_0.toc scheduled to be moved on reboot.
C:\Users\Mark\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Windows\SysNative\SET26AC.tmp not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

# AdwCleaner v3.212 - Report created 15/06/2014 at 09:04:24
# Updated 05/06/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Mark - MARK-PC
# Running from : C:\Users\Mark\Downloads\adwcleaner_3.212.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : SCBackService

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jZip
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\jZip
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\SearchProtect
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Folder Deleted : C:\Users\Mark\AppData\Local\SearchProtect
Folder Deleted : C:\Users\Mark\AppData\Local\TidyNetwork.com
Folder Deleted : C:\Users\Mark\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Mark\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl
File Deleted : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKCU\Software\Google\Chrome\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl
Key Deleted : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook
Key Deleted : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\jZip.file
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\STC.FBServiceAPPEventsSink
Key Deleted : HKLM\SOFTWARE\Classes\STC.FBServiceAPPEventsSink.1
Key Deleted : HKLM\SOFTWARE\Classes\STC.OptionMenu
Key Deleted : HKLM\SOFTWARE\Classes\STC.OptionMenu.1
Key Deleted : HKLM\SOFTWARE\Classes\STC.Protocol
Key Deleted : HKLM\SOFTWARE\Classes\STC.Protocol.1
Key Deleted : HKLM\SOFTWARE\Classes\STC.VisualBookmark
Key Deleted : HKLM\SOFTWARE\Classes\STC.VisualBookmark.1
Key Deleted : HKLM\SOFTWARE\Classes\STC.WebObject
Key Deleted : HKLM\SOFTWARE\Classes\STC.WebObject.1
Key Deleted : HKLM\SOFTWARE\Classes\STCHelper.BHOHelper
Key Deleted : HKLM\SOFTWARE\Classes\STCHelper.BHOHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\STCHelper.FBServiceAPP
Key Deleted : HKLM\SOFTWARE\Classes\STCHelper.FBServiceAPP.1
Key Deleted : HKLM\SOFTWARE\Classes\STCHelper.Protocol
Key Deleted : HKLM\SOFTWARE\Classes\STCHelper.Protocol.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\jZip_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\jZip_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3309350
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{82A5CE4D-AF0C-45B6-8AF8-75625BE6A08D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B2B7E0CD-E169-43B3-A233-E129610EE314}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0DEC13F0-5C8C-4147-8329-6CDFAD9755B7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0F3DC9E0-C459-4A40-BCF8-747BD9322E10}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E97F0FA-3B44-4634-A87E-8B0D5CFD6365}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{951F5841-FD1E-4F1D-8607-67B174DBD753}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D1CCB0CC-DA45-4797-93D3-DEE7A13F8177}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DCE24E28-D8EF-49BE-BC01-A1DD3B58FCE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E4F7F1A5-490E-4884-A9E3-CBD6A25749E1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFE66D00-A56A-4F7F-81D7-4A28C5816D6C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E8E0178-00EF-413D-9324-E7B3E31572E3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A1A533A8-E106-422B-AE29-D0025269AF83}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B1759D04-0EF9-472A-B5C3-C774997B5321}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FFE66D00-A56A-4F7F-81D7-4A28C5816D6C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3614D305-2DBB-4991-9297-750DD60FFC73}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80ED3EBC-CC05-4336-ABCC-295798855718}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{0F3DC9E0-C459-4A40-BCF8-747BD9322E10}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\jZip
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\searchqutoolbar
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\jZip
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\jZip
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Deleted : [x64] HKLM\SOFTWARE\DataMngr
Key Deleted : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16555

-\\ Google Chrome v

[ File : C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://isearch.avg.com/search?cid={4D0EBBAE-6E9C-4334-A51B-64B2A6940515}&mid=677dddac94a847d0ac5cd16c643451be-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=en&ds=ft011&pr=sa&d=2012-05-20 11:38:49&v=15.2.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms}
Deleted [Search Provider] : hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&CUI=UN11546320201311621&ctid=CT3309350&UM=2
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Deleted [Extension] : iigplimlmgilpobjilfbfeilnpiigpgl

*************************

AdwCleaner[R0].txt - [30217 octets] - [11/06/2014 08:18:35]
AdwCleaner[S0].txt - [30045 octets] - [11/06/2014 08:19:51]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [30106 octets] ##########

Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Mark on Sun 06/15/2014 at 9:11:40.13
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

Successfully stopped: [Service] wcuservice_stc_ie
Successfully deleted: [Service] wcuservice_stc_ie

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\ai_recyclebin"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 06/15/2014 at 9:15:08.16
End of JRT

#28
zep516

Posted 15 June 2014 - 09:29 AM

Trusted Helper

Malware Removal
8,093 posts

Fresh OTL Log,

OTL logfile created on: 6/15/2014 9:17:58 AM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = E:\
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

15.91 Gb Total Physical Memory | 14.02 Gb Available Physical Memory | 88.12% Memory free
31.83 Gb Paging File | 29.85 Gb Available in Paging File | 93.79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.66 Gb Total Space | 147.22 Gb Free Space | 31.61% Space Free | Partition Type: NTFS
Drive D: | 7.84 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive E: | 931.48 Gb Total Space | 17.28 Gb Free Space | 1.86% Space Free | Partition Type: NTFS

Computer Name: MARK-PC | User Name: Mark | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/06/11 13:53:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\OTL.exe
PRC - [2014/05/29 18:35:33 | 002,352,072 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014/05/29 18:31:38 | 001,631,008 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2014/05/19 18:10:40 | 000,413,128 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013/12/21 01:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/08/23 17:50:48 | 002,039,568 | ---- | M] (GameStop Corp.) -- C:\Program Files (x86)\Impulse\Now\GameStopNow.exe
PRC - [2012/01/22 23:43:08 | 000,092,592 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2011/12/24 16:46:39 | 004,942,336 | ---- | M] (FNet Co., Ltd.) -- C:\Program Files (x86)\XFastUsb\XFastUsb.exe
PRC - [2011/08/20 14:18:10 | 000,225,280 | ---- | M] (Alcatel-Lucent) -- C:\Program Files (x86)\Common Files\Motive\McciContextHookShim.exe
PRC - [2011/02/22 13:14:40 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2011/02/22 13:14:34 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/11/20 22:24:27 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2010/11/15 06:21:56 | 000,841,544 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe
PRC - [2009/06/24 12:26:48 | 001,839,104 | ---- | M] (Rosewill Inc.) -- C:\Program Files (x86)\Rosewill\Common\RaUI.exe
PRC - [2009/04/29 21:15:40 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files (x86)\Rosewill\Common\RegistryWriter.exe
PRC - [2008/07/21 17:35:46 | 030,143,744 | ---- | M] ( ) -- C:\Program Files (x86)\D-Link\D-Link DWA-556 Wireless N PCIe Desktop Adapter\wirelesscm.exe

========== Modules (No Company Name) ==========

MOD - [2014/02/11 22:22:43 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll
MOD - [2012/08/27 21:33:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/08/27 21:33:08 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

========== Services (SafeList) ==========

SRV:64bit: - [2014/05/29 18:28:54 | 021,055,432 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2013/05/27 00:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2014/06/13 22:44:16 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/05/29 18:31:38 | 001,631,008 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014/05/19 18:10:40 | 000,413,128 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013/12/21 01:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/10/23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/02/25 08:39:32 | 000,543,144 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/01/22 23:43:08 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2011/02/22 13:14:40 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011/02/22 13:14:34 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/04/29 21:16:16 | 000,211,232 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files (x86)\Rosewill\Common\RegistryWriter64.exe -- (RalinkRegistryWriter64)
SRV - [2009/04/29 21:15:40 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files (x86)\Rosewill\Common\RegistryWriter.exe -- (RalinkRegistryWriter)
SRV - [2008/04/16 16:53:02 | 000,954,368 | ---- | M] (Atheros Communications, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\D-Link\D-Link DWA-556 Wireless N PCIe Desktop Adapter\jswpsapi.exe -- (jswpsapi)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/06/15 08:03:20 | 000,000,000 | ---D | M] [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ -- (MWAC)
DRV:64bit: - [2014/06/15 08:03:20 | 000,000,000 | ---D | M] [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ -- (MBAMProtector)
DRV:64bit: - [2014/06/14 13:01:33 | 000,122,584 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2014/05/29 18:28:53 | 000,020,256 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:64bit: - [2014/03/31 11:42:44 | 000,040,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013/11/28 08:38:18 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013/06/05 10:42:06 | 000,073,984 | ---- | M] (Identive) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\S3XXx64.sys -- (S3XXx64)
DRV:64bit: - [2012/12/13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/10/12 16:35:26 | 000,050,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/12/30 17:34:41 | 000,031,808 | ---- | M] (FNet Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FNETTBOH_305.SYS -- (FNETTBOH_305)
DRV:64bit: - [2011/12/24 16:46:40 | 000,015,936 | ---- | M] (FNet Co., Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\FNETURPX.SYS -- (FNETURPX)
DRV:64bit: - [2011/04/09 22:51:06 | 012,223,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/04/08 06:00:06 | 000,312,624 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mvs91xx.sys -- (mvs91xx)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/14 20:19:56 | 000,412,712 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2011/02/08 00:30:52 | 000,064,512 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV:64bit: - [2011/02/08 00:30:52 | 000,039,936 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3)
DRV:64bit: - [2010/11/20 22:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 22:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/10/19 17:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/10/14 12:28:16 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/06/11 15:37:14 | 000,015,368 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AsrAppCharger.sys -- (AsrAppCharger)
DRV:64bit: - [2010/01/07 04:20:22 | 000,448,512 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL8187.sys -- (RTL8187)
DRV:64bit: - [2009/11/13 18:45:02 | 001,085,952 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2009/10/05 16:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/04/30 20:14:12 | 000,644,608 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2009/04/08 15:28:46 | 000,068,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/03/18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008/05/06 17:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2008/04/28 17:59:26 | 000,026,624 | ---- | M] (Atheros Communications, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\jswpslwfx.sys -- (JSWPSLWF)
DRV:64bit: - [2008/02/18 09:20:21 | 000,041,216 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiBus.sys -- (SaiNtBus)
DRV:64bit: - [2008/02/18 09:20:21 | 000,016,000 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiMini.sys -- (SaiMini)
DRV:64bit: - [2008/01/21 10:20:50 | 000,129,024 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SaiK0728.sys -- (SaiK0728)
DRV - [2011/08/20 14:18:08 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2011/08/20 14:18:06 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008/04/28 17:59:26 | 000,026,624 | ---- | M] (Atheros Communications, Inc.) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\jswpslwfx.sys -- (JSWPSLWF)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Mark\Downloads
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 86 30 9F B3 82 C2 CC 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...=SPLEP1&pc=SPLH
IE - HKCU\..\SearchScopes\{18E68CD5-22D9-43AF-8EDB-427082DB46BE}: "URL" = https://www.google.c...q={searchTerms}
IE - HKCU\..\SearchScopes\{22F4E445-2D18-4fd9-BAB2-82438F7AF788}: "URL" = http://www.google.co...q={searchTerms}
IE - HKCU\..\SearchScopes\{C1E0B1D9-B52C-4d40-B836-E5D2F76C0B05}: "URL" = http://search.yahoo....icevm&type=ASRK
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files (x86)\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Mark\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Mark\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Mark\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/01/16 21:54:19 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/01/16 21:54:19 | 000,000,000 | ---D | M]

[2012/03/12 13:08:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mark\AppData\Roaming\mozilla\Extensions
[2012/03/12 13:08:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mark\AppData\Roaming\mozilla\Extensions\[email protected]

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - plugin: Error reading preferences file
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5019_0\
CHR - Extension: Google Wallet = C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\

O1 HOSTS File: ([2014/06/12 13:27:12 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [CLink_McciTrayApp] C:\Program Files\CLink\McciTrayApp.exe (Alcatel-Lucent)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [IntelliType Pro] c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [ProfilerU] C:\Program Files\Saitek\SD6\Software\ProfilerU.exe (Saitek)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SaiMfd] C:\Program Files\Saitek\SD6\Software\SaiMfd.exe (Saitek)
O4:64bit: - HKLM..\Run: [SaiVolume] C:\Program Files\Saitek\CyborgKeyboard\SaiVolume.exe (Saitek)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [STCAgent] C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe (Splashtop Inc.)
O4 - HKLM..\Run: [XFastUsb] C:\Program Files (x86)\XFastUsb\XFastUsb.exe (FNet Co., Ltd.)
O4 - HKLM..\Run: [ZyngaGamesAgent] C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe (Splashtop Inc.)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GameStop Now.lnk = C:\Program Files (x86)\Impulse\Now\GameStopNow.exe (GameStop Corp.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.co...sreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{399141E6-6C38-4798-A8B2-C12037DE2EFF}: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6495BF5C-AEF4-472C-9CD5-E2892A57F6DD}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6B942070-AFDA-4673-AFEB-3309CF05C50A}: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F2CBF039-BB73-439F-BF2F-47CAAB340A5B}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FF6E2946-6E73-4392-A960-C9ACB1366447}: DhcpNameServer = 192.168.2.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/05/13 22:18:59 | 000,000,047 | R--- | M] () - D:\autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/06/15 09:11:37 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/06/15 09:03:56 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\SysWow64\sqlite3.dll
[2014/06/14 23:03:13 | 000,601,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2014/06/14 23:00:43 | 016,003,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2014/06/14 23:00:43 | 000,837,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2014/06/14 23:00:42 | 031,387,936 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2014/06/14 23:00:42 | 025,256,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2014/06/14 23:00:42 | 024,025,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2014/06/14 23:00:42 | 017,561,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2014/06/14 23:00:42 | 017,480,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2014/06/14 23:00:42 | 011,644,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2014/06/14 23:00:42 | 011,599,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2014/06/14 23:00:42 | 009,735,256 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2014/06/14 23:00:42 | 009,697,640 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2014/06/14 23:00:42 | 003,141,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2014/06/14 23:00:42 | 002,953,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2014/06/14 23:00:42 | 002,785,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2014/06/14 23:00:42 | 002,412,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2014/06/14 23:00:42 | 001,889,112 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433788.dll
[2014/06/14 23:00:42 | 001,541,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433788.dll
[2014/06/14 23:00:42 | 000,895,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2014/06/14 23:00:42 | 000,892,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2014/06/14 23:00:42 | 000,867,784 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2014/06/14 23:00:42 | 000,861,128 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2014/06/14 23:00:42 | 000,354,016 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2014/06/14 23:00:42 | 000,305,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2014/06/14 23:00:42 | 000,166,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2014/06/14 23:00:42 | 000,146,480 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2014/06/14 22:07:02 | 001,715,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspbridge64.dll
[2014/06/14 22:07:02 | 001,291,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspbridge.dll
[2014/06/14 22:06:44 | 000,040,392 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[2014/06/14 22:06:44 | 000,034,760 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2014/06/14 03:21:05 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\CompatTel
[2014/06/14 00:35:35 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2014/06/14 00:35:34 | 000,288,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2014/06/14 00:35:33 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml6r.dll
[2014/06/14 00:35:33 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml6r.dll
[2014/06/14 00:35:33 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014/06/14 00:35:33 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014/06/14 00:35:29 | 000,506,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/06/14 00:35:29 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014/06/14 00:35:27 | 002,338,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/06/14 00:35:27 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014/06/14 00:35:27 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/06/14 00:35:26 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014/06/14 00:35:26 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/06/14 00:35:26 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/06/14 00:35:26 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/06/14 00:35:26 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/06/14 00:35:26 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/06/14 00:35:25 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/06/14 00:35:24 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/06/14 00:35:24 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/06/14 00:35:24 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2014/06/14 00:35:23 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/06/14 00:35:23 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/06/14 00:35:23 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2014/06/14 00:35:22 | 001,494,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/06/14 00:35:22 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2014/06/14 00:35:22 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2014/06/14 00:35:22 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2014/06/13 21:21:53 | 003,969,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2014/06/13 21:21:53 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2014/06/13 21:21:53 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014/06/13 21:21:52 | 005,550,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2014/06/13 21:21:52 | 000,722,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\objsel.dll
[2014/06/13 21:21:52 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2014/06/13 21:21:51 | 000,538,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\objsel.dll
[2014/06/13 21:21:51 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2014/06/13 21:21:50 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2014/06/13 21:21:50 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cngprovider.dll
[2014/06/13 21:21:50 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adprovider.dll
[2014/06/13 21:21:50 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\capiprovider.dll
[2014/06/13 21:21:50 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpapiprovider.dll
[2014/06/13 21:21:50 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cngprovider.dll
[2014/06/13 21:21:50 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adprovider.dll
[2014/06/13 21:21:50 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\capiprovider.dll
[2014/06/13 21:21:50 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpapiprovider.dll
[2014/06/13 21:21:50 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dimsroam.dll
[2014/06/13 21:21:50 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wincredprovider.dll
[2014/06/13 21:21:50 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dimsroam.dll
[2014/06/13 21:21:50 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wincredprovider.dll
[2014/06/13 21:21:50 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2014/06/13 21:21:50 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2014/06/12 13:33:50 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/06/11 08:18:19 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/06/11 07:58:15 | 000,000,000 | ---D | C] -- C:\ProgramData\RogueKiller
[2014/06/10 13:03:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/06/10 13:03:24 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Local\Programs
[2014/05/29 15:40:53 | 000,000,000 | ---D | C] -- C:\Users\Mark\Desktop\DWA-556_drv_revALL_2-11b03_all_en_20120726

========== Files - Modified Within 30 Days ==========

[2014/06/15 09:13:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1127217058-2094234657-793764371-1000UA.job
[2014/06/15 09:12:44 | 000,022,080 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/06/15 09:12:44 | 000,022,080 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/06/15 09:11:33 | 000,782,510 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/06/15 09:11:33 | 000,662,400 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/06/15 09:11:33 | 000,122,268 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/06/15 09:06:14 | 000,001,163 | ---- | M] () -- C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GameStop Now.lnk
[2014/06/15 09:05:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/06/15 09:05:21 | 4226,207,742 | -HS- | M] () -- C:\hiberfil.sys
[2014/06/15 08:44:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/06/14 13:13:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1127217058-2094234657-793764371-1000Core.job
[2014/06/14 13:01:33 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/06/13 22:44:16 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/06/13 22:44:16 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/06/12 13:27:12 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2014/06/08 04:13:05 | 000,506,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/06/08 04:08:04 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014/05/29 18:07:51 | 001,291,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspbridge.dll
[2014/05/29 18:07:51 | 001,122,312 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2014/05/29 18:07:38 | 001,715,176 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspbridge64.dll
[2014/05/29 18:07:38 | 001,279,480 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[2014/05/28 13:37:06 | 002,338,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/05/28 13:30:24 | 001,494,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/05/28 13:30:06 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2014/05/28 13:29:28 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/05/28 13:29:19 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/05/28 13:29:11 | 000,816,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014/05/28 13:29:09 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/05/28 13:28:38 | 000,453,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/05/28 13:28:34 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/05/28 13:28:30 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2014/05/28 13:28:20 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/05/28 13:28:02 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2014/05/28 13:27:30 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/05/28 11:32:25 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/05/28 11:31:33 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2014/05/28 11:30:53 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/05/28 11:30:44 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014/05/28 11:29:49 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2014/05/28 11:29:44 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/05/28 11:28:35 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/05/19 21:44:03 | 031,387,936 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2014/05/19 21:44:03 | 025,256,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2014/05/19 21:44:03 | 024,025,376 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2014/05/19 21:44:03 | 018,531,568 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2014/05/19 21:44:03 | 017,561,544 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2014/05/19 21:44:03 | 017,480,432 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2014/05/19 21:44:03 | 016,003,912 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2014/05/19 21:44:03 | 014,434,704 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2014/05/19 21:44:03 | 011,644,928 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2014/05/19 21:44:03 | 011,599,072 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2014/05/19 21:44:03 | 009,735,256 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2014/05/19 21:44:03 | 009,697,640 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2014/05/19 21:44:03 | 003,141,976 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2014/05/19 21:44:03 | 003,109,248 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2014/05/19 21:44:03 | 002,953,672 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2014/05/19 21:44:03 | 002,785,568 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2014/05/19 21:44:03 | 002,730,208 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2014/05/19 21:44:03 | 002,412,376 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2014/05/19 21:44:03 | 001,889,112 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433788.dll
[2014/05/19 21:44:03 | 001,541,576 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433788.dll
[2014/05/19 21:44:03 | 000,952,952 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2014/05/19 21:44:03 | 000,895,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2014/05/19 21:44:03 | 000,892,704 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2014/05/19 21:44:03 | 000,867,784 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2014/05/19 21:44:03 | 000,861,128 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2014/05/19 21:44:03 | 000,837,056 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2014/05/19 21:44:03 | 000,354,016 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2014/05/19 21:44:03 | 000,305,600 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2014/05/19 21:44:03 | 000,166,568 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2014/05/19 21:44:03 | 000,146,480 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2014/05/19 21:44:03 | 000,026,069 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2014/05/19 20:25:42 | 006,769,096 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2014/05/19 20:25:42 | 003,514,144 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2014/05/19 20:25:38 | 000,387,528 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2014/05/19 20:25:38 | 000,062,808 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2014/05/19 18:10:44 | 000,601,432 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe

========== Files Created - No Company Name ==========

[2012/09/15 23:26:06 | 000,004,096 | -H-- | C] () -- C:\Users\Mark\AppData\Local\keyfile3.drm
[2012/07/31 15:03:07 | 000,774,632 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/03/20 05:43:35 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/24 21:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/24 21:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >

#29
zep516

Posted 15 June 2014 - 02:57 PM

Trusted Helper

Malware Removal
8,093 posts

Hello,

What Anti Virus program are you using ? You had left over AVG Stuff, I don't see an active Anti Virus running.

#30
Noctis4

Posted 15 June 2014 - 03:18 PM

Member

Topic Starter
Member
27 posts

Once I stopped using AVG, I didn't get another one. I know, shame on me but I don't download much of anything and I open emails and stuff on my phone and tablet....

What do you recommend I do about that?