Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

the module "C"\ProgramData\Isuvtitdav.dat" faile


  • This topic is locked This topic is locked

#1
vartan93

vartan93

    New Member

  • Member
  • Pip
  • 4 posts

Recently I have been getting an error popup every time i start up my computer.  It hasn't affected my pc's performance at all, but the message does concern me.  I think this happened when I was trying to install a pirated game for a game that i lost the cd to a while ago.  Every time i start up my computer it gives me this error popup:

 

the module "C"\ProgramData\Isuvtitdav.dat" failed to load.

Make sure the binary is stoarted at the specidied path or debug it to check for problems with the binary or dependent .dll files

Invalid access to memory location

 

 

----------------------------------------------------------------------------------------------------------------------------------------------------------------------

 

Here is the otl.txt file:

 

 

OTL logfile created on: 7/18/2014 11:44:42 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Vart\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
5.99 Gb Total Physical Memory | 4.43 Gb Available Physical Memory | 73.96% Memory free
11.98 Gb Paging File | 10.31 Gb Available in Paging File | 86.02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.66 Gb Total Space | 296.89 Gb Free Space | 63.76% Space Free | Partition Type: NTFS
Drive D: | 465.76 Gb Total Space | 140.83 Gb Free Space | 30.24% Space Free | Partition Type: NTFS
 
Computer Name: VART-PC | User Name: Vart | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/07/18 11:43:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Vart\Desktop\OTL.exe
PRC - [2014/06/15 10:36:34 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2014/06/10 13:35:01 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/12/20 23:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/12/17 03:38:33 | 005,341,536 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/06/10 13:35:01 | 003,852,912 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/04/30 20:57:14 | 000,087,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe -- (VsEtwService120)
SRV:64bit: - [2014/02/15 00:35:02 | 001,471,352 | ---- | M] (Flexera Software LLC) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2012/09/12 00:14:40 | 000,390,672 | ---- | M] () [Auto | Running] -- C:\Program Files\CyberLink\Shared files\RichVideo64.exe -- (RichVideo64)
SRV:64bit: - [2010/02/02 16:03:05 | 000,015,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe -- (c2wts)
SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 18:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014/06/15 10:36:34 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2014/06/10 13:35:01 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/05/29 10:36:52 | 000,543,424 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014/02/20 00:18:06 | 000,142,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe -- (fussvc)
SRV - [2014/01/07 17:49:01 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2013/12/20 23:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/12/17 03:38:33 | 005,341,536 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/08/22 04:21:36 | 000,119,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe -- (Te.Service)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/05/19 19:44:03 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013/10/23 07:11:22 | 000,129,944 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2012/05/12 13:31:00 | 000,121,416 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MijXfilt.sys -- (MotioninJoyXFilter)
DRV:64bit: - [2011/12/07 20:42:28 | 000,074,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2010/11/20 20:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 20:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/20 20:23:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010/11/20 20:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 20:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/20 20:23:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 17:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 13:35:02 | 000,281,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1y60x64.sys -- (e1yexpress)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,DefaultNetworkProfile = 49320178
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "https://www.google.com/"
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20131118
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2014/01/07 16:24:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vart\AppData\Roaming\Mozilla\Extensions
[2014/07/16 22:11:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vart\AppData\Roaming\Mozilla\Firefox\Profiles\8z702g2t.default\extensions
[2014/01/07 16:55:22 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Vart\AppData\Roaming\Mozilla\Firefox\Profiles\8z702g2t.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2014/07/10 14:07:35 | 000,976,990 | ---- | M] () (No name found) -- C:\Users\Vart\AppData\Roaming\Mozilla\Firefox\Profiles\8z702g2t.default\extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi
[2014/06/05 00:38:40 | 000,967,387 | ---- | M] () (No name found) -- C:\Users\Vart\AppData\Roaming\Mozilla\Firefox\Profiles\8z702g2t.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014/06/10 13:34:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/06/10 13:35:01 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [AdobeBridge]  File not found
O4 - HKCU..\Run: [HP Photosmart 7520 series (NET)] C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O4 - HKCU..\Run: [IsuvtItdav] C:\Windows\SysWow64\regsvr32.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A8A712C3-F9B8-4C97-9106-92EF7A28FD7A}: DhcpNameServer = 209.18.47.61 209.18.47.62
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\SETUP.EXE
O33 - MountPoints2\G\Shell\configure\command - "" = G:\SETUP.EXE
O33 - MountPoints2\G\Shell\install\command - "" = G:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/07/18 11:43:51 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Vart\Desktop\OTL.exe
[2014/07/17 22:02:21 | 000,000,000 | ---D | C] -- C:\Users\Vart\Desktop\Project1
[2014/07/17 13:43:01 | 000,000,000 | ---D | C] -- C:\Users\Vart\Desktop\Lab 6
[2014/07/16 01:38:50 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\STALKER-SHOC
[2014/07/16 01:23:20 | 000,000,000 | ---D | C] -- C:\ProgramData\IsuvtItdav
[2014/07/15 21:06:14 | 000,000,000 | ---D | C] -- C:\Users\Vart\Desktop\downloads
[2014/07/03 11:29:54 | 000,000,000 | ---D | C] -- C:\Users\Vart\Documents\Guild Wars 2
[2014/07/01 20:55:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2
[2014/07/01 20:55:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Guild Wars 2
[2014/07/01 20:54:50 | 000,000,000 | ---D | C] -- C:\Users\Vart\AppData\Roaming\Guild Wars 2
[2014/06/28 15:27:53 | 000,000,000 | ---D | C] -- C:\Users\Vart\AppData\Local\PAYDAY 2 - Before Character Wipe
[2014/06/25 11:42:24 | 000,000,000 | ---D | C] -- C:\Users\Vart\AppData\Local\Valdis_Story_AC
[2014/06/25 10:26:13 | 000,000,000 | ---D | C] -- C:\Users\Vart\AppData\Local\BetterDS3
[2014/06/25 10:26:05 | 001,661,440 | ---- | C] (Slackerhome Productions) -- C:\Users\Vart\Desktop\Better DS3.exe
[2014/06/24 14:19:23 | 000,000,000 | ---D | C] -- C:\Users\Vart\Documents\survarium
[2014/06/24 14:19:19 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2014/06/23 17:17:23 | 000,000,000 | ---D | C] -- C:\Users\Vart\AppData\Roaming\NuGet
[2014/06/23 17:12:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012
[2014/06/23 17:12:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 11.0
[2014/06/23 17:10:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Phone Silverlight Kits
[2014/06/23 17:10:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone SDK 8.1
[2014/06/23 17:08:23 | 000,000,000 | ---D | C] -- C:\Users\Vart\Documents\Visual Studio 2013
[2014/06/23 17:08:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft XDE
[2014/06/23 17:05:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2014/06/23 17:05:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2014/06/23 17:05:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 5 SDK
[2014/06/23 17:04:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Workflow Manager Tools
[2014/06/23 17:04:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Open XML SDK
[2014/06/23 17:03:59 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Identity Extensions
[2014/06/23 17:03:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Identity Foundation
[2014/06/23 17:03:40 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Identity Foundation
[2014/06/23 17:03:07 | 000,000,000 | ---D | C] -- C:\Program Files\SharePoint Client Components
[2014/06/23 17:03:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2014/06/23 17:02:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2014/06/23 17:01:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2014/06/23 17:00:04 | 000,000,000 | ---D | C] -- C:\Program Files\Application Verifier
[2014/06/23 17:00:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Application Verifier
[2014/06/23 16:59:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Windows App Certification Kit
[2014/06/23 16:58:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
[2014/06/23 16:57:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Microsoft
[2014/06/23 16:56:07 | 000,000,000 | ---D | C] -- C:\ProgramData\PreEmptive Solutions
[2014/06/23 16:55:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft ASP.NET
[2014/06/23 16:54:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Web Tools
[2014/06/23 16:54:16 | 000,000,000 | ---D | C] -- C:\Program Files\IIS Express
[2014/06/23 16:54:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IIS Express
[2014/06/23 16:53:35 | 000,000,000 | ---D | C] -- C:\ProgramData\NuGet
[2014/06/23 16:53:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NuGet
[2014/06/23 16:53:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft WCF Data Services
[2014/06/23 16:53:22 | 000,000,000 | ---D | C] -- C:\Program Files\IIS
[2014/06/23 16:53:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IIS
[2014/06/23 16:52:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
[2014/06/23 16:48:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Phone Kits
[2014/06/23 16:48:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Kits
[2014/06/23 16:48:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HTML Help Workshop
[2014/06/23 16:48:12 | 000,000,000 | ---D | C] -- C:\Windows\symbols
[2014/06/23 16:48:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Help Viewer
[2014/06/23 16:47:13 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\1033
[2014/06/23 16:47:09 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2014/06/23 16:47:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2013
[2014/06/23 16:44:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Merge Modules
[2014/06/23 16:43:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 12.0
[2014/06/23 16:43:11 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\1033
[2014/06/23 16:43:07 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 12.0
[2014/06/23 16:43:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SDKs
[2014/06/23 16:37:29 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2014/06/23 16:37:28 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014/06/23 16:31:17 | 000,000,000 | ---D | C] -- C:\Users\Vart\AppData\Roaming\e-academy Inc
[2014/06/23 16:31:17 | 000,000,000 | ---D | C] -- C:\Users\Vart\AppData\Local\e-academy Inc
[2009/11/19 22:08:02 | 003,749,224 | ---- | C] (Acresso Software Inc.) -- C:\Program Files (x86)\Common Files\adlmint_libFNP.dll
[2009/11/19 22:08:02 | 002,941,288 | ---- | C] (Autodesk, Inc.) -- C:\Program Files (x86)\Common Files\adlmint.dll
 
========== Files - Modified Within 30 Days ==========
 
[2014/07/18 11:43:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Vart\Desktop\OTL.exe
[2014/07/18 11:36:58 | 000,781,298 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/07/18 11:36:58 | 000,661,656 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/07/18 11:36:58 | 000,121,524 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/07/18 11:30:39 | 000,026,656 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/07/18 11:30:39 | 000,026,656 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/07/18 11:23:36 | 000,001,942 | ---- | M] () -- C:\Users\Vart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart 7520 series (Network).lnk
[2014/07/18 11:23:30 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/07/18 11:23:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/07/18 11:23:15 | 529,883,135 | -HS- | M] () -- C:\hiberfil.sys
[2014/07/18 01:13:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/07/17 20:30:45 | 000,281,688 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2014/07/17 20:30:45 | 000,281,688 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014/07/13 22:29:03 | 653,766,549 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014/07/13 14:13:11 | 000,281,688 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2014/06/24 08:21:06 | 005,015,616 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/06/23 16:39:33 | 000,773,536 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
 
========== Files Created - No Company Name ==========
 
[2014/06/13 16:36:31 | 000,281,688 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014/06/13 16:36:30 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2014/01/24 11:43:37 | 000,004,535 | ---- | C] () -- C:\Users\Vart\AppData\Roaming\CamStudio.cfg
[2014/01/24 11:43:37 | 000,000,408 | ---- | C] () -- C:\Users\Vart\AppData\Roaming\CamShapes.ini
[2014/01/24 11:43:37 | 000,000,408 | ---- | C] () -- C:\Users\Vart\AppData\Roaming\CamLayout.ini
[2014/01/24 11:43:37 | 000,000,052 | ---- | C] () -- C:\Users\Vart\AppData\Roaming\Camdata.ini
[2014/01/24 11:40:52 | 000,000,096 | ---- | C] () -- C:\Users\Vart\AppData\Roaming\version2.xml
[2014/01/17 13:08:15 | 000,000,000 | -HS- | C] () -- C:\Users\Vart\AppData\Local\LumaEmu
[2014/01/08 15:31:04 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2014/01/08 10:18:31 | 000,123,392 | ---- | C] () -- C:\Windows\SysWow64\tmb1-v32.dll
[2014/01/07 18:03:13 | 000,773,536 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/08/04 23:15:08 | 000,066,104 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2013/08/04 23:15:06 | 000,023,080 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll
 
========== ZeroAccess Check ==========
 
[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2010/11/20 20:23:55 | 014,174,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010/11/20 20:24:02 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 20:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/06/08 13:16:08 | 000,000,000 | ---D | M] -- C:\Users\Vart\AppData\Roaming\.minecraft
[2014/06/25 00:04:40 | 000,000,000 | ---D | M] -- C:\Users\Vart\AppData\Roaming\Audacity
[2014/02/15 00:35:31 | 000,000,000 | ---D | M] -- C:\Users\Vart\AppData\Roaming\Autodesk
[2014/01/24 11:44:39 | 000,000,000 | ---D | M] -- C:\Users\Vart\AppData\Roaming\BANDISOFT
[2014/02/08 21:57:18 | 000,000,000 | ---D | M] -- C:\Users\Vart\AppData\Roaming\Battle.net
[2014/05/10 12:53:28 | 000,000,000 | ---D | M] -- C:\Users\Vart\AppData\Roaming\DMCache
[2014/06/23 16:31:17 | 000,000,000 | ---D | M] -- C:\Users\Vart\AppData\Roaming\e-academy Inc
[2014/07/01 20:54:50 | 000,000,000 | ---D | M] -- C:\Users\Vart\AppData\Roaming\Guild Wars 2
[2014/07/14 02:10:11 | 000,000,000 | ---D | M] -- C:\Users\Vart\AppData\Roaming\HandBrake
[2014/02/22 21:10:10 | 000,000,000 | ---D | M] -- C:\Users\Vart\AppData\Roaming\MotioninJoy
[2014/05/26 11:30:22 | 000,000,000 | ---D | M] -- C:\Users\Vart\AppData\Roaming\NCSOFT
[2014/04/11 01:11:28 | 000,000,000 | ---D | M] -- C:\Users\Vart\AppData\Roaming\Notepad++
[2014/06/23 17:17:23 | 000,000,000 | ---D | M] -- C:\Users\Vart\AppData\Roaming\NuGet
[2014/02/14 19:56:55 | 000,000,000 | ---D | M] -- C:\Users\Vart\AppData\Roaming\Origin
[2014/01/08 10:19:45 | 000,000,000 | ---D | M] -- C:\Users\Vart\AppData\Roaming\PlayClaw3
[2014/01/07 16:27:09 | 000,000,000 | ---D | M] -- C:\Users\Vart\AppData\Roaming\PowerISO
[2014/07/17 23:25:29 | 000,000,000 | ---D | M] -- C:\Users\Vart\AppData\Roaming\TS3Client
[2014/07/17 15:53:23 | 000,000,000 | ---D | M] -- C:\Users\Vart\AppData\Roaming\uTorrent
 
========== Purity Check ==========
 
 

< End of report >
 

 


  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi that does not look to bad, alas it shows the perils of pirated software.. Even if you do own a legal copy

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    OTL_Fix.GIF

:Commands
[CREATERESTOREPOINT]

:OTL
O4 - HKCU..\Run: [IsuvtItdav] C:\Windows\SysWow64\regsvr32.exe (Microsoft Corporation)
[2014/07/16 01:23:20 | 000,000,000 | ---D | C] -- C:\ProgramData\IsuvtItdav

:Commands
[resethosts]
[emptytemp]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

  • 0

#3
vartan93

vartan93

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts

Here is the log i got the the OTL quick search after i did the run fix.

 

 

OTL logfile created on: 7/22/2014 4:59:20 PM - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Vart\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
5.99 Gb Total Physical Memory | 4.92 Gb Available Physical Memory | 82.11% Memory free
11.98 Gb Paging File | 10.83 Gb Available in Paging File | 90.40% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.66 Gb Total Space | 303.63 Gb Free Space | 65.20% Space Free | Partition Type: NTFS
Drive D: | 465.76 Gb Total Space | 128.19 Gb Free Space | 27.52% Space Free | Partition Type: NTFS
 
Computer Name: VART-PC | User Name: Vart | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/07/22 16:54:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Vart\Desktop\OTL.exe
PRC - [2014/06/15 10:36:34 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013/12/20 23:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/12/17 03:38:33 | 005,341,536 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
 
 
========== Modules (No Company Name) ==========
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/04/30 20:57:14 | 000,087,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe -- (VsEtwService120)
SRV:64bit: - [2014/02/15 00:35:02 | 001,471,352 | ---- | M] (Flexera Software LLC) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2012/09/12 00:14:40 | 000,390,672 | ---- | M] () [Auto | Running] -- C:\Program Files\CyberLink\Shared files\RichVideo64.exe -- (RichVideo64)
SRV:64bit: - [2010/02/02 16:03:05 | 000,015,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe -- (c2wts)
SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 18:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014/06/15 10:36:34 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2014/06/10 13:35:01 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/05/29 10:36:52 | 000,543,424 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014/02/20 00:18:06 | 000,142,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe -- (fussvc)
SRV - [2014/01/07 17:49:01 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2013/12/20 23:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/12/17 03:38:33 | 005,341,536 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/08/22 04:21:36 | 000,119,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe -- (Te.Service)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/05/19 19:44:03 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013/10/23 07:11:22 | 000,129,944 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2012/05/12 13:31:00 | 000,121,416 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MijXfilt.sys -- (MotioninJoyXFilter)
DRV:64bit: - [2011/12/07 20:42:28 | 000,074,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2010/11/20 20:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 20:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/20 20:23:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010/11/20 20:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 20:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/20 20:23:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 17:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 13:35:02 | 000,281,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1y60x64.sys -- (e1yexpress)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,DefaultNetworkProfile = 49320178
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "https://www.google.com/"
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20131118
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2014/01/07 16:24:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vart\AppData\Roaming\Mozilla\Extensions
[2014/07/16 22:11:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vart\AppData\Roaming\Mozilla\Firefox\Profiles\8z702g2t.default\extensions
[2014/01/07 16:55:22 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Vart\AppData\Roaming\Mozilla\Firefox\Profiles\8z702g2t.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2014/07/10 14:07:35 | 000,976,990 | ---- | M] () (No name found) -- C:\Users\Vart\AppData\Roaming\Mozilla\Firefox\Profiles\8z702g2t.default\extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi
[2014/06/05 00:38:40 | 000,967,387 | ---- | M] () (No name found) -- C:\Users\Vart\AppData\Roaming\Mozilla\Firefox\Profiles\8z702g2t.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014/06/10 13:34:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/06/10 13:35:01 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
O1 HOSTS File: ([2014/07/22 16:56:00 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [AdobeBridge]  File not found
O4 - HKCU..\Run: [HP Photosmart 7520 series (NET)] C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A8A712C3-F9B8-4C97-9106-92EF7A28FD7A}: DhcpNameServer = 209.18.47.61 209.18.47.62
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\SETUP.EXE
O33 - MountPoints2\G\Shell\configure\command - "" = G:\SETUP.EXE
O33 - MountPoints2\G\Shell\install\command - "" = G:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/07/22 16:55:36 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/07/22 16:54:25 | 000,000,000 | ---D | C] -- C:\Users\Vart\Desktop\downloads
[2014/07/22 16:54:23 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Vart\Desktop\OTL.exe
[2014/07/16 01:38:50 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\STALKER-SHOC
[2014/07/03 11:29:54 | 000,000,000 | ---D | C] -- C:\Users\Vart\Documents\Guild Wars 2
[2014/07/01 20:55:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2
[2014/07/01 20:55:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Guild Wars 2
[2014/07/01 20:54:50 | 000,000,000 | ---D | C] -- C:\Users\Vart\AppData\Roaming\Guild Wars 2
[2014/06/28 15:27:53 | 000,000,000 | ---D | C] -- C:\Users\Vart\AppData\Local\PAYDAY 2 - Before Character Wipe
[2014/06/25 11:42:24 | 000,000,000 | ---D | C] -- C:\Users\Vart\AppData\Local\Valdis_Story_AC
[2014/06/25 10:26:13 | 000,000,000 | ---D | C] -- C:\Users\Vart\AppData\Local\BetterDS3
[2014/06/24 14:19:23 | 000,000,000 | ---D | C] -- C:\Users\Vart\Documents\survarium
[2014/06/24 14:19:19 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2014/06/23 17:17:23 | 000,000,000 | ---D | C] -- C:\Users\Vart\AppData\Roaming\NuGet
[2014/06/23 17:12:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012
[2014/06/23 17:12:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 11.0
[2014/06/23 17:10:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Phone Silverlight Kits
[2014/06/23 17:10:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone SDK 8.1
[2014/06/23 17:08:23 | 000,000,000 | ---D | C] -- C:\Users\Vart\Documents\Visual Studio 2013
[2014/06/23 17:08:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft XDE
[2014/06/23 17:05:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2014/06/23 17:05:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2014/06/23 17:05:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 5 SDK
[2014/06/23 17:04:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Workflow Manager Tools
[2014/06/23 17:04:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Open XML SDK
[2014/06/23 17:03:59 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Identity Extensions
[2014/06/23 17:03:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Identity Foundation
[2014/06/23 17:03:40 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Identity Foundation
[2014/06/23 17:03:07 | 000,000,000 | ---D | C] -- C:\Program Files\SharePoint Client Components
[2014/06/23 17:03:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2014/06/23 17:02:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2014/06/23 17:01:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2014/06/23 17:00:04 | 000,000,000 | ---D | C] -- C:\Program Files\Application Verifier
[2014/06/23 17:00:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Application Verifier
[2014/06/23 16:59:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Windows App Certification Kit
[2014/06/23 16:58:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
[2014/06/23 16:57:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Microsoft
[2014/06/23 16:56:07 | 000,000,000 | ---D | C] -- C:\ProgramData\PreEmptive Solutions
[2014/06/23 16:55:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft ASP.NET
[2014/06/23 16:54:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Web Tools
[2014/06/23 16:54:16 | 000,000,000 | ---D | C] -- C:\Program Files\IIS Express
[2014/06/23 16:54:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IIS Express
[2014/06/23 16:53:35 | 000,000,000 | ---D | C] -- C:\ProgramData\NuGet
[2014/06/23 16:53:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NuGet
[2014/06/23 16:53:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft WCF Data Services
[2014/06/23 16:53:22 | 000,000,000 | ---D | C] -- C:\Program Files\IIS
[2014/06/23 16:53:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IIS
[2014/06/23 16:52:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
[2014/06/23 16:48:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Phone Kits
[2014/06/23 16:48:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Kits
[2014/06/23 16:48:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HTML Help Workshop
[2014/06/23 16:48:12 | 000,000,000 | ---D | C] -- C:\Windows\symbols
[2014/06/23 16:48:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Help Viewer
[2014/06/23 16:47:13 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\1033
[2014/06/23 16:47:09 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2014/06/23 16:47:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2013
[2014/06/23 16:44:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Merge Modules
[2014/06/23 16:43:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 12.0
[2014/06/23 16:43:11 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\1033
[2014/06/23 16:43:07 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 12.0
[2014/06/23 16:43:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SDKs
[2014/06/23 16:37:29 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2014/06/23 16:37:28 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014/06/23 16:31:17 | 000,000,000 | ---D | C] -- C:\Users\Vart\AppData\Roaming\e-academy Inc
[2014/06/23 16:31:17 | 000,000,000 | ---D | C] -- C:\Users\Vart\AppData\Local\e-academy Inc
[2009/11/19 22:08:02 | 003,749,224 | ---- | C] (Acresso Software Inc.) -- C:\Program Files (x86)\Common Files\adlmint_libFNP.dll
[2009/11/19 22:08:02 | 002,941,288 | ---- | C] (Autodesk, Inc.) -- C:\Program Files (x86)\Common Files\adlmint.dll
 
========== Files - Modified Within 30 Days ==========
 
[2014/07/22 16:58:59 | 000,001,942 | ---- | M] () -- C:\Users\Vart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart 7520 series (Network).lnk
[2014/07/22 16:58:19 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/07/22 16:58:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/07/22 16:58:05 | 529,883,135 | -HS- | M] () -- C:\hiberfil.sys
[2014/07/22 16:56:00 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2014/07/22 16:54:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Vart\Desktop\OTL.exe
[2014/07/22 16:13:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/07/22 10:09:32 | 000,781,298 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/07/22 10:09:32 | 000,661,656 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/07/22 10:09:32 | 000,121,524 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/07/22 09:23:58 | 000,026,656 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/07/22 09:23:58 | 000,026,656 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/07/17 20:30:45 | 000,281,688 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2014/07/17 20:30:45 | 000,281,688 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014/07/13 22:29:03 | 653,766,549 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014/07/13 14:13:11 | 000,281,688 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2014/06/24 08:21:06 | 005,015,616 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/06/23 16:39:33 | 000,773,536 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
 
========== Files Created - No Company Name ==========
 
[2014/06/13 16:36:31 | 000,281,688 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014/06/13 16:36:30 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2014/01/24 11:43:37 | 000,004,535 | ---- | C] () -- C:\Users\Vart\AppData\Roaming\CamStudio.cfg
[2014/01/24 11:43:37 | 000,000,408 | ---- | C] () -- C:\Users\Vart\AppData\Roaming\CamShapes.ini
[2014/01/24 11:43:37 | 000,000,408 | ---- | C] () -- C:\Users\Vart\AppData\Roaming\CamLayout.ini
[2014/01/24 11:43:37 | 000,000,052 | ---- | C] () -- C:\Users\Vart\AppData\Roaming\Camdata.ini
[2014/01/24 11:40:52 | 000,000,096 | ---- | C] () -- C:\Users\Vart\AppData\Roaming\version2.xml
[2014/01/17 13:08:15 | 000,000,000 | -HS- | C] () -- C:\Users\Vart\AppData\Local\LumaEmu
[2014/01/08 15:31:04 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2014/01/08 10:18:31 | 000,123,392 | ---- | C] () -- C:\Windows\SysWow64\tmb1-v32.dll
[2014/01/07 18:03:13 | 000,773,536 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/08/04 23:15:08 | 000,066,104 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2013/08/04 23:15:06 | 000,023,080 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll
 
========== ZeroAccess Check ==========
 
[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2010/11/20 20:23:55 | 014,174,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010/11/20 20:24:02 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 20:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/06/08 13:16:08 | 000,000,000 | ---D | M] -- C:\Users\Vart\AppData\Roaming\.minecraft
[2014/07/21 09:30:52 | 000,000,000 | ---D | M] -- C:\Users\Vart\AppData\Roaming\Audacity
[2014/02/15 00:35:31 | 000,000,000 | ---D | M] -- C:\Users\Vart\AppData\Roaming\Autodesk
[2014/01/24 11:44:39 | 000,000,000 | ---D | M] -- C:\Users\Vart\AppData\Roaming\BANDISOFT
[2014/02/08 21:57:18 | 000,000,000 | ---D | M] -- C:\Users\Vart\AppData\Roaming\Battle.net
[2014/05/10 12:53:28 | 000,000,000 | ---D | M] -- C:\Users\Vart\AppData\Roaming\DMCache
[2014/06/23 16:31:17 | 000,000,000 | ---D | M] -- C:\Users\Vart\AppData\Roaming\e-academy Inc
[2014/07/01 20:54:50 | 000,000,000 | ---D | M] -- C:\Users\Vart\AppData\Roaming\Guild Wars 2
[2014/07/14 02:10:11 | 000,000,000 | ---D | M] -- C:\Users\Vart\AppData\Roaming\HandBrake
[2014/02/22 21:10:10 | 000,000,000 | ---D | M] -- C:\Users\Vart\AppData\Roaming\MotioninJoy
[2014/05/26 11:30:22 | 000,000,000 | ---D | M] -- C:\Users\Vart\AppData\Roaming\NCSOFT
[2014/04/11 01:11:28 | 000,000,000 | ---D | M] -- C:\Users\Vart\AppData\Roaming\Notepad++
[2014/06/23 17:17:23 | 000,000,000 | ---D | M] -- C:\Users\Vart\AppData\Roaming\NuGet
[2014/02/14 19:56:55 | 000,000,000 | ---D | M] -- C:\Users\Vart\AppData\Roaming\Origin
[2014/01/08 10:19:45 | 000,000,000 | ---D | M] -- C:\Users\Vart\AppData\Roaming\PlayClaw3
[2014/01/07 16:27:09 | 000,000,000 | ---D | M] -- C:\Users\Vart\AppData\Roaming\PowerISO
[2014/07/19 11:32:23 | 000,000,000 | ---D | M] -- C:\Users\Vart\AppData\Roaming\TS3Client
[2014/07/22 00:06:29 | 000,000,000 | ---D | M] -- C:\Users\Vart\AppData\Roaming\uTorrent
 
========== Purity Check ==========
 
 

< End of report >
 


  • 0

#4
vartan93

vartan93

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts

Here is the log after i ran Adwcleaner

 

 

# AdwCleaner v3.216 - Report created 22/07/2014 at 17:05:49
# Updated 17/07/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Vart - VART-PC
# Running from : C:\Users\Vart\Desktop\adwcleaner_3.216.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Vart\AppData\Local\Mail.Ru

***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v8.0.7601.17514


-\\ Mozilla Firefox v30.0 (en-US)

[ File : C:\Users\Vart\AppData\Roaming\Mozilla\Firefox\Profiles\8z702g2t.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [824 octets] - [22/07/2014 17:04:56]
AdwCleaner[S0].txt - [748 octets] - [22/07/2014 17:05:49]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [807 octets] ##########
 


  • 0

#5
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

How is the computer behaving now as it looks quite clean


  • 0

#6
vartan93

vartan93

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts

Its fine now, no errors.  Thanks for your help.


  • 0

#7
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Download and run Delfix

delfix.JPG


Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

CryptoPrevent install this programme to lock down and prevent crypto ransome ware

CryptoPrevent.JPG

Malwarebytes.

Update and run weekly to keep your system clean


It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe :wave:
  • 0

#8
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP