Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Trovi search engine removed, now my browsers are slow and I can't

Trovi malware removal

  • This topic is locked This topic is locked

#1
pkcesar

pkcesar

    New Member

  • Member
  • Pip
  • 1 posts

I recently got trovi search engine from downloading something, and I didn't think it was a big deal until my browser was being sluggish so I tried to remove it with the chrome settings and it kept coming back. Then I went in to my uninstall programs and I found a program called search protect that came with the trovi search and I uninstalled that. Then the next day my youtube videos would buffer and they usually never do for me. So I tried to visit other websites and they were being sluggish as well. So I tried to uninstalled and any recent programs that I thought could be a problem, that did not work so I uninstalled google chrome, Mozilla, adobe flash and Microsoft Silverlight to try and reinstall them to see if that would fix it, but I could not download them. That left me with internet explorer. The sluggishness of websites got a little worse. Only certain websites worked with internet explorer, I was able to reinstall Silverlight but not adobe flash, I tried to reinstall Mozilla and chrome but that didn't work either. So I googled how to remove the trovi search engine and it said to reset my browsers and use adwcleaner, malwarebytes and hitman pro to remove any malware (I had to download them on my phone and transfer them to my pc). I also used ccleaner to remove anything else. Now i'm defragmenting my hard drive to see if that helps. I can use internet explorer to visit some sites, I just cant load some pictures or they take a while to load. What steps should I take fix this? I don't want to have to wipe it because it is my gaming computer.

P.S. Its not my internet speed that's slow speedtest says its 6 down 3 up.

P.P.S Usually when a download fails it works for a little, stops, then says something like "connection failed, unable to complete installation"

 

OTL logfile created on: 7/11/2014 10:29:41 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Cesar\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16686)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
7.95 Gb Total Physical Memory | 5.18 Gb Available Physical Memory | 65.15% Memory free
15.89 Gb Paging File | 12.43 Gb Available in Paging File | 78.21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.41 Gb Total Space | 56.56 Gb Free Space | 6.07% Space Free | Partition Type: NTFS
 
Computer Name: CESAR-PC | User Name: Cesar | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/07/11 22:25:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Cesar\Desktop\OTL.exe
PRC - [2014/07/11 21:50:45 | 000,690,688 | ---- | M] () -- C:\Users\Cesar\AppData\Local\Temp\is-QEFII.tmp\spybotsd162.tmp
PRC - [2014/07/11 19:09:26 | 016,409,960 | ---- | M] (Safer Networking Limited                                    ) -- C:\Users\Cesar\Desktop\spybotsd162.exe
PRC - [2014/07/10 14:20:58 | 001,753,280 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2014/06/27 14:20:02 | 024,477,056 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
PRC - [2014/06/20 12:15:14 | 000,230,792 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
PRC - [2014/06/16 16:04:42 | 000,284,008 | ---- | M] (Binary Fortress Software) -- C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6032.exe
PRC - [2014/02/19 18:40:02 | 000,239,680 | ---- | M] (Foxit Corporation) -- C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
PRC - [2014/02/04 21:31:22 | 000,126,995 | ---- | M] (VideoLAN) -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
PRC - [2013/11/06 11:55:46 | 000,845,168 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2013/11/06 11:55:40 | 000,311,152 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2013/10/30 20:09:08 | 002,990,304 | ---- | M] (Nota Inc.) -- C:\Program Files (x86)\Gyazo\GyStation.exe
PRC - [2013/10/04 21:16:10 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013/09/03 14:02:02 | 001,763,840 | ---- | M] (Last.fm) -- C:\Program Files (x86)\Last.fm\Last.fm Scrobbler.exe
PRC - [2013/08/30 19:38:34 | 002,075,136 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\SLSTaskbar.exe
PRC - [2013/07/10 08:45:36 | 001,799,120 | ---- | M] (Piotr Pawlowski) -- C:\Program Files (x86)\foobar2000\foobar2000.exe
PRC - [2013/03/28 22:08:42 | 000,565,248 | ---- | M] (AMD) -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraMD.exe
PRC - [2013/03/28 22:08:14 | 000,389,120 | ---- | M] (AMD) -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
PRC - [2013/01/23 02:12:42 | 000,166,968 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSS.exe
PRC - [2013/01/23 02:12:40 | 000,425,016 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
PRC - [2012/09/13 00:38:44 | 000,204,136 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2012/08/20 13:43:20 | 000,550,272 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
PRC - [2012/08/07 13:42:12 | 001,504,640 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
PRC - [2012/08/01 16:39:04 | 001,112,064 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
PRC - [2012/07/23 20:20:10 | 001,190,400 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe
PRC - [2012/07/17 14:57:22 | 000,365,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2012/07/17 14:57:20 | 000,277,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2012/06/25 10:57:14 | 000,166,720 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/06/01 17:42:18 | 000,951,936 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
PRC - [2012/06/01 17:42:18 | 000,920,736 | ---- | M] () -- C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
PRC - [2012/05/22 09:37:28 | 001,780,736 | ---- | M] (Corsair Components  Inc) -- C:\Program Files (x86)\corsair\K90 Keyboard\K90Hid.exe
PRC - [2012/05/21 00:26:26 | 000,291,648 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012/05/18 16:15:30 | 000,324,608 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.08\AsusFanControlService.exe
PRC - [2012/05/03 12:17:36 | 001,256,576 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
PRC - [2012/04/16 19:32:26 | 000,251,392 | ---- | M] (Corsair Components  Inc) -- C:\Program Files (x86)\corsair\K90 Keyboard\CorsTra.exe
PRC - [2012/03/13 12:34:12 | 002,935,424 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
PRC - [2012/02/17 14:26:00 | 000,149,120 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
PRC - [2011/09/08 21:29:12 | 001,112,704 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
PRC - [2011/05/27 11:07:36 | 000,160,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/07/11 21:50:45 | 000,690,688 | ---- | M] () -- C:\Users\Cesar\AppData\Local\Temp\is-QEFII.tmp\spybotsd162.tmp
MOD - [2014/07/11 18:32:32 | 001,160,704 | ---- | M] () -- C:\Users\Cesar\AppData\Local\Temp\_MEI29362\_ssl.pyd
MOD - [2014/07/11 18:32:32 | 001,062,400 | ---- | M] () -- C:\Users\Cesar\AppData\Local\Temp\_MEI29362\wx._controls_.pyd
MOD - [2014/07/11 18:32:32 | 000,811,008 | ---- | M] () -- C:\Users\Cesar\AppData\Local\Temp\_MEI29362\wx._windows_.pyd
MOD - [2014/07/11 18:32:32 | 000,805,888 | ---- | M] () -- C:\Users\Cesar\AppData\Local\Temp\_MEI29362\wx._gdi_.pyd
MOD - [2014/07/11 18:32:32 | 000,713,216 | ---- | M] () -- C:\Users\Cesar\AppData\Local\Temp\_MEI29362\_hashlib.pyd
MOD - [2014/07/11 18:32:32 | 000,686,080 | ---- | M] () -- C:\Users\Cesar\AppData\Local\Temp\_MEI29362\unicodedata.pyd
MOD - [2014/07/11 18:32:32 | 000,525,640 | ---- | M] () -- C:\Users\Cesar\AppData\Local\Temp\_MEI29362\windows._lib_cacheinvalidation.pyd
MOD - [2014/07/11 18:32:32 | 000,167,936 | ---- | M] () -- C:\Users\Cesar\AppData\Local\Temp\_MEI29362\win32gui.pyd
MOD - [2014/07/11 18:32:32 | 000,128,512 | ---- | M] () -- C:\Users\Cesar\AppData\Local\Temp\_MEI29362\_elementtree.pyd
MOD - [2014/07/11 18:32:32 | 000,127,488 | ---- | M] () -- C:\Users\Cesar\AppData\Local\Temp\_MEI29362\pyexpat.pyd
MOD - [2014/07/11 18:32:32 | 000,119,808 | ---- | M] () -- C:\Users\Cesar\AppData\Local\Temp\_MEI29362\win32file.pyd
MOD - [2014/07/11 18:32:32 | 000,110,080 | ---- | M] () -- C:\Users\Cesar\AppData\Local\Temp\_MEI29362\PyWinTypes27.dll
MOD - [2014/07/11 18:32:32 | 000,108,544 | ---- | M] () -- C:\Users\Cesar\AppData\Local\Temp\_MEI29362\win32security.pyd
MOD - [2014/07/11 18:32:32 | 000,087,552 | ---- | M] () -- C:\Users\Cesar\AppData\Local\Temp\_MEI29362\_ctypes.pyd
MOD - [2014/07/11 18:32:32 | 000,070,656 | ---- | M] () -- C:\Users\Cesar\AppData\Local\Temp\_MEI29362\wx._html2.pyd
MOD - [2014/07/11 18:32:32 | 000,038,912 | ---- | M] () -- C:\Users\Cesar\AppData\Local\Temp\_MEI29362\win32inet.pyd
MOD - [2014/07/11 18:32:32 | 000,027,136 | ---- | M] () -- C:\Users\Cesar\AppData\Local\Temp\_MEI29362\_multiprocessing.pyd
MOD - [2014/07/11 18:32:32 | 000,025,600 | ---- | M] () -- C:\Users\Cesar\AppData\Local\Temp\_MEI29362\win32pdh.pyd
MOD - [2014/07/11 18:32:32 | 000,024,064 | ---- | M] () -- C:\Users\Cesar\AppData\Local\Temp\_MEI29362\win32pipe.pyd
MOD - [2014/07/11 18:32:32 | 000,018,432 | ---- | M] () -- C:\Users\Cesar\AppData\Local\Temp\_MEI29362\win32event.pyd
MOD - [2014/07/11 18:32:32 | 000,017,408 | ---- | M] () -- C:\Users\Cesar\AppData\Local\Temp\_MEI29362\win32profile.pyd
MOD - [2014/07/11 18:32:32 | 000,010,240 | ---- | M] () -- C:\Users\Cesar\AppData\Local\Temp\_MEI29362\select.pyd
MOD - [2014/07/11 18:32:32 | 000,007,168 | ---- | M] () -- C:\Users\Cesar\AppData\Local\Temp\_MEI29362\hashobjs_ext.pyd
MOD - [2014/07/11 18:32:31 | 001,175,040 | ---- | M] () -- C:\Users\Cesar\AppData\Local\Temp\_MEI29362\wx._core_.pyd
MOD - [2014/07/11 18:32:31 | 000,735,232 | ---- | M] () -- C:\Users\Cesar\AppData\Local\Temp\_MEI29362\wx._misc_.pyd
MOD - [2014/07/11 18:32:31 | 000,557,056 | ---- | M] () -- C:\Users\Cesar\AppData\Local\Temp\_MEI29362\pysqlite2._sqlite.pyd
MOD - [2014/07/11 18:32:31 | 000,364,544 | ---- | M] () -- C:\Users\Cesar\AppData\Local\Temp\_MEI29362\pythoncom27.dll
MOD - [2014/07/11 18:32:31 | 000,320,512 | ---- | M] () -- C:\Users\Cesar\AppData\Local\Temp\_MEI29362\win32com.shell.shell.pyd
MOD - [2014/07/11 18:32:31 | 000,122,368 | ---- | M] () -- C:\Users\Cesar\AppData\Local\Temp\_MEI29362\wx._wizard.pyd
MOD - [2014/07/11 18:32:31 | 000,098,816 | ---- | M] () -- C:\Users\Cesar\AppData\Local\Temp\_MEI29362\win32api.pyd
MOD - [2014/07/11 18:32:31 | 000,078,336 | ---- | M] () -- C:\Users\Cesar\AppData\Local\Temp\_MEI29362\wx._animate.pyd
MOD - [2014/07/11 18:32:31 | 000,045,568 | ---- | M] () -- C:\Users\Cesar\AppData\Local\Temp\_MEI29362\_socket.pyd
MOD - [2014/07/11 18:32:31 | 000,035,840 | ---- | M] () -- C:\Users\Cesar\AppData\Local\Temp\_MEI29362\win32process.pyd
MOD - [2014/07/11 18:32:31 | 000,022,528 | ---- | M] () -- C:\Users\Cesar\AppData\Local\Temp\_MEI29362\win32ts.pyd
MOD - [2014/07/11 18:32:31 | 000,011,264 | ---- | M] () -- C:\Users\Cesar\AppData\Local\Temp\_MEI29362\win32crypt.pyd
MOD - [2014/07/10 14:21:32 | 002,139,328 | ---- | M] () -- C:\Program Files (x86)\Steam\video.dll
MOD - [2014/07/10 14:21:04 | 001,116,864 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2014/06/26 18:40:28 | 000,764,416 | ---- | M] () -- C:\Program Files (x86)\Steam\SDL2.dll
MOD - [2014/05/30 21:27:20 | 001,116,672 | ---- | M] () -- C:\Program Files (x86)\Steam\libavcodec-55.dll
MOD - [2014/05/30 21:27:20 | 000,438,784 | ---- | M] () -- C:\Program Files (x86)\Steam\libavutil-53.dll
MOD - [2014/05/30 21:27:20 | 000,399,360 | ---- | M] () -- C:\Program Files (x86)\Steam\libavformat-55.dll
MOD - [2014/05/30 21:27:20 | 000,331,264 | ---- | M] () -- C:\Program Files (x86)\Steam\libavresample-1.dll
MOD - [2014/05/01 19:35:22 | 020,628,160 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2014/04/28 20:37:22 | 000,519,168 | ---- | M] () -- C:\Program Files (x86)\Steam\libswscale-2.dll
MOD - [2014/02/04 21:32:36 | 002,396,179 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\libvlccore.dll
MOD - [2014/02/04 21:32:28 | 011,148,307 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll
MOD - [2014/02/04 21:32:24 | 000,031,251 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll
MOD - [2014/02/04 21:32:24 | 000,027,667 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll
MOD - [2014/02/04 21:32:24 | 000,017,939 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll
MOD - [2014/02/04 21:32:22 | 000,336,403 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll
MOD - [2014/02/04 21:32:22 | 000,291,859 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libpng_plugin.dll
MOD - [2014/02/04 21:32:22 | 000,019,475 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liba52_plugin.dll
MOD - [2014/02/04 21:32:22 | 000,018,451 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libdts_plugin.dll
MOD - [2014/02/04 21:32:20 | 001,371,667 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll
MOD - [2014/02/04 21:32:18 | 000,027,155 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libg711_plugin.dll
MOD - [2014/02/04 21:32:18 | 000,018,963 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll
MOD - [2014/02/04 21:32:18 | 000,015,891 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll
MOD - [2014/02/04 21:32:16 | 001,280,019 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll
MOD - [2014/02/04 21:32:16 | 000,733,203 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll
MOD - [2014/02/04 21:32:16 | 000,171,027 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libopus_plugin.dll
MOD - [2014/02/04 21:32:16 | 000,022,035 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll
MOD - [2014/02/04 21:32:16 | 000,019,987 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll
MOD - [2014/02/04 21:32:14 | 010,396,179 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll
MOD - [2014/02/04 21:32:14 | 000,344,595 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll
MOD - [2014/02/04 21:32:14 | 000,198,675 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libflac_plugin.dll
MOD - [2014/02/04 21:32:06 | 000,146,451 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll
MOD - [2014/02/04 21:32:06 | 000,054,291 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll
MOD - [2014/02/04 21:32:06 | 000,038,419 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libglobalhotkeys_plugin.dll
MOD - [2014/02/04 21:32:06 | 000,026,131 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll
MOD - [2014/02/04 21:32:04 | 000,013,843 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libyuvp_plugin.dll
MOD - [2014/02/04 21:32:04 | 000,013,843 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll
MOD - [2014/02/04 21:32:02 | 000,555,027 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libswscale_plugin.dll
MOD - [2014/02/04 21:32:00 | 000,015,379 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libscale_plugin.dll
MOD - [2014/02/04 21:31:58 | 000,296,979 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\lua\liblua_plugin.dll
MOD - [2014/02/04 21:31:54 | 001,512,467 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll
MOD - [2014/02/04 21:31:54 | 001,496,083 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll
MOD - [2014/02/04 21:31:54 | 000,018,963 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll
MOD - [2014/02/04 21:31:48 | 000,383,507 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libupnp_plugin.dll
MOD - [2014/02/04 21:31:48 | 000,118,803 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libsap_plugin.dll
MOD - [2014/02/04 21:31:48 | 000,017,427 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libmediadirs_plugin.dll
MOD - [2014/02/04 21:31:48 | 000,014,867 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libwindrive_plugin.dll
MOD - [2014/02/04 21:31:46 | 001,248,787 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\misc\libxml_plugin.dll
MOD - [2014/02/04 21:31:46 | 000,021,011 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libpodcast_plugin.dll
MOD - [2014/02/04 21:31:44 | 000,053,779 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\mmx\libi420_rgb_mmx_plugin.dll
MOD - [2014/02/04 21:31:44 | 000,019,987 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\mmx\libi422_yuy2_mmx_plugin.dll
MOD - [2014/02/04 21:31:44 | 000,019,987 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\mmx\libi420_yuy2_mmx_plugin.dll
MOD - [2014/02/04 21:31:42 | 000,724,499 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\text_renderer\libfreetype_plugin.dll
MOD - [2014/02/04 21:31:40 | 000,113,683 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\sse2\libi420_rgb_sse2_plugin.dll
MOD - [2014/02/04 21:31:40 | 000,067,091 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirect3d_plugin.dll
MOD - [2014/02/04 21:31:40 | 000,066,579 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll
MOD - [2014/02/04 21:31:40 | 000,032,275 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_plugin.dll
MOD - [2014/02/04 21:31:40 | 000,027,667 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\sse2\libi422_yuy2_sse2_plugin.dll
MOD - [2014/02/04 21:31:40 | 000,026,643 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\sse2\libi420_yuy2_sse2_plugin.dll
MOD - [2014/02/04 21:31:40 | 000,020,499 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libyuy2_i420_plugin.dll
MOD - [2014/02/04 21:31:40 | 000,018,963 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll
MOD - [2014/02/04 21:31:40 | 000,017,427 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll
MOD - [2014/02/04 21:31:40 | 000,016,915 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll
MOD - [2014/02/04 21:31:40 | 000,015,379 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_i420_plugin.dll
MOD - [2014/02/04 21:31:40 | 000,015,379 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll
MOD - [2014/02/04 21:31:38 | 000,268,307 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdshow_plugin.dll
MOD - [2014/02/04 21:31:38 | 000,240,659 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll
MOD - [2014/02/04 21:31:38 | 000,076,307 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_vdr_plugin.dll
MOD - [2014/02/04 21:31:36 | 002,021,395 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll
MOD - [2014/02/04 21:31:36 | 000,114,195 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libzip_plugin.dll
MOD - [2014/02/04 21:31:36 | 000,045,587 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll
MOD - [2014/02/04 21:31:34 | 000,100,371 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll
MOD - [2014/02/04 21:31:34 | 000,077,331 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libflacsys_plugin.dll
MOD - [2014/02/04 21:31:34 | 000,074,259 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmpc_plugin.dll
MOD - [2014/02/04 21:31:34 | 000,040,467 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libstream_filter_rar_plugin.dll
MOD - [2014/02/04 21:31:30 | 000,133,139 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll
MOD - [2014/02/04 21:31:30 | 000,091,667 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libavi_plugin.dll
MOD - [2014/02/04 21:31:30 | 000,025,619 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libes_plugin.dll
MOD - [2014/02/04 21:31:30 | 000,021,523 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libwav_plugin.dll
MOD - [2014/02/04 21:31:30 | 000,016,403 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libtta_plugin.dll
MOD - [2014/02/04 21:31:28 | 001,194,003 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmkv_plugin.dll
MOD - [2014/02/04 21:31:28 | 000,929,299 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libsid_plugin.dll
MOD - [2014/02/04 21:31:28 | 000,189,971 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll
MOD - [2014/02/04 21:31:28 | 000,144,403 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libogg_plugin.dll
MOD - [2014/02/04 21:31:28 | 000,067,603 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libasf_plugin.dll
MOD - [2014/02/04 21:31:28 | 000,023,059 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libnuv_plugin.dll
MOD - [2014/02/04 21:31:26 | 000,708,627 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libdash_plugin.dll
MOD - [2014/02/04 21:31:26 | 000,014,867 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\librecord_plugin.dll
MOD - [2014/02/04 21:31:24 | 000,531,475 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libhttplive_plugin.dll
MOD - [2014/02/04 21:31:24 | 000,060,947 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libsmooth_plugin.dll
MOD - [2014/02/04 21:31:22 | 000,113,171 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\libvlc.dll
MOD - [2013/09/03 14:01:36 | 000,126,976 | ---- | M] () -- C:\Program Files (x86)\Last.fm\listener.dll
MOD - [2013/09/03 14:01:32 | 000,736,768 | ---- | M] () -- C:\Program Files (x86)\Last.fm\unicorn.dll
MOD - [2013/09/03 14:01:14 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\Last.fm\logger.dll
MOD - [2013/09/03 10:54:56 | 000,351,232 | ---- | M] () -- C:\Program Files (x86)\Last.fm\lastfm.dll
MOD - [2013/07/22 00:33:28 | 002,010,624 | ---- | M] () -- C:\Program Files (x86)\ManyCam\Bin\opencv_core220.dll
MOD - [2013/07/22 00:33:28 | 001,241,088 | ---- | M] () -- C:\Program Files (x86)\ManyCam\Bin\opencv_imgproc220.dll
MOD - [2013/07/10 08:45:38 | 001,598,944 | ---- | M] () -- C:\Program Files (x86)\foobar2000\avcodec-fb2k-54.dll
MOD - [2013/07/10 08:45:38 | 001,492,456 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_input_std.dll
MOD - [2013/07/10 08:45:38 | 000,198,112 | ---- | M] () -- C:\Program Files (x86)\foobar2000\avutil-fb2k-52.dll
MOD - [2013/07/10 08:45:38 | 000,156,112 | ---- | M] () -- C:\Program Files (x86)\foobar2000\shared.dll
MOD - [2013/07/10 08:45:36 | 000,942,056 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_ui_std.dll
MOD - [2013/07/10 08:25:50 | 000,199,680 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_dsp_std.dll
MOD - [2013/07/10 08:25:36 | 000,291,328 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_rgscan.dll
MOD - [2013/07/10 08:25:32 | 000,500,736 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_converter.dll
MOD - [2013/06/14 19:49:12 | 001,100,800 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2013/06/14 19:49:12 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2013/06/14 19:49:12 | 000,124,416 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2013/05/04 07:57:08 | 000,095,712 | ---- | M] () -- C:\Program Files (x86)\foobar2000\zlib1.dll
MOD - [2013/03/07 05:48:32 | 000,303,104 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_cdda.dll
MOD - [2013/02/11 07:28:58 | 000,358,912 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_albumlist.dll
MOD - [2013/02/11 07:28:58 | 000,198,656 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_dsp_eq.dll
MOD - [2013/02/11 07:28:10 | 000,281,600 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_fileops.dll
MOD - [2013/02/11 07:28:10 | 000,173,056 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_unpack.dll
MOD - [2013/02/11 07:27:56 | 000,298,496 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_freedb2.dll
MOD - [2013/01/28 13:08:56 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013/01/28 13:08:28 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2013/01/23 02:12:42 | 000,166,968 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSS.exe
MOD - [2013/01/23 02:12:40 | 000,425,016 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
MOD - [2013/01/18 12:49:56 | 000,182,784 | ---- | M] () -- C:\Program Files (x86)\Last.fm\plugins\phonon_backend\phonon_vlc.dll
MOD - [2013/01/18 12:39:50 | 000,302,592 | ---- | M] () -- C:\Program Files (x86)\Last.fm\phonon.dll
MOD - [2013/01/16 12:01:08 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
MOD - [2013/01/16 12:01:06 | 000,348,160 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
MOD - [2013/01/16 12:01:00 | 000,229,376 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTCore.dll
MOD - [2013/01/16 12:00:58 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTUI.dll
MOD - [2013/01/16 12:00:56 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTFC.dll
MOD - [2012/12/13 01:13:36 | 002,286,592 | ---- | M] () -- C:\Program Files (x86)\Last.fm\libvlccore.dll
MOD - [2012/12/13 01:13:32 | 000,049,664 | ---- | M] () -- C:\Program Files (x86)\Last.fm\plugins\audio_output\libaout_directx_plugin.dll
MOD - [2012/12/13 01:12:58 | 000,111,104 | ---- | M] () -- C:\Program Files (x86)\Last.fm\libvlc.dll
MOD - [2012/11/30 06:48:46 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTMUI.dll
MOD - [2012/11/30 06:45:56 | 000,122,880 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSSHooks.dll
MOD - [2012/11/30 06:26:54 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTUI.dll
MOD - [2012/11/30 06:24:00 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTFC.dll
MOD - [2012/09/13 00:38:52 | 007,955,304 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTGui4.dll
MOD - [2012/09/13 00:38:52 | 000,341,352 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTXml4.dll
MOD - [2012/09/13 00:38:52 | 000,127,336 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll
MOD - [2012/09/13 00:38:52 | 000,028,008 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll
MOD - [2012/09/13 00:38:44 | 002,144,104 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTCore4.dll
MOD - [2012/07/25 09:56:42 | 001,124,864 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\Network iControl.dll
MOD - [2012/07/20 09:39:40 | 001,047,040 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
MOD - [2012/07/05 12:05:48 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
MOD - [2012/06/19 12:56:22 | 001,305,600 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
MOD - [2012/06/15 17:59:28 | 000,802,816 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_uie_lyrics3.dll
MOD - [2012/05/28 21:27:04 | 001,622,528 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
MOD - [2012/05/25 10:33:10 | 000,883,712 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
MOD - [2012/05/17 18:57:10 | 000,043,520 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
MOD - [2012/05/14 12:39:24 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\corsair\K90 Keyboard\hidGetKey.dll
MOD - [2012/04/30 03:55:48 | 000,026,112 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\swresample-0.dll
MOD - [2012/04/30 03:55:45 | 008,358,400 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\avcodec-54.dll
MOD - [2012/04/30 03:55:45 | 001,152,512 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\avformat-54.dll
MOD - [2012/04/30 03:55:45 | 000,333,824 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\swscale-2.dll
MOD - [2012/04/30 03:55:45 | 000,151,040 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\avutil-51.dll
MOD - [2012/03/21 12:07:44 | 000,972,288 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
MOD - [2012/01/19 09:39:30 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\PEInfo.dll
MOD - [2011/10/14 20:03:22 | 000,885,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
MOD - [2011/09/26 19:36:24 | 000,869,376 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\AI Charger+\AIChargerPlus.dll
MOD - [2011/09/19 20:18:20 | 001,243,136 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
MOD - [2011/08/18 20:06:16 | 001,767,936 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_facets.dll
MOD - [2011/07/21 09:06:44 | 000,846,848 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
MOD - [2011/07/12 19:14:52 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
MOD - [2011/06/28 13:25:35 | 001,864,704 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_dop.dll
MOD - [2011/04/30 15:04:54 | 000,013,312 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTTSH.dll
MOD - [2011/04/30 15:04:54 | 000,013,312 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTTSH.dll
MOD - [2011/02/27 16:22:58 | 001,608,192 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_ui_columns.dll
MOD - [2010/10/05 08:22:50 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
MOD - [2010/10/05 08:22:50 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
MOD - [2010/09/23 11:51:36 | 000,114,688 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\AsIdxParser.dll
MOD - [2010/08/23 10:17:40 | 000,662,016 | ---- | M] () -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
MOD - [2010/02/25 14:01:30 | 000,139,264 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\AsZip.dll
MOD - [2009/12/10 00:16:12 | 000,356,352 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_uie_panel_splitter.dll
MOD - [2009/08/12 20:15:52 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll
MOD - [2007/05/18 13:31:10 | 000,278,528 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_uie_quicksearch.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/07/11 05:09:01 | 000,127,752 | ---- | M] (SurfRight B.V.) [Auto | Running] -- C:\Program Files\HitmanPro\hmpsched.exe -- (HitmanProScheduler)
SRV:64bit: - [2014/04/09 09:13:48 | 000,289,256 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe -- (McComponentHostService)
SRV:64bit: - [2013/08/30 18:57:54 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013/07/18 20:33:12 | 000,366,600 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013/07/18 20:33:12 | 000,023,816 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/06/05 17:40:38 | 000,190,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel®
SRV:64bit: - [2012/04/20 14:16:12 | 000,635,104 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2012/01/23 22:30:22 | 000,233,328 | ---- | M] (DTS, Inc) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe -- (DTSAudioSvc)
SRV:64bit: - [2011/12/12 00:00:00 | 000,135,824 | ---- | M] (Seiko Epson Corporation) [Auto | Running] -- C:\Windows\SysNative\escsvc64.exe -- (EpsonScanSvc)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014/06/18 11:18:20 | 005,179,760 | ---- | M] (Binary Fortress Software) [Auto | Running] -- C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe -- (DisplayFusionService)
SRV - [2014/02/19 18:40:02 | 000,239,680 | ---- | M] (Foxit Corporation) [Auto | Running] -- C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe -- (FoxitCloudUpdateService)
SRV - [2013/10/23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/10/04 21:16:10 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013/07/21 04:12:19 | 000,049,152 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\BattlEye\BEService.exe -- (BEService)
SRV - [2013/06/05 15:29:08 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/07/17 14:57:22 | 000,365,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/17 14:57:20 | 000,277,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/07/09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012/06/25 10:57:14 | 000,166,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/06/01 17:42:18 | 000,951,936 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe -- (asHmComSvc)
SRV - [2012/06/01 17:42:18 | 000,920,736 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe -- (asComSvc)
SRV - [2012/05/18 16:15:30 | 000,324,608 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.08\AsusFanControlService.exe -- (AsusFanControlService)
SRV - [2012/02/17 14:26:00 | 000,149,120 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2011/05/27 11:07:36 | 000,160,768 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/07/11 16:59:49 | 000,122,584 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2014/07/03 13:18:10 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2014/03/26 19:00:14 | 000,141,600 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2014/01/22 08:52:10 | 000,108,800 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2013/08/30 20:11:28 | 012,528,640 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013/08/30 18:32:32 | 000,618,496 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013/08/21 00:31:40 | 000,204,568 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2013/08/19 16:14:06 | 000,231,376 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\truecrypt.sys -- (truecrypt)
DRV:64bit: - [2013/07/05 04:40:38 | 000,096,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2013/06/18 21:50:08 | 000,139,616 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2013/01/31 05:50:58 | 000,028,160 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcaudrv_x64.sys -- (mcaudrv_simple)
DRV:64bit: - [2013/01/17 15:15:12 | 000,066,800 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys -- (LGSHidFilt)
DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/10/10 23:08:10 | 000,044,928 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys -- (ManyCam)
DRV:64bit: - [2012/09/21 15:04:22 | 004,763,680 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2012/09/21 15:04:22 | 000,351,520 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/02 15:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/05/31 11:06:14 | 000,032,400 | ---- | M] (NT Kernel Resources) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ndisrd.sys -- (ndisrd)
DRV:64bit: - [2012/05/21 00:25:32 | 000,789,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012/05/21 00:25:32 | 000,357,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012/05/21 00:25:32 | 000,019,264 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012/05/17 18:57:04 | 000,026,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ICCWDT.sys -- (ICCWDT)
DRV:64bit: - [2012/03/27 10:58:36 | 000,025,600 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CORSGKB.sys -- (CORSGKB)
DRV:64bit: - [2012/03/15 20:57:30 | 000,514,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/11/03 11:10:42 | 000,395,752 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011/11/03 11:10:42 | 000,130,536 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 07:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2009/11/23 20:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009/11/23 20:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009/08/13 22:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2013/01/23 02:12:38 | 000,013,368 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\MSI Afterburner\RTCore64.sys -- (RTCore64)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D3 85 7C 5F 58 9D CF 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.4: C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.3.0: C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Cesar\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Cesar\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Cesar\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Cesar\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Cesar\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
 
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{e4f94d1e-2f53-401e-8885-681602c0ddd8}: C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014/04/04 06:36:14 | 000,010,691 | ---- | M] ()
 
[2013/09/13 23:54:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Cesar\AppData\Roaming\Mozilla\Extensions
[2014/07/11 15:41:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Cesar\AppData\Roaming\Mozilla\Firefox\Profiles\f9a6wpzj.default-1405107015466\extensions
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - plugin: iTunes Application Detector (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll
CHR - Extension: Google Docs = C:\Users\Cesar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Google Drive = C:\Users\Cesar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\Cesar\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5019_0\
CHR - Extension: YouTube = C:\Users\Cesar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Users\Cesar\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.3_0\
CHR - Extension: Google Search = C:\Users\Cesar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: TinEye Reverse Image Search = C:\Users\Cesar\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl\1.1.4_0\
CHR - Extension: Google Wallet = C:\Users\Cesar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Page Monitor = C:\Users\Cesar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pemhgklkefakciniebenbfclihhmmfcd\3.3.4_0\
CHR - Extension: Gmail = C:\Users\Cesar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2013/07/21 22:13:21 | 000,001,016 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 ood.opsource.net ereg.wip4.adobe.com ereg.wip.adobe.com activate-sjc0.adobe.com practivate.adobe.ipp activate.wip4.adobe.com 3dns-1.adobe.com activate.wip1.adobe.com 3dns.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.ntp activate.wip.adobe.com wip1.adobe.com 3dns-4.adobe.com activate.wip2.adobe.com practivate.adobe 3dns-2.adobe.com www.wip4.adobe.com 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 crl.verisign.net adobe-dns-4.adobe.com adobe-dns-1.adobe.com adobe-dns.adobe.com ereg.adobe.com wip4.adobe.com lm.licenses.adobe.com wip3.adobe.com na2m-pr.licenses.adobe.com
O1 - Hosts: 127.0.0.1 www.wip1.adobe.com adobeereg.com lmlicenses.wip4.adobe.com www.wip2.adobe.com ereg.wip2.adobe.com www.wip.adobe.com wip2.adobe.com practivate.adobe.newoa wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 wip.adobe.com adobe-dns-3.adobe.com www.adobeereg.com practivate.adobe.com activate-sea.adobe.com activate.wip3.adobe.com activate.adobe.com adobe-dns-2.adobe.com www.wip3.adobe.com
O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com ereg.wip3.adobe.com ereg.wip1.adobe.com
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg_DTS] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [Corsair laver] C:\Program Files (x86)\corsair\K90 Keyboard\K90Hid.exe (Corsair Components  Inc)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKCU..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKCU..\Run: [AdobeBridge]  File not found
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKCU..\Run: [DisplayFusion] C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe (Binary Fortress Software)
O4 - HKCU..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIIUE.EXE /EPT "EPLTarget\P0000000000000000" /M "WF-2540 Series" File not found
O4 - HKCU..\Run: [EPLTarget\P0000000000000001] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIIUE.EXE /EPT "EPLTarget\P0000000000000001" /M "WF-2540 Series" File not found
O4 - HKCU..\Run: [EPLTarget\P0000000000000004] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIIUE.EXE /EPT "EPLTarget\P0000000000000004" /M "WF-2540 Series" File not found
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [Gyazo] C:\Program Files (x86)\Gyazo\GyStation.exe (Nota Inc.)
O4 - HKCU..\Run: [HydraVisionDesktopManager] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
O4 - HKCU..\Run: [HydraVisionMDEngine] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraMD.exe (AMD)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Cesar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Core Temp.lnk =  File not found
O4 - Startup: C:\Users\Cesar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Deluge.lnk = C:\Program Files (x86)\Deluge\deluge.exe ()
O4 - Startup: C:\Users\Cesar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MSI Afterburner.lnk = C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe ()
O4 - Startup: C:\Users\Cesar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TweetDeck.lnk = C:\Users\Cesar\AppData\Roaming\Microsoft\Installer\{FA6381E9-96D2-4F6F-866C-4D16E5986FF6}\TweetDeck.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Open Client to monitor &1 - C:\Windows\web\AOpenClient.htm File not found
O8:64bit: - Extra context menu item: Open Client to monitor &2 - C:\Windows\web\AOpenClient.htm File not found
O8 - Extra context menu item: Open Client to monitor &1 - C:\Windows\web\AOpenClient.htm File not found
O8 - Extra context menu item: Open Client to monitor &2 - C:\Windows\web\AOpenClient.htm File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6CF155FE-B9DE-4B92-BB62-DD53E9068CD2}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{59ff9404-b28b-11e2-be9c-50465da3323c}\Shell - "" = AutoRun
O33 - MountPoints2\{59ff9404-b28b-11e2-be9c-50465da3323c}\Shell\AutoRun\command - "" = E:\TL-Bootstrap.exe
O33 - MountPoints2\{815f809d-a31b-11e2-bc1c-50465da3323c}\Shell - "" = AutoRun
O33 - MountPoints2\{815f809d-a31b-11e2-bc1c-50465da3323c}\Shell\AutoRun\command - "" = E:\INSTALL.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/07/11 22:26:51 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Cesar\Desktop\OTL.exe
[2014/07/11 19:31:57 | 000,000,000 | ---D | C] -- C:\Users\Cesar\AppData\Local\MFAData
[2014/07/11 19:31:57 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2014/07/11 19:31:57 | 000,000,000 | ---D | C] -- C:\Users\Cesar\AppData\Local\Avg2014
[2014/07/11 19:28:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2014/07/11 19:20:39 | 016,409,960 | ---- | C] (Safer Networking Limited                                    ) -- C:\Users\Cesar\Desktop\spybotsd162.exe
[2014/07/11 19:20:18 | 004,755,200 | ---- | C] (AVG Technologies) -- C:\Users\Cesar\Desktop\avg_avct_stb_all_2014_4716.exe
[2014/07/11 16:09:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2014/07/11 16:08:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2014/07/11 14:38:30 | 000,000,000 | ---D | C] -- C:\test
[2014/07/11 14:27:06 | 000,000,000 | ---D | C] -- C:\Users\Cesar\Desktop\Old Firefox Data
[2014/07/11 05:09:00 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
[2014/07/11 05:08:17 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2014/07/11 04:33:01 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/07/11 04:32:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/07/11 04:32:51 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/07/11 04:32:51 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/07/11 04:32:51 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/07/11 04:32:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/07/11 04:32:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/07/11 04:24:08 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/07/11 04:23:59 | 017,292,760 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Cesar\Desktop\mbam-setup-2.0.2.1012.exe
[2014/07/11 04:23:55 | 011,185,664 | ---- | C] (SurfRight B.V.) -- C:\Users\Cesar\Desktop\HitmanPro_x64.exe
[2014/07/03 13:23:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NARUTO SHIPPUDEN Ultimate Ninja STORM 3 Full Burst
[2014/07/03 13:20:54 | 000,000,000 | ---D | C] -- C:\Users\Cesar\AppData\Roaming\OptimumPcBoost
[2014/07/03 13:18:05 | 000,283,064 | ---- | C] (Disc Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2014/07/03 13:18:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2014/07/01 21:10:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2014/07/01 21:09:57 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2014/06/30 23:17:39 | 000,000,000 | ---D | C] -- C:\Users\Cesar\AppData\Roaming\Awesomium
[2014/06/30 23:16:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Hi-Rez Studios
[2014/06/30 23:15:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hi-Rez Studios
[2014/06/23 13:37:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2014/06/22 14:36:28 | 000,000,000 | ---D | C] -- C:\Users\Cesar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unofficial Tiara
[2014/06/22 14:32:54 | 000,000,000 | ---D | C] -- C:\Nexon
[2014/06/21 14:02:58 | 000,000,000 | ---D | C] -- C:\Users\Cesar\Documents\faggot2_data
[2014/06/21 13:57:57 | 000,000,000 | ---D | C] -- C:\Users\Cesar\Documents\fagoot_data
[2014/06/19 22:54:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Nexon
[2014/06/19 22:47:30 | 000,000,000 | ---D | C] -- C:\ProgramData\NexonUS
[2014/06/19 22:47:20 | 000,000,000 | ---D | C] -- C:\Users\Cesar\Documents\Mabinogi
[2013/04/11 21:34:15 | 002,652,904 | ---- | C] (CPUID) -- C:\Program Files (x86)\cpuz_x64.exe
[3 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/07/11 22:25:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Cesar\Desktop\OTL.exe
[2014/07/11 22:20:13 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/07/11 22:00:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3092705805-1741480473-2787521355-1000UA.job
[2014/07/11 20:17:17 | 000,001,182 | ---- | M] () -- C:\Users\Cesar\Desktop\ Mabinogi .lnk
[2014/07/11 19:19:02 | 004,755,200 | ---- | M] (AVG Technologies) -- C:\Users\Cesar\Desktop\avg_avct_stb_all_2014_4716.exe
[2014/07/11 19:10:42 | 001,707,144 | ---- | M] () -- C:\Users\Cesar\Desktop\Adaware_Installer.exe
[2014/07/11 19:09:26 | 016,409,960 | ---- | M] (Safer Networking Limited                                    ) -- C:\Users\Cesar\Desktop\spybotsd162.exe
[2014/07/11 18:59:00 | 000,337,160 | ---- | M] () -- C:\Users\Cesar\Documents\cc_20140711_185840.reg
[2014/07/11 18:40:12 | 000,000,000 | ---- | M] () -- C:\Windows\Path.idx
[2014/07/11 18:37:46 | 000,782,470 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/07/11 18:37:46 | 000,662,384 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/07/11 18:37:46 | 000,122,252 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/07/11 18:35:05 | 001,048,576 | ---- | M] () -- C:\Windows\PE_Rom.dll
[2014/07/11 18:34:16 | 000,000,218 | ---- | M] () -- C:\Users\Cesar\AppData\Local\recently-used.xbel
[2014/07/11 18:32:30 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/07/11 18:31:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/07/11 18:31:32 | 4236,849,151 | -HS- | M] () -- C:\hiberfil.sys
[2014/07/11 16:59:49 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/07/11 15:00:07 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3092705805-1741480473-2787521355-1000Core.job
[2014/07/11 05:17:12 | 000,000,878 | ---- | M] () -- C:\Windows\SysNative\.crusader
[2014/07/11 05:09:01 | 000,001,897 | ---- | M] () -- C:\Users\Public\Desktop\HitmanPro.lnk
[2014/07/11 04:45:10 | 000,021,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/07/11 04:45:10 | 000,021,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/07/11 04:32:56 | 000,001,106 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/07/11 04:29:47 | 004,925,984 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/07/11 04:22:34 | 011,185,664 | ---- | M] (SurfRight B.V.) -- C:\Users\Cesar\Desktop\HitmanPro_x64.exe
[2014/07/11 04:21:48 | 017,292,760 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Cesar\Desktop\mbam-setup-2.0.2.1012.exe
[2014/07/11 04:19:18 | 001,348,263 | ---- | M] () -- C:\Users\Cesar\Desktop\AdwCleaner.exe
[2014/07/08 22:38:14 | 000,003,039 | ---- | M] () -- C:\Windows\MB.idx
[2014/07/04 15:32:56 | 000,002,393 | ---- | M] () -- C:\Users\Cesar\Desktop\Mabinogi.exe.lnk
[2014/07/04 02:19:57 | 000,678,492 | ---- | M] () -- C:\Users\Cesar\Documents\Fathers day.mp3
[2014/07/03 13:45:38 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf
[2014/07/03 13:18:10 | 000,283,064 | ---- | M] (Disc Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2014/07/01 21:10:03 | 000,001,931 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2014/06/26 22:54:01 | 001,593,859 | ---- | M] () -- C:\Users\Cesar\Documents\IMG_26062014_225301.png
[2014/06/22 20:55:49 | 000,001,715 | ---- | M] () -- C:\Users\Cesar\Desktop\AutoBot.lnk
[2014/06/21 14:05:48 | 000,032,663 | ---- | M] () -- C:\Users\Cesar\Documents\faggot2.mp3
[2014/06/21 14:03:03 | 000,001,484 | ---- | M] () -- C:\Users\Cesar\Documents\faggot2.aup
[2014/06/21 13:57:57 | 000,001,362 | ---- | M] () -- C:\Users\Cesar\Documents\fagoot.aup
[3 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/07/11 20:17:17 | 000,001,182 | ---- | C] () -- C:\Users\Cesar\Desktop\ Mabinogi .lnk
[2014/07/11 19:20:22 | 001,707,144 | ---- | C] () -- C:\Users\Cesar\Desktop\Adaware_Installer.exe
[2014/07/11 18:58:44 | 000,337,160 | ---- | C] () -- C:\Users\Cesar\Documents\cc_20140711_185840.reg
[2014/07/11 18:34:16 | 000,000,218 | ---- | C] () -- C:\Users\Cesar\AppData\Local\recently-used.xbel
[2014/07/11 05:17:12 | 000,000,878 | ---- | C] () -- C:\Windows\SysNative\.crusader
[2014/07/11 05:09:01 | 000,001,897 | ---- | C] () -- C:\Users\Public\Desktop\HitmanPro.lnk
[2014/07/11 04:32:56 | 000,001,106 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/07/11 04:24:31 | 000,481,280 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll
[2014/07/11 04:23:51 | 001,348,263 | ---- | C] () -- C:\Users\Cesar\Desktop\AdwCleaner.exe
[2014/07/03 13:45:38 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf
[2014/06/26 22:53:19 | 001,593,859 | ---- | C] () -- C:\Users\Cesar\Documents\IMG_26062014_225301.png
[2014/06/22 20:56:52 | 000,002,393 | ---- | C] () -- C:\Users\Cesar\Desktop\Mabinogi.exe.lnk
[2014/06/22 14:57:12 | 000,001,715 | ---- | C] () -- C:\Users\Cesar\Desktop\AutoBot.lnk
[2014/06/21 14:05:41 | 000,032,663 | ---- | C] () -- C:\Users\Cesar\Documents\faggot2.mp3
[2014/06/21 14:02:58 | 000,001,484 | ---- | C] () -- C:\Users\Cesar\Documents\faggot2.aup
[2014/06/21 13:57:57 | 000,001,362 | ---- | C] () -- C:\Users\Cesar\Documents\fagoot.aup
[2014/06/21 13:49:55 | 000,678,492 | ---- | C] () -- C:\Users\Cesar\Documents\Fathers day.mp3
[2013/11/08 18:27:00 | 001,192,831 | ---- | C] () -- C:\Windows\unins000.exe
[2013/10/30 13:07:00 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2013/10/30 13:06:54 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2013/10/30 13:06:54 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2013/10/30 13:06:54 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2013/10/30 13:06:54 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2013/08/30 19:53:48 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2013/08/11 13:43:10 | 001,048,576 | ---- | C] () -- C:\Windows\PE_Rom.dll
[2013/08/11 13:33:33 | 000,014,464 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsUpIO.sys
[2013/08/11 13:30:52 | 000,013,440 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2013/08/11 13:30:51 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2013/08/11 13:30:51 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2013/08/03 22:37:26 | 000,000,132 | ---- | C] () -- C:\Users\Cesar\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2013/07/20 22:59:39 | 000,034,816 | ---- | C] () -- C:\Users\Cesar\AppData\Roaming\RZR_0010fcf24154a551cba53296d95a.db
[2013/06/04 18:51:06 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2013/06/04 18:51:06 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2013/05/22 00:21:26 | 000,000,000 | ---- | C] () -- C:\Windows\EEventManager.INI
[2013/05/10 17:37:15 | 000,000,045 | ---- | C] () -- C:\Windows\WF-2540.ini
[2013/04/30 16:02:31 | 000,214,392 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013/04/30 16:02:27 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013/04/11 22:26:08 | 031,336,960 | ---- | C] () -- C:\Program Files (x86)\prime95.exe
[2013/04/05 04:18:05 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013/04/05 03:59:59 | 001,174,993 | ---- | C] () -- C:\Windows\unins001.exe
[2013/04/05 03:59:59 | 000,037,947 | ---- | C] () -- C:\Windows\unins001.dat
[2013/04/05 03:58:42 | 000,030,665 | ---- | C] () -- C:\Windows\unins000.dat
[2013/04/05 02:05:32 | 000,774,592 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/04/04 11:44:01 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012/12/19 15:52:22 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/12/19 15:52:22 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012/09/28 15:45:06 | 000,247,296 | ---- | C] () -- C:\Windows\SysWow64\rtvcvfw32.dll
[2012/09/21 15:08:36 | 010,919,784 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2012/09/21 15:08:36 | 000,338,136 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2012/09/21 15:08:36 | 000,103,272 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
 
========== ZeroAccess Check ==========
 
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 22:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 21:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/02/08 01:43:35 | 000,000,000 | ---D | M] -- C:\Users\Cesar\AppData\Roaming\.minecraft
[2014/06/30 14:52:19 | 000,000,000 | ---D | M] -- C:\Users\Cesar\AppData\Roaming\Audacity
[2014/06/30 23:17:39 | 000,000,000 | ---D | M] -- C:\Users\Cesar\AppData\Roaming\Awesomium
[2013/05/08 05:24:33 | 000,000,000 | ---D | M] -- C:\Users\Cesar\AppData\Roaming\BitTorrent
[2013/05/08 03:06:58 | 000,000,000 | -HSD | M] -- C:\Users\Cesar\AppData\Roaming\Common
[2013/04/05 03:59:59 | 000,000,000 | ---D | M] -- C:\Users\Cesar\AppData\Roaming\Corsair Vengeance
[2014/07/11 18:57:02 | 000,000,000 | ---D | M] -- C:\Users\Cesar\AppData\Roaming\DAEMON Tools Lite
[2014/07/03 19:53:23 | 000,000,000 | ---D | M] -- C:\Users\Cesar\AppData\Roaming\deluge
[2013/04/14 21:43:46 | 000,000,000 | ---D | M] -- C:\Users\Cesar\AppData\Roaming\DiskSpaceFan
[2014/07/06 02:50:42 | 000,000,000 | ---D | M] -- C:\Users\Cesar\AppData\Roaming\DisplayFusion
[2013/05/21 22:22:48 | 000,000,000 | ---D | M] -- C:\Users\Cesar\AppData\Roaming\Epson
[2013/07/22 21:19:57 | 000,000,000 | ---D | M] -- C:\Users\Cesar\AppData\Roaming\FEZ
[2014/07/11 20:58:05 | 000,000,000 | ---D | M] -- C:\Users\Cesar\AppData\Roaming\foobar2000
[2013/10/01 21:02:24 | 000,000,000 | ---D | M] -- C:\Users\Cesar\AppData\Roaming\Foxit Software
[2013/12/23 00:24:48 | 000,000,000 | ---D | M] -- C:\Users\Cesar\AppData\Roaming\Gyazo
[2013/04/20 22:43:23 | 000,000,000 | ---D | M] -- C:\Users\Cesar\AppData\Roaming\Leadertech
[2013/05/25 18:56:56 | 000,000,000 | ---D | M] -- C:\Users\Cesar\AppData\Roaming\LolClient
[2013/08/21 23:27:37 | 000,000,000 | ---D | M] -- C:\Users\Cesar\AppData\Roaming\ManyCam
[2013/07/07 20:15:54 | 000,000,000 | ---D | M] -- C:\Users\Cesar\AppData\Roaming\MediaMonkey
[2013/08/14 16:07:26 | 000,000,000 | ---D | M] -- C:\Users\Cesar\AppData\Roaming\Notepad++
[2014/01/03 02:46:44 | 000,000,000 | ---D | M] -- C:\Users\Cesar\AppData\Roaming\OBS
[2014/07/03 13:22:17 | 000,000,000 | ---D | M] -- C:\Users\Cesar\AppData\Roaming\OptimumPcBoost
[2013/06/09 12:30:50 | 000,000,000 | ---D | M] -- C:\Users\Cesar\AppData\Roaming\Origin
[2013/11/29 20:59:19 | 000,000,000 | ---D | M] -- C:\Users\Cesar\AppData\Roaming\PDAppFlex
[2013/04/24 20:09:52 | 000,000,000 | ---D | M] -- C:\Users\Cesar\AppData\Roaming\Publish Providers
[2014/01/01 03:24:56 | 000,000,000 | ---D | M] -- C:\Users\Cesar\AppData\Roaming\Riot Games
[2013/11/23 22:30:18 | 000,000,000 | ---D | M] -- C:\Users\Cesar\AppData\Roaming\Samsung
[2013/07/16 15:10:05 | 000,000,000 | ---D | M] -- C:\Users\Cesar\AppData\Roaming\Sony
[2013/04/05 17:29:51 | 000,000,000 | ---D | M] -- C:\Users\Cesar\AppData\Roaming\SplitMediaLabs
[2013/08/19 16:20:07 | 000,000,000 | ---D | M] -- C:\Users\Cesar\AppData\Roaming\TrueCrypt
[2014/01/21 21:40:02 | 000,000,000 | ---D | M] -- C:\Users\Cesar\AppData\Roaming\Unity
[2013/08/05 13:04:49 | 000,000,000 | ---D | M] -- C:\Users\Cesar\AppData\Roaming\uTorrent
 
========== Purity Check ==========
 
 

< End of report >


Edited by pkcesar, 11 July 2014 - 10:45 PM.

  • 0

Advertisements


#2
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 10,958 posts

:welcome:
 
Please download ComboFix from Here to your Desktop.
 
**Note:  In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

 

-----------------------------------------------------------

  • Please, never rename Combofix unless instructed.
  • Close any open browsers.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.


    -----------------------------------------------------------

  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
  • Click on this link or this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

    -----------------------------------------------------------

  • Close any open browsers.
  • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
  • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
  • Double click on combofix.exe & follow the prompts.
  • Install the Recovery Console if prompted.
  • When finished, it will produce a report for you.
  • Please post the "C:\ComboFix.txt" .
     
  • **Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

    Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
    Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security.Please do not install any new programs or update anything (always allow your antivirus/antispyware to update) unless told to do so while we are fixing your problem. If combofix alerts to a new version and offers to update, please let it. It is essential we always use the latest version.

  • 0

#3
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 10,958 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics


Also tagged with one or more of these keywords: Trovi, malware, removal

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP