Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Browsing the web and image searching drags my laptop down to a snails


  • This topic is locked This topic is locked

#1
BearCavalry

BearCavalry

    Member

  • Member
  • PipPipPip
  • 141 posts

Hi people. I've been having a lot of trouble with my laptop as of lately, I would say 3-4 months. Luckily for me, Mr. Rockmilk has helped me significantly. (in this thread http://www.geekstogo...ignificant-lag/)

Basically doing simple things like surfing the web & browsing for images in google images, and searching maps in google maps, and in general using Firefox and Chrome is extremely laggy. It takes sometimes 10-15 seconds for FF or Chrome to respond, or to become active. Sometimes the browsers become grayed out, and nothing is click-able.

There are times when the browsers freeze for minutes at a time.
These types of things also happened when I need to work in Office, or Photoshop, or video editing.

 

I also followed the directions of Mr. Aura, where he told me to reset my FF to it's original settings. However, that makes it so that all my extensions are gone. And I did have too many extensions, so I reinstalled less than half of what I had. But his suggestion of resetting FF, did help with the image searching and map work.

 

But, I'm thinking maybe there is more underlying problems in my W7.

 

I use Malwarebytes and Kasperskiy and CCleaner.

 

*Update* Today (at 9:15PM 7/29/2014) I ran the Malwarebytes scan, and it did not find any malicious stuff.

& I am running my Kaspersky right now. Scan finished, it has not detected any infected files.

 

 

I attached a .txt file with the results from running OTL

Attached File  otl.txt   92.35KB   148 downloads

 

 

PRC - C:\Users\Rybak\Desktop\RESCUE\OTL.exe (OldTimer Tools)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Users\Rybak\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Users\Rybak\AppData\Roaming\ACEStream\engine\ace_engine.exe ()
PRC - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.)
PRC - C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
PRC - C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe (Foxit Corporation)
PRC - C:\Users\Rybak\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
PRC - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe (Kaspersky Lab ZAO)
PRC - C:\Program Files (x86)\KLS Soft\KLS Backup 2013 Professional\klsbservice.exe (KirySoft)
PRC - C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServCtrl.exe (New Softwares.net)
PRC - C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServ.exe ( New Softwares.net)
PRC - C:\Windows\SysWOW64\WinFLService.exe (New Softwares.net)
PRC - C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe (ArcSoft, Inc.)
PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe (Kaspersky Lab ZAO)
PRC - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
PRC - C:\Users\Rybak\AppData\Roaming\ACEStream\updater\ace_update.exe ()
PRC - C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe (iSkySoft)
PRC - C:\Users\Rybak\AppData\Local\Programs\TouchFreeze\TouchFreeze.exe ()
PRC - C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe (Nuance Communications, Inc.)
PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS)
PRC - C:\Windows\SysWOW64\ACEngSvr.exe (ASUSTeK)
PRC - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
PRC - C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (ASUS)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Users\Rybak\AppData\Roaming\Mozilla\Firefox\Profiles\o71z7696.default-1406590195578\extensions\[email protected]\platform\WINNT_x86-msvc\components\lpxpcom.dll ()
MOD - c:\Users\Rybak\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmxsmpa.dll ()
MOD - C:\Users\Rybak\AppData\Local\Temp\_MEI32842\_ssl.pyd ()
MOD - C:\Users\Rybak\AppData\Local\Temp\_MEI32842\wx._controls_.pyd ()
MOD - C:\Users\Rybak\AppData\Local\Temp\_MEI32842\wx._windows_.pyd ()
MOD - C:\Users\Rybak\AppData\Local\Temp\_MEI32842\wx._gdi_.pyd ()
MOD - C:\Users\Rybak\AppData\Local\Temp\_MEI32842\_hashlib.pyd ()
MOD - C:\Users\Rybak\AppData\Local\Temp\_MEI32842\unicodedata.pyd ()
MOD - C:\Users\Rybak\AppData\Local\Temp\_MEI32842\windows._lib_cacheinvalidation.pyd ()
MOD - C:\Users\Rybak\AppData\Local\Temp\_MEI32842\pyexpat.pyd ()
MOD - C:\Users\Rybak\AppData\Local\Temp\_MEI32842\win32file.pyd ()
MOD - C:\Users\Rybak\AppData\Local\Temp\_MEI32842\PyWinTypes27.dll ()
MOD - C:\Users\Rybak\AppData\Local\Temp\_MEI32842\win32security.pyd ()
MOD - C:\Users\Rybak\AppData\Local\Temp\_MEI32842\wx._html2.pyd ()
MOD - C:\Users\Rybak\AppData\Local\Temp\_MEI32842\win32inet.pyd ()
MOD - C:\Users\Rybak\AppData\Local\Temp\_MEI32842\_multiprocessing.pyd ()
MOD - C:\Users\Rybak\AppData\Local\Temp\_MEI32842\win32pdh.pyd ()
MOD - C:\Users\Rybak\AppData\Local\Temp\_MEI32842\win32pipe.pyd ()
MOD - C:\Users\Rybak\AppData\Local\Temp\_MEI32842\win32event.pyd ()
MOD - C:\Users\Rybak\AppData\Local\Temp\_MEI32842\win32profile.pyd ()
MOD - C:\Users\Rybak\AppData\Local\Temp\_MEI32842\select.pyd ()
MOD - C:\Users\Rybak\AppData\Local\Temp\_MEI32842\hashobjs_ext.pyd ()
MOD - C:\Users\Rybak\AppData\Local\Temp\_MEI32842\wx._core_.pyd ()
MOD - C:\Users\Rybak\AppData\Local\Temp\_MEI32842\wx._misc_.pyd ()
MOD - C:\Users\Rybak\AppData\Local\Temp\_MEI32842\pysqlite2._sqlite.pyd ()
MOD - C:\Users\Rybak\AppData\Local\Temp\_MEI32842\pythoncom27.dll ()
MOD - C:\Users\Rybak\AppData\Local\Temp\_MEI32842\win32com.shell.shell.pyd ()
MOD - C:\Users\Rybak\AppData\Local\Temp\_MEI32842\win32gui.pyd ()
MOD - C:\Users\Rybak\AppData\Local\Temp\_MEI32842\_elementtree.pyd ()
MOD - C:\Users\Rybak\AppData\Local\Temp\_MEI32842\wx._wizard.pyd ()
MOD - C:\Users\Rybak\AppData\Local\Temp\_MEI32842\win32api.pyd ()
MOD - C:\Users\Rybak\AppData\Local\Temp\_MEI32842\_ctypes.pyd ()
MOD - C:\Users\Rybak\AppData\Local\Temp\_MEI32842\wx._animate.pyd ()
MOD - C:\Users\Rybak\AppData\Local\Temp\_MEI32842\_socket.pyd ()
MOD - C:\Users\Rybak\AppData\Local\Temp\_MEI32842\win32process.pyd ()
MOD - C:\Users\Rybak\AppData\Local\Temp\_MEI32842\win32ts.pyd ()
MOD - C:\Users\Rybak\AppData\Local\Temp\_MEI32842\win32crypt.pyd ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Users\Rybak\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\engine\lib\acestreamengine.CoreApp.pyd ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\engine\lib\acestreamengine.Core.pyd ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\engine\ace_engine.exe ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\engine\lib\acestreamengine.live.pyd ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.P0071ad0b#\d05da467c365579eac9cba7923856b1c\Microsoft.Practices.Prism.Interactivity.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\359e693030a92977455667e67fb74267\Microsoft.VisualBasic.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\98c91b8d3f1d54c41ada5f37e0935303\System.Runtime.Remoting.ni.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.P4d3ce419#\66170d519f0c7f74d9578bbd6c66d86c\Microsoft.Practices.ServiceLocation.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\72284863df9bea3f081ae98996400619\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\f703846404bb66a4ae03ef8133755007\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f7f05deb53e1502b575bfc3ef7bdbcf1\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\549aa924ef5af7232f4024eb6f8cb97a\UIAutomationProvider.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\4f5069e6497e5e6a381ab6aadf05d6a5\Accessibility.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\660ac5d6da77df8e86fb26f05c6a9816\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1d696b2d3de530f7ee971070263667ff\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\50c0f8e6740b97c74e9ee6c14a92bae6\System.ServiceModel.ni.dll ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\engine\lib\miniupnpc.pyd ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\engine\lib\_blist.pyd ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\engine\lib\bitarray._bitarray.pyd ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\engine\lib\_psutil_mswindows.pyd ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsForm0b574481#\58599be6aedb2bcc25a266fc1efcc03c\WindowsFormsIntegration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\75537eea06d1200805de72f3f7751091\UIAutomationTypes.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\19156dbc54c3ded7ba00c53d19b6ee96\PresentationFramework-SystemXml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\a2eb039301af47660eebc7566ce02b9c\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b9fe579783a35b57dd7e69375f35e239\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\ef90aeb894485d14b249d102309b6df3\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\ae01d58bd1cb283ec7b603919e2a8fb3\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d91f3556f8011a5d48e1448e3fa8df9e\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\4e69f1e7d86d79012db2d7e0dadc8880\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\639f444db9491d25b5d158531e1f7d9b\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\1f56d5786274992934de0c900431c447\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\79f6324a598a7c4446a4a1168be7c4b1\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\045c9588954c3662d542b53f4462268b\mscorlib.ni.dll ()
MOD - C:\Users\Rybak\AppData\Roaming\Dropbox\bin\libcef.dll ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\updater\ace_update.exe ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\engine\lib\acestreamengine.pycompat.pyd ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\engine\lib\cpyamf.util.pyd ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\engine\lib\cpyamf.amf0.pyd ()
MOD - C:\Users\Rybak\AppData\Local\Programs\TouchFreeze\TouchFreeze.exe ()
MOD - C:\Users\Rybak\AppData\Local\Programs\TouchFreeze\TouchFreeze.dll ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\updater\lib\pythoncom27.dll ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\engine\lib\pythoncom27.dll ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\updater\lib\win32api.pyd ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\engine\lib\win32api.pyd ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\updater\lib\win32pdh.pyd ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\engine\lib\win32pdh.pyd ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\updater\lib\win32file.pyd ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\engine\lib\win32file.pyd ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\updater\lib\pywintypes27.dll ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\engine\lib\pywintypes27.dll ()
MOD - C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll ()
MOD - C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\updater\lib\wx._misc_.pyd ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\engine\lib\wx._misc_.pyd ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\updater\lib\wx._controls_.pyd ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\engine\lib\wx._controls_.pyd ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\updater\lib\wx._windows_.pyd ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\engine\lib\wx._windows_.pyd ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\updater\lib\wx._gdi_.pyd ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\engine\lib\wx._gdi_.pyd ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\updater\lib\wx._core_.pyd ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\engine\lib\wx._core_.pyd ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\updater\lib\wxmsw28uh_html_vc.dll ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\engine\lib\wxmsw28uh_html_vc.dll ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\updater\lib\wxmsw28uh_adv_vc.dll ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\engine\lib\wxmsw28uh_adv_vc.dll ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\updater\lib\wxmsw28uh_core_vc.dll ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\engine\lib\wxmsw28uh_core_vc.dll ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\updater\lib\wxbase28uh_net_vc.dll ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\engine\lib\wxbase28uh_net_vc.dll ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\updater\lib\wxbase28uh_vc.dll ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\engine\lib\wxbase28uh_vc.dll ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\updater\lib\_ssl.pyd ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\engine\lib\_ssl.pyd ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\updater\lib\_socket.pyd ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\engine\lib\_socket.pyd ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\updater\lib\pyexpat.pyd ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\engine\lib\pyexpat.pyd ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\updater\lib\_hashlib.pyd ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\engine\lib\_hashlib.pyd ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\engine\lib\_ctypes.pyd ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\updater\lib\select.pyd ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\engine\lib\select.pyd ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\engine\lib\unicodedata.pyd ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\engine\lib\Crypto.Cipher.AES.pyd ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\updater\lib\M2Crypto.__m2crypto.pyd ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\engine\lib\M2Crypto.__m2crypto.pyd ()
MOD - C:\Windows\SysWOW64\APOMngr.DLL ()
MOD - C:\Users\Rybak\AppData\Roaming\ACEStream\engine\lib\apsw.pyd ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (CarboniteService) -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe (Carbonite, Inc. (www.carbonite.com))
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (NvStreamSvc) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel® Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (TeamViewer9) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (FoxitCloudUpdateService) -- C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe (Foxit Corporation)
SRV - (NvNetworkService) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (LiveUpdateSvc) -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe (IObit)
SRV - (ArcService) -- C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe (Perfect World Entertainment Inc)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (KLSBackup2013Pro) -- C:\Program Files (x86)\KLS Soft\KLS Backup 2013 Professional\klsbservice.exe (KirySoft)
SRV - (FLService) -- C:\Windows\SysWOW64\WinFLService.exe (New Softwares.net)
SRV - (ADExchange) -- C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe (ArcSoft, Inc.)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe (Kaspersky Lab ZAO)
SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (Creative ALchemy AL6 Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe (Creative Labs)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (TomTomHOMEService) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (DragonSvc) -- C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe (Nuance Communications, Inc.)
SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS)
SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (SCDEmu) -- C:\Windows\SysNative\drivers\scdemu.sys (Power Software Ltd)
DRV:64bit: - (NvStreamKms) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys (NVIDIA Corporation)
DRV:64bit: - (MBAMWebAccessControl) -- C:\Windows\SysNative\drivers\mwac.sys (Malwarebytes Corporation)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation)
DRV:64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab ZAO)
DRV:64bit: - (klflt) -- C:\Windows\SysNative\drivers\klflt.sys (Kaspersky Lab ZAO)
DRV:64bit: - (SEE) -- C:\Windows\SysNative\drivers\see.sys (SoftEther VPN Project at University of Tsukuba, Japan.)
DRV:64bit: - (klkbdflt) -- C:\Windows\SysNative\drivers\klkbdflt.sys (Kaspersky Lab ZAO)
DRV:64bit: - (kneps) -- C:\Windows\SysNative\drivers\kneps.sys (Kaspersky Lab ZAO)
DRV:64bit: - (Neo_VPN) -- C:\Windows\SysNative\drivers\Neo_0117.sys (SoftEther Project at University of Tsukuba, Japan.)
DRV:64bit: - (kl1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab ZAO)
DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (Kaspersky Lab ZAO)
DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (Kaspersky Lab ZAO)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (Netaapl) -- C:\Windows\SysNative\drivers\netaapl64.sys (Apple Inc.)
DRV:64bit: - (TS_AR5416) -- C:\Windows\SysNative\drivers\ts_athwx.sys (TamoSoft)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (Apowersoft_AudioDevice) -- C:\Windows\SysNative\drivers\Apowersoft_AudioDevice.sys (Wondershare)
DRV:64bit: - (kltdi) -- C:\Windows\SysNative\drivers\kltdi.sys (Kaspersky Lab ZAO)
DRV:64bit: - (klpd) -- C:\Windows\SysNative\drivers\klpd.sys (Kaspersky Lab ZAO)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (DFX11_1) -- C:\Windows\SysNative\drivers\dfx11_1x64.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (FLxHCIh) -- C:\Windows\SysNative\drivers\FLxHCIh.sys (Fresco Logic)
DRV:64bit: - (FLxHCIc) -- C:\Windows\SysNative\drivers\FLxHCIc.sys (Fresco Logic)
DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (ANDNetModem) -- C:\Windows\SysNative\drivers\lgandnetmodem64.sys (LG Electronics Inc.)
DRV:64bit: - (AndNetDiag) -- C:\Windows\SysNative\drivers\lgandnetdiag64.sys (LG Electronics Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (AiCharger) -- C:\Windows\SysNative\drivers\AiCharger.sys (ASUSTek Computer Inc.)
DRV:64bit: - (anvsnddrv) -- C:\Windows\SysNative\drivers\anvsnddrv.sys (AnvSoft Inc.)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (fspad_win764) -- C:\Windows\SysNative\drivers\fspad_win764.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Atheros)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (RSUSBVSTOR) -- C:\Windows\SysNative\drivers\rtsuvstor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys ()
DRV:64bit: - (npf) -- C:\Windows\SysNative\drivers\npf.sys (CACE Technologies, Inc.)
DRV:64bit: - (Revoflt) -- C:\Windows\SysNative\drivers\revoflt.sys (VS Revo Group)
DRV:64bit: - (MBfilt) -- C:\Windows\SysNative\drivers\MBfilt64.sys (Creative Technology Ltd.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (SSPORT) -- C:\Windows\SysNative\drivers\SSPORT.SYS (Samsung Electronics)
DRV - (cdrbsdrv) -- C:\Windows\SysWow64\drivers\CDRBSDRV.SYS (B.H.A Corporation)
DRV - (DrvAgent64) -- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS (Phoenix Technologies)
DRV - (NEWDRIVER) -- C:\Windows\SysWOW64\WinVDEdrv6.sys ()
DRV - (WinVDEDrv) -- C:\Windows\SysWOW64\WinVDEdrv.sys (NewSoftwares.net, Inc.)
DRV - (AiCharger) -- C:\Windows\SysWOW64\drivers\AiCharger.sys (ASUSTek Computer Inc.)
DRV - (ATKWMIACPIIO) -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys (ASUS)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 9E 02 19 69 9E CA CE 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.co...q={searchTerms}
IE - HKCU\..\SearchScopes\{03767D78-CF21-41A5-BA55-E41A3D69C659}: "URL" = https://www.google.c...q={searchTerms}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = ussemispecialgbit014a.xirvik.com:7128
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledAddons: %7Bcd617375-6743-4ee8-bac4-fbf10f35729e%7D:2.9.5
FF - prefs.js..extensions.enabledAddons: %7B2e17e2b2-b8d4-4a67-8d7b-fafa6cc9d1d0%7D:1.2.7.0
FF - prefs.js..extensions.enabledAddons: %7B03B08592-E5B4-45ff-A0BE-C1D975458688%7D:1.0
FF - prefs.js..extensions.enabledAddons: twitter%40disconnect.me:2.1.2
FF - prefs.js..extensions.enabledAddons: support%40lastpass.com:3.1.1
FF - prefs.js..extensions.enabledAddons: status4evar%40caligonstudios.com:2014.07.06.05
FF - prefs.js..extensions.enabledAddons: sitesearch%40dewdrops.net:1.2.1
FF - prefs.js..extensions.enabledAddons: myipms2%40myip.ms:1.591
FF - prefs.js..extensions.enabledAddons: facebook%40disconnect.me:2.1.3
FF - prefs.js..extensions.enabledAddons: LDSI_plashcor%40gmail.com:1.0.3
FF - prefs.js..extensions.enabledAddons: ClassicThemeRestorer%40ArisT2Noia4dev:1.2.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:31.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@lastpass.com/NPLastPass: C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.4.0: C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@lastpass.com/NPLastPass: C:\Program Files (x86)\LastPass\nplastpass.dll (LastPass)
FF - HKLM\Software\MozillaPlugins\@logitech.com/HarmonyRemote,version=1.0.0: C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@perfectworld.com/npArcPlayNowPlugin: C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8:  File not found
FF - HKLM\Software\MozillaPlugins\nuance.com/DragonRIAPlugin: C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\npDgnRia.dll (Nuance Communications Inc.)
FF - HKCU\Software\MozillaPlugins\@acestream.net/acestreamplugin,version=2.1.10.2: C:\Users\Rybak\AppData\Roaming\ACEStream\player\npace_plugin.dll (Innovative Digital Technologies)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Rybak\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\[email protected] [2014/07/28 03:17:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\[email protected] [2014/07/28 03:17:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\[email protected] [2014/07/28 03:17:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\[email protected] [2014/07/28 03:17:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\[email protected] [2014/07/28 03:17:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\jid0-lmZNVK7a82O8cufhdfB9dUDfA2w@jetpack: C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ffShim.xpi [2012/07/18 21:54:16 | 000,136,026 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Flock 2.6.1\extensions\\Components: C:\Program Files (x86)\Flock\components [2014/05/03 21:23:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Flock 2.6.1\extensions\\Plugins: C:\Program Files (x86)\Flock\plugins [2014/05/03 21:23:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/07/23 01:37:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.6.0\extensions\\Components: D:\Program Files (x86)\Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.6.0\extensions\\Plugins: D:\Program Files (x86)\Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Rybak\AppData\Roaming\ACEStream\extensions\firefox\[email protected] [2014/07/10 12:06:14 | 000,000,000 | ---D | M]
 
[2014/01/27 19:06:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rybak\AppData\Roaming\Mozilla\Extensions
[2013/11/10 14:13:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rybak\AppData\Roaming\Mozilla\Extensions\{a463f10c-3994-11da-9945-000d60ca027b}
[2014/01/27 19:06:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rybak\AppData\Roaming\Mozilla\Extensions\[email protected]
[2014/07/29 08:29:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rybak\AppData\Roaming\Mozilla\Firefox\Profiles\o71z7696.default-1406590195578\extensions
[2014/07/29 08:29:58 | 000,000,000 | ---D | M] (Toolbar Buttons) -- C:\Users\Rybak\AppData\Roaming\Mozilla\Firefox\Profiles\o71z7696.default-1406590195578\extensions\{03B08592-E5B4-45ff-A0BE-C1D975458688}
[2014/07/29 08:29:56 | 000,000,000 | ---D | M] (Whois & Flags Firefox & Websites Popularity Rating) -- C:\Users\Rybak\AppData\Roaming\Mozilla\Firefox\Profiles\o71z7696.default-1406590195578\extensions\[email protected]
[2014/07/29 08:29:55 | 000,000,000 | ---D | M] (LastPass) -- C:\Users\Rybak\AppData\Roaming\Mozilla\Firefox\Profiles\o71z7696.default-1406590195578\extensions\[email protected]
[2014/07/29 08:29:56 | 000,344,276 | ---- | M] () (No name found) -- C:\Users\Rybak\AppData\Roaming\Mozilla\Firefox\Profiles\o71z7696.default-1406590195578\extensions\[email protected]
[2014/07/29 08:19:41 | 000,458,672 | ---- | M] () (No name found) -- C:\Users\Rybak\AppData\Roaming\Mozilla\Firefox\Profiles\o71z7696.default-1406590195578\extensions\CSTBB@NArisT2_Noia4dev.xpi
[2014/07/29 08:18:13 | 000,126,171 | ---- | M] () (No name found) -- C:\Users\Rybak\AppData\Roaming\Mozilla\Firefox\Profiles\o71z7696.default-1406590195578\extensions\[email protected]
[2014/07/29 08:29:56 | 000,035,735 | ---- | M] () (No name found) -- C:\Users\Rybak\AppData\Roaming\Mozilla\Firefox\Profiles\o71z7696.default-1406590195578\extensions\[email protected]
[2014/07/29 08:29:56 | 000,139,960 | ---- | M] () (No name found) -- C:\Users\Rybak\AppData\Roaming\Mozilla\Firefox\Profiles\o71z7696.default-1406590195578\extensions\[email protected]
[2014/07/29 08:29:55 | 000,007,152 | ---- | M] () (No name found) -- C:\Users\Rybak\AppData\Roaming\Mozilla\Firefox\Profiles\o71z7696.default-1406590195578\extensions\[email protected]
[2014/07/29 08:29:55 | 000,179,297 | ---- | M] () (No name found) -- C:\Users\Rybak\AppData\Roaming\Mozilla\Firefox\Profiles\o71z7696.default-1406590195578\extensions\[email protected]
[2014/07/29 08:27:16 | 000,023,913 | ---- | M] () (No name found) -- C:\Users\Rybak\AppData\Roaming\Mozilla\Firefox\Profiles\o71z7696.default-1406590195578\extensions\[email protected]
[2014/07/29 08:29:55 | 000,035,303 | ---- | M] () (No name found) -- C:\Users\Rybak\AppData\Roaming\Mozilla\Firefox\Profiles\o71z7696.default-1406590195578\extensions\[email protected]
[2014/07/29 08:29:13 | 000,046,596 | ---- | M] () (No name found) -- C:\Users\Rybak\AppData\Roaming\Mozilla\Firefox\Profiles\o71z7696.default-1406590195578\extensions\[email protected]
[2014/07/29 08:29:55 | 000,009,253 | ---- | M] () (No name found) -- C:\Users\Rybak\AppData\Roaming\Mozilla\Firefox\Profiles\o71z7696.default-1406590195578\extensions\{2e17e2b2-b8d4-4a67-8d7b-fafa6cc9d1d0}.xpi
[2014/07/29 08:29:34 | 000,093,296 | ---- | M] () (No name found) -- C:\Users\Rybak\AppData\Roaming\Mozilla\Firefox\Profiles\o71z7696.default-1406590195578\extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi
[2014/07/29 08:29:55 | 000,065,849 | ---- | M] () (No name found) -- C:\Users\Rybak\AppData\Roaming\Mozilla\Firefox\Profiles\o71z7696.default-1406590195578\extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}.xpi
[2014/07/29 08:18:05 | 000,967,685 | ---- | M] () (No name found) -- C:\Users\Rybak\AppData\Roaming\Mozilla\Firefox\Profiles\o71z7696.default-1406590195578\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014/07/23 01:37:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/07/23 01:37:51 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - default_search_provider:  (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.google.com/
CHR - plugin: Error reading preferences file
CHR - Extension: Google Drive = C:\Users\Rybak\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Advanced SystemCare Surfing Protection = C:\Users\Rybak\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\Rybak\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: YouTube = C:\Users\Rybak\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: eBay = C:\Users\Rybak\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnadbgmffcofipfljniafanjcafjlbom\2.0.0_0\
CHR - Extension: Facebook = C:\Users\Rybak\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm\1.0.3_0\
CHR - Extension: Omnibox Site Search = C:\Users\Rybak\AppData\Local\Google\Chrome\User Data\Default\Extensions\cckcidchbmodjccllbmegoignhmidncg\1.0_0\
CHR - Extension: Adblock Plus = C:\Users\Rybak\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.3_0\
CHR - Extension: Google Search = C:\Users\Rybak\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Search by Image (by Google) = C:\Users\Rybak\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm\1.5.1_0\
CHR - Extension: Tampermonkey = C:\Users\Rybak\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo\3.8_0\
CHR - Extension: HTML Revealer and Password Revealer = C:\Users\Rybak\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgeopcldenngppapceagonnenonklpbn\2.0_0\
CHR - Extension: The QR Code Generator = C:\Users\Rybak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcmhlmapohffdglflokbgknlknnmogbb\0.2.6_0\
CHR - Extension: AdBlock = C:\Users\Rybak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.7.8_0\
CHR - Extension: LastPass: Free Password Manager = C:\Users\Rybak\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\3.1.45_0\
CHR - Extension: Google Voice (by Google) = C:\Users\Rybak\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo\2.4.4_0\
CHR - Extension: Media file downloader = C:\Users\Rybak\AppData\Local\Google\Chrome\User Data\Default\Extensions\khbkckdkhakengfjmejmiabaakdlhaab\2.0_0\
CHR - Extension: Webcam Toy = C:\Users\Rybak\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade\1.5_0\
CHR - Extension: FVD Downloader = C:\Users\Rybak\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp\5.9.5_0\
CHR - Extension: Speed Dial [FVD] - New Tab Page, 3D, Sync... = C:\Users\Rybak\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa\5.5.4_0\
CHR - Extension: SaveFrom.net helper = C:\Users\Rybak\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdpljndcmbeikfnlflcggaipgnhiedbl\3.70_0\
CHR - Extension: AS Magic Player = C:\Users\Rybak\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.0_0\
CHR - Extension: Awesome New Tab Pageâ„¢ = C:\Users\Rybak\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgmiemnjjchgkmgbeljfocdjjnpjnmcg\2014.112.31_0\
CHR - Extension: USA Independence Day Theme = C:\Users\Rybak\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhgggmlhfbnbhbkeogednenglhggdfif\1_0\
CHR - Extension: Dragon NaturallySpeaking Rich Internet Application Support = C:\Users\Rybak\AppData\Local\Google\Chrome\User Data\Default\Extensions\mikhcaiakabeeokmenglcdebplfdjicn\1.0_0\
CHR - Extension: Project Naptha = C:\Users\Rybak\AppData\Local\Google\Chrome\User Data\Default\Extensions\molncoemjfmpgdkbdlbjmhlcgniigdnf\0.9.3_0\
CHR - Extension: LastPass Vault = C:\Users\Rybak\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncliohomlfopnmlfkepkcbnhmeijkhhf\2.0.21_0\
CHR - Extension: MuteTab = C:\Users\Rybak\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmkbaaijgpppbokgnhhoakihofedkgcc\2.12_0\
CHR - Extension: Google Wallet = C:\Users\Rybak\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
CHR - Extension: Personal Blocklist (by Google) = C:\Users\Rybak\AppData\Local\Google\Chrome\User Data\Default\Extensions\nolijncfnkgaikbjbdaogikpmpbdcdef\2.5.1_0\
CHR - Extension: OverTask = C:\Users\Rybak\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeiijfgmbaopeehamdhiiepidbpfkcda\1.0.0.3_0\
CHR - Extension: MyHarmony Chrome Plugin = C:\Users\Rybak\AppData\Local\Google\Chrome\User Data\Default\Extensions\omaonpoimgkmbllpdihbnmgphjoipdhf\1.2.0.0_1\
CHR - Extension: better Browser - for Chrome = C:\Users\Rybak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbegekjleoplkhibgbmkmnnfffcpfanh\3.9_0\
CHR - Extension: Gmail = C:\Users\Rybak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Anti-Banner = C:\Users\Rybak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\14.0.0.4651_1\
 
O1 HOSTS File: ([2014/07/19 11:36:17 | 000,000,840 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2:64bit: - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (ArcPluginIEBHO Class) - {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - C:\Program Files (x86)\Perfect World Entertainment\Arc\plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Advanced SystemCare Browser Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [fspuip] C:\Program Files\FSP\FspUip.exe (Sentelic Corporation)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [THXCfg64] C:\Windows\SysNative\THXCfg64.DLL (Creative Technology Ltd.)
O4 - HKLM..\Run: [ACMON] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [Carbonite Backup] C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [DNS7reminder] C:\Program Files (x86)\Nuance\NaturallySpeaking12\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [FLxHCIm64] C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe (Windows ® Win 7 DDK provider)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [iSkysoft Helper Compact.exe] C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe (iSkySoft)
O4 - HKLM..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\isuspm.exe (Flexera Software LLC.)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (Power Software Ltd)
O4 - HKLM..\Run: [THX Audio Control Panel] C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [THX TruStudio NB Settings] C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUSTeK Computer Inc.)
O4 - HKCU..\Run: [AceStream] C:\Users\Rybak\AppData\Roaming\ACEStream\engine\ace_engine.exe ()
O4 - HKCU..\Run: [FBackup 5 Tray Agent]  File not found
O4 - HKCU..\Run: [FLBackup] C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServCtrl.exe (New Softwares.net)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [icq] C:\Users\Rybak\AppData\Roaming\ICQM\icq.exe (ICQ)
O4 - HKCU..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Flexera Software LLC.)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Rybak\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKCU..\Run: [TouchFreeze] C:\Users\Rybak\AppData\Local\Programs\TouchFreeze\TouchFreeze.exe ()
O4 - HKLM..\RunOnce: [NSIS.Library.RegTool.v3] C:\Program Files (x86)\FileZilla FTP Client\NSIS.Library.RegTool.v3.{1C7A7C4A-F4A1-4DF5-A32F-7D44A70DB737}.exe ()
O4 - Startup: C:\Users\Rybak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Rybak\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O8:64bit: - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ie_banner_deny.htm ()
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ie_banner_deny.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O9:64bit: - Extra Button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9 - Extra Button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]* in Local intranet)
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creat...102/CTSUEng.cab (Reg Error: Key error.)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creat...13/CTPIDPDE.cab (Reg Error: Key error.)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creat...30321/CTPID.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{39A62D84-5369-47FE-91A4-70B26301F3FA}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{85152643-06AE-4E27-B0DC-622EC7F2DFEB}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{e803f2c5-fa49-11e3-b234-00ac473cb173}\Shell - "" = AutoRun
O33 - MountPoints2\{e803f2c5-fa49-11e3-b234-00ac473cb173}\Shell\AutoRun\command - "" = G:\LGAutoRun.exe
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/07/28 22:19:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
[2014/07/28 22:19:44 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2014/07/28 22:04:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Check My Specs 2012 v3
[2014/07/28 18:30:01 | 000,000,000 | ---D | C] -- C:\Users\Rybak\Desktop\Old Firefox Data
[2014/07/26 16:39:20 | 000,000,000 | ---D | C] -- C:\Users\Rybak\AppData\Roaming\tiger-k
[2014/07/26 16:39:17 | 000,000,000 | ---D | C] -- C:\Users\Rybak\Documents\Leawo
[2014/07/26 16:39:17 | 000,000,000 | ---D | C] -- C:\Users\Rybak\AppData\Roaming\Leawo
[2014/07/26 16:39:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Leawo
[2014/07/26 16:39:09 | 000,606,208 | ---- | C] (http://www.xvid.org) -- C:\Windows\SysWow64\xvidcore.dll
[2014/07/26 16:39:09 | 000,139,264 | ---- | C] (http://www.xvid.org) -- C:\Windows\SysWow64\xvid.ax
[2014/07/26 16:39:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Leawo
[2014/07/26 16:39:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2014/07/26 16:39:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Lite Codec Pack
[2014/07/26 16:38:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Leawo
[2014/07/25 11:46:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MultiBit-0.5.18
[2014/07/25 11:46:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MultiBit
[2014/07/23 17:14:56 | 000,000,000 | ---D | C] -- C:\Users\Rybak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
[2014/07/23 17:14:55 | 000,000,000 | ---D | C] -- C:\Users\Rybak\AppData\Local\Ubisoft Game Launcher
[2014/07/23 13:17:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft
[2014/07/23 12:27:11 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/07/23 07:45:23 | 000,000,000 | ---D | C] -- C:\Users\Rybak\AppData\Local\Fallout3
[2014/07/23 01:37:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/07/22 23:38:55 | 000,000,000 | ---D | C] -- C:\Users\Rybak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RecoveryMechanic
[2014/07/22 23:38:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RecoveryMechanic
[2014/07/22 23:38:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RecoveryMechanic
[2014/07/22 18:23:11 | 000,000,000 | ---D | C] -- C:\Users\Rybak\AppData\Local\Aurora 3D Animation Maker
[2014/07/21 06:43:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2014/07/21 06:40:28 | 000,000,000 | ---D | C] -- C:\Users\Rybak\Desktop\FarCry 3 OG Files
[2014/07/21 06:29:01 | 000,000,000 | ---D | C] -- C:\Users\Rybak\Desktop\FarCry3 Mods
[2014/07/20 11:52:58 | 000,000,000 | ---D | C] -- C:\Users\Rybak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aoao Video to GIF Converter
[2014/07/20 11:52:54 | 000,000,000 | ---D | C] -- C:\Program Files\Aoao Video to GIF Converter
[2014/07/19 20:05:38 | 000,000,000 | ---D | C] -- C:\Users\Rybak\AppData\Local\Futuremark_Corporation
[2014/07/19 20:02:07 | 000,000,000 | ---D | C] -- C:\Users\Rybak\Documents\PCMark 7
[2014/07/19 20:01:58 | 000,000,000 | ---D | C] -- C:\Users\Rybak\AppData\Local\IsolatedStorage
[2014/07/19 19:33:47 | 000,000,000 | ---D | C] -- C:\ProgramData\NovaTech Network
[2014/07/19 19:31:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NovaBench
[2014/07/19 19:31:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Novawave
[2014/07/19 19:27:51 | 000,000,000 | R--D | C] -- C:\Users\Rybak\Searches
[2014/07/19 11:54:04 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014/07/19 11:52:40 | 000,000,000 | ---D | C] -- C:\Windows\Temp
[2014/07/19 11:52:40 | 000,000,000 | ---D | C] -- C:\Users\Rybak\AppData\Local\Temp
[2014/07/19 11:42:23 | 000,000,000 | ---D | C] -- C:\Users\Rybak\Desktop\RESCUE
[2014/07/19 09:25:55 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\SysWow64\sqlite3.dll
[2014/07/19 08:53:11 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/07/18 20:53:40 | 000,000,000 | ---D | C] -- C:\Users\Rybak\Desktop\UA-Su25
[2014/07/18 18:23:48 | 000,000,000 | ---D | C] -- C:\Users\Rybak\AppData\Roaming\FLEXnet
[2014/07/16 20:37:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragon NaturallySpeaking 12.0
[2014/07/16 20:36:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\IVA
[2014/07/16 20:36:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nuance
[2014/07/16 20:35:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Macrovision
[2014/07/16 20:35:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Nuance
[2014/07/16 20:35:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nuance
[2014/07/16 20:29:15 | 000,131,856 | ---- | C] (Power Software Ltd) -- C:\Windows\SysNative\drivers\scdemu.sys
[2014/07/16 20:29:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
[2014/07/16 16:07:04 | 000,000,000 | ---D | C] -- C:\Users\Rybak\AppData\Local\Focus Home Interactive
[2014/07/15 14:47:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IP-MAC Scanner
[2014/07/15 14:47:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AthTek
[2014/07/13 19:18:37 | 000,000,000 | ---D | C] -- C:\Users\Rybak\AppData\Roaming\PowerISO
[2014/07/13 19:17:30 | 000,000,000 | ---D | C] -- C:\Program Files\PowerISO
[2014/07/13 15:37:28 | 000,000,000 | ---D | C] -- C:\Users\Rybak\AppData\Local\CrashRpt
[2014/07/12 14:27:33 | 000,000,000 | ---D | C] -- C:\Users\Rybak\Documents\StarCraft II
[2014/07/12 10:25:46 | 000,000,000 | ---D | C] -- C:\ProgramData\IDMComp
[2014/07/12 10:25:45 | 000,000,000 | ---D | C] -- C:\Users\Rybak\AppData\Roaming\IDMComp
[2014/07/12 10:23:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraEdit
[2014/07/12 10:23:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IDM Computer Solutions
[2014/07/11 17:18:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
[2014/07/10 16:38:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014/07/10 16:37:52 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014/07/10 16:37:51 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014/07/10 16:37:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2014/07/10 16:37:51 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2014/07/10 16:28:13 | 000,000,000 | ---D | C] -- C:\Users\Rybak\AppData\Roaming\Nero
[2014/07/10 16:17:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero
[2014/07/10 16:17:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
[2014/07/10 16:17:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nero
[2014/07/10 16:17:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2014/07/10 11:56:38 | 000,000,000 | ---D | C] -- C:\Users\Rybak\AppData\Local\Apple
[2014/07/10 11:48:02 | 000,000,000 | ---D | C] -- C:\ProgramData\NCH Swift Sound
[2014/07/10 11:21:53 | 000,000,000 | ---D | C] -- C:\Users\Rybak\Desktop\Natasha
[2014/07/10 10:56:15 | 000,000,000 | ---D | C] -- C:\Users\Rybak\Desktop\Shpack
[2014/07/08 13:53:20 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014/07/07 22:14:27 | 000,000,000 | ---D | C] -- C:\Users\Rybak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XML Viewer
[2014/07/07 22:14:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MindFusion Limited
[2014/07/07 20:40:25 | 000,000,000 | ---D | C] -- C:\Users\Rybak\Desktop\HUA
[2014/07/07 13:00:23 | 000,000,000 | ---D | C] -- C:\Users\Rybak\AppData\Roaming\Skyrim - Legendary Edition
[2014/07/07 13:00:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
[2014/07/07 12:49:27 | 000,000,000 | ---D | C] -- C:\Users\Rybak\AppData\Local\Skyrim
[2014/07/06 23:09:19 | 000,000,000 | ---D | C] -- C:\Users\Rybak\AppData\Roaming\Electrum
[2014/07/06 17:30:24 | 000,000,000 | ---D | C] -- C:\Users\Rybak\Documents\Games for Windows - LIVE Demos
[2014/07/05 09:09:13 | 000,000,000 | ---D | C] -- C:\Users\Rybak\Desktop\Ukraine Trip - Mama
[2014/07/03 19:12:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2014/07/03 14:24:07 | 000,000,000 | ---D | C] -- C:\Users\Rybak\Documents\LogoMaker
[2014/07/03 14:24:06 | 000,000,000 | ---D | C] -- C:\Users\Rybak\AppData\Roaming\LogoMaker
[2014/07/03 14:23:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Studio V5
[2014/07/03 14:22:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Studio V5
[2014/07/03 12:03:08 | 000,000,000 | ---D | C] -- C:\ProgramData\REVOLT
[2014/07/03 04:23:32 | 000,000,000 | ---D | C] -- C:\Users\Rybak\Documents\Laughingbird Documents
[2014/07/03 04:05:12 | 000,000,000 | ---D | C] -- C:\Users\Rybak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bitcoin Core
[2014/07/03 04:05:09 | 000,000,000 | ---D | C] -- C:\Program Files\Bitcoin
[2014/07/03 03:16:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Carbonite
[2014/07/01 22:36:52 | 000,000,000 | R--D | C] -- C:\Drive
[2014/07/01 21:43:09 | 000,000,000 | ---D | C] -- C:\Users\Rybak\Documents\Larian Studios
[2014/07/01 16:46:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
[2014/07/01 16:46:34 | 000,000,000 | ---D | C] -- C:\Program Files\Nexus Mod Manager
[2014/07/01 16:02:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2014/07/01 15:17:54 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2014/06/30 01:17:08 | 000,000,000 | ---D | C] -- C:\Users\Rybak\AppData\Roaming\uTorrent
[2014/06/29 10:28:46 | 000,000,000 | ---D | C] -- C:\Users\Rybak\AppData\Local\Sniper3
[2013/02/24 20:59:34 | 002,174,976 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Program Files (x86)\Common Files\atimpenc.dll
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/07/29 03:47:09 | 000,000,600 | ---- | M] () -- C:\Users\Rybak\AppData\Local\PUTTY.RND
[2014/07/29 03:34:37 | 000,078,762 | ---- | M] () -- C:\Users\Rybak\Desktop\Last.Week.Tonight.With.John.Oliver.S01E11.720p.HDTV.x264-BATV.torrent
[2014/07/28 22:19:51 | 000,000,796 | ---- | M] () -- C:\Users\Public\Desktop\Speccy.lnk
[2014/07/28 22:16:30 | 000,112,905 | ---- | M] () -- C:\Users\Rybak\Desktop\gpuz.jpg
[2014/07/28 22:09:53 | 000,006,465 | ---- | M] () -- C:\Users\Rybak\Desktop\[rutracker.org].t4668567.torrent
[2014/07/28 18:17:48 | 000,039,709 | ---- | M] () -- C:\Users\Rybak\Desktop\1234683_10154443852670440_4629939098936341722_n.jpg
[2014/07/28 18:12:18 | 000,043,537 | ---- | M] () -- C:\Users\Rybak\Desktop\35948.gif
[2014/07/28 15:13:14 | 000,022,560 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/07/28 15:13:14 | 000,022,560 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/07/28 01:00:51 | 000,001,996 | ---- | M] () -- C:\Users\Public\Desktop\FileZilla Client.lnk
[2014/07/27 20:33:33 | 000,782,470 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/07/27 20:33:33 | 000,662,634 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/07/27 20:33:33 | 000,122,470 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/07/27 15:35:47 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/07/27 15:07:43 | 000,000,380 | ---- | M] () -- C:\Users\Rybak\AppData\Roaming\sp_data.sys
[2014/07/27 15:07:36 | 000,067,584 | ---- | M] () -- C:\Windows\bootstat.dat
[2014/07/26 19:39:25 | 000,090,356 | ---- | M] () -- C:\Users\Rybak\Desktop\error.jpg
[2014/07/26 16:39:09 | 000,001,225 | ---- | M] () -- C:\Users\Rybak\Application Data\Microsoft\Internet Explorer\Quick Launch\Video Converter Pro.lnk
[2014/07/26 16:39:09 | 000,001,201 | ---- | M] () -- C:\Users\Public\Desktop\Leawo Video Converter Pro.lnk
[2014/07/25 11:46:19 | 000,001,809 | ---- | M] () -- C:\Users\Public\Desktop\MultiBit 0.5.18.lnk
[2014/07/25 03:31:03 | 000,001,049 | ---- | M] () -- C:\Users\Rybak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014/07/24 13:15:30 | 000,086,016 | ---- | M] () -- C:\Users\Rybak\Desktop\appts.pdf
[2014/07/23 17:19:18 | 000,281,688 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2014/07/23 17:19:18 | 000,281,688 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014/07/23 17:14:56 | 000,001,197 | ---- | M] () -- C:\Users\Rybak\Desktop\Uplay.lnk
[2014/07/23 16:47:50 | 000,001,282 | ---- | M] () -- C:\Users\Rybak\Desktop\Far Cry 3.lnk
[2014/07/23 16:30:38 | 000,282,512 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2014/07/23 16:30:37 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2014/07/22 20:27:37 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/07/22 20:27:37 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/07/20 11:52:58 | 000,000,967 | ---- | M] () -- C:\Users\Rybak\Desktop\Aoao Video to GIF Converter.lnk
[2014/07/19 11:36:17 | 000,000,840 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014/07/19 11:34:52 | 000,024,064 | ---- | M] () -- C:\Windows\zoek-delete.exe
[2014/07/19 06:20:46 | 000,007,605 | ---- | M] () -- C:\Users\Rybak\AppData\Local\Resmon.ResmonCfg
[2014/07/18 18:22:59 | 000,000,000 | ---- | M] () -- C:\asc_rdflag
[2014/07/18 14:45:13 | 000,000,869 | ---- | M] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2014/07/16 20:37:21 | 000,002,799 | ---- | M] () -- C:\Users\Public\Desktop\Dragon NaturallySpeaking 12.0.lnk
[2014/07/15 19:12:22 | 000,002,867 | ---- | M] () -- C:\Users\Rybak\Desktop\Nero Burning ROM.lnk
[2014/07/15 14:47:37 | 000,001,124 | ---- | M] () -- C:\Users\Rybak\Application Data\Microsoft\Internet Explorer\Quick Launch\IP-MAC Scanner.lnk
[2014/07/15 14:47:37 | 000,001,100 | ---- | M] () -- C:\Users\Public\Desktop\IP-MAC Scanner.lnk
[2014/07/14 02:52:26 | 000,000,851 | ---- | M] () -- C:\Users\Rybak\Desktop\µTorrent.lnk
[2014/07/14 02:52:26 | 000,000,831 | ---- | M] () -- C:\Users\Rybak\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2014/07/13 22:37:08 | 000,001,089 | ---- | M] () -- C:\Users\Rybak\Desktop\FastStone Capture.lnk
[2014/07/12 10:23:26 | 000,002,084 | ---- | M] () -- C:\Users\Rybak\Application Data\Microsoft\Internet Explorer\Quick Launch\UltraEdit.lnk
[2014/07/12 10:23:26 | 000,002,060 | ---- | M] () -- C:\Users\Public\Desktop\UltraEdit.lnk
[2014/07/11 17:18:24 | 000,001,378 | ---- | M] () -- C:\Users\Rybak\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk
[2014/07/11 17:18:24 | 000,001,354 | ---- | M] () -- C:\Users\Public\Desktop\Foxit Reader.lnk
[2014/07/10 17:52:40 | 000,002,218 | ---- | M] () -- C:\Users\Rybak\Desktop\Google Chrome.lnk
[2014/07/10 16:38:26 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/07/10 16:18:27 | 000,002,843 | ---- | M] () -- C:\Users\Public\Desktop\Nero Burning ROM 12.lnk
[2014/07/10 11:43:49 | 008,324,816 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/07/07 21:22:57 | 000,000,773 | ---- | M] () -- C:\Users\Rybak\Desktop\index.html
[2014/07/07 16:21:06 | 000,000,891 | ---- | M] () -- C:\Users\Rybak\Desktop\Mozilla Thunderbird.lnk
[2014/07/07 13:42:07 | 000,000,949 | ---- | M] () -- C:\Users\Rybak\Desktop\Skyrim (SKSE).lnk
[2014/07/07 13:00:23 | 000,000,820 | ---- | M] () -- C:\Users\Rybak\Desktop\Skyrim - Legendary Edition.lnk
[2014/07/06 08:25:32 | 000,004,113 | ---- | M] () -- C:\Users\Rybak\Desktop\Games to Download.ods
[2014/07/04 17:05:16 | 000,000,707 | ---- | M] () -- C:\Users\Rybak\Desktop\Digital Pictures.lnk
[2014/07/03 19:48:53 | 000,000,220 | ---- | M] () -- C:\Users\Rybak\Desktop\Sid Meier's Civilization V.url
[2014/07/02 13:14:25 | 000,001,393 | ---- | M] () -- C:\Users\Rybak\Desktop\Opera.lnk
[2014/07/01 20:51:40 | 071,006,772 | ---- | M] () -- C:\Users\Rybak\Desktop\HardNox - At The Sapphire.mp4
[2014/07/01 16:46:35 | 000,000,890 | ---- | M] () -- C:\Users\Public\Desktop\Nexus Mod Manager.lnk
[2014/07/01 16:02:19 | 000,000,959 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/07/29 03:34:37 | 000,078,762 | ---- | C] () -- C:\Users\Rybak\Desktop\Last.Week.Tonight.With.John.Oliver.S01E11.720p.HDTV.x264-BATV.torrent
[2014/07/28 22:19:51 | 000,000,796 | ---- | C] () -- C:\Users\Public\Desktop\Speccy.lnk
[2014/07/28 22:16:30 | 000,112,905 | ---- | C] () -- C:\Users\Rybak\Desktop\gpuz.jpg
[2014/07/28 22:09:53 | 000,006,465 | ---- | C] () -- C:\Users\Rybak\Desktop\[rutracker.org].t4668567.torrent
[2014/07/28 18:17:48 | 000,039,709 | ---- | C] () -- C:\Users\Rybak\Desktop\1234683_10154443852670440_4629939098936341722_n.jpg
[2014/07/28 18:12:18 | 000,043,537 | ---- | C] () -- C:\Users\Rybak\Desktop\35948.gif
[2014/07/26 19:39:25 | 000,090,356 | ---- | C] () -- C:\Users\Rybak\Desktop\error.jpg
[2014/07/26 16:39:09 | 000,001,225 | ---- | C] () -- C:\Users\Rybak\Application Data\Microsoft\Internet Explorer\Quick Launch\Video Converter Pro.lnk
[2014/07/26 16:39:09 | 000,001,201 | ---- | C] () -- C:\Users\Public\Desktop\Leawo Video Converter Pro.lnk
[2014/07/26 16:39:02 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2014/07/25 11:46:19 | 000,001,809 | ---- | C] () -- C:\Users\Public\Desktop\MultiBit 0.5.18.lnk
[2014/07/24 13:15:29 | 000,086,016 | ---- | C] () -- C:\Users\Rybak\Desktop\appts.pdf
[2014/07/23 17:14:56 | 000,001,197 | ---- | C] () -- C:\Users\Rybak\Desktop\Uplay.lnk
[2014/07/23 16:47:50 | 000,001,282 | ---- | C] () -- C:\Users\Rybak\Desktop\Far Cry 3.lnk
[2014/07/23 16:30:38 | 000,281,688 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014/07/23 16:30:37 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2014/07/20 11:52:58 | 000,000,967 | ---- | C] () -- C:\Users\Rybak\Desktop\Aoao Video to GIF Converter.lnk
[2014/07/19 11:52:41 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe
[2014/07/19 06:20:46 | 000,007,605 | ---- | C] () -- C:\Users\Rybak\AppData\Local\Resmon.ResmonCfg
[2014/07/18 18:22:59 | 000,000,000 | ---- | C] () -- C:\asc_rdflag
[2014/07/16 20:37:21 | 000,002,799 | ---- | C] () -- C:\Users\Public\Desktop\Dragon NaturallySpeaking 12.0.lnk
[2014/07/15 19:12:22 | 000,002,867 | ---- | C] () -- C:\Users\Rybak\Desktop\Nero Burning ROM.lnk
[2014/07/15 14:47:37 | 000,001,124 | ---- | C] () -- C:\Users\Rybak\Application Data\Microsoft\Internet Explorer\Quick Launch\IP-MAC Scanner.lnk
[2014/07/15 14:47:37 | 000,001,100 | ---- | C] () -- C:\Users\Public\Desktop\IP-MAC Scanner.lnk
[2014/07/13 22:37:08 | 000,001,089 | ---- | C] () -- C:\Users\Rybak\Desktop\FastStone Capture.lnk
[2014/07/12 10:23:26 | 000,002,084 | ---- | C] () -- C:\Users\Rybak\Application Data\Microsoft\Internet Explorer\Quick Launch\UltraEdit.lnk
[2014/07/12 10:23:26 | 000,002,060 | ---- | C] () -- C:\Users\Public\Desktop\UltraEdit.lnk
[2014/07/11 17:18:24 | 000,001,378 | ---- | C] () -- C:\Users\Rybak\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk
[2014/07/11 17:18:24 | 000,001,354 | ---- | C] () -- C:\Users\Public\Desktop\Foxit Reader.lnk
[2014/07/10 17:52:40 | 000,002,218 | ---- | C] () -- C:\Users\Rybak\Desktop\Google Chrome.lnk
[2014/07/10 16:38:26 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/07/10 16:18:27 | 000,002,843 | ---- | C] () -- C:\Users\Public\Desktop\Nero Burning ROM 12.lnk
[2014/07/10 10:47:53 | 000,314,048 | ---- | C] () -- C:\Users\Rybak\Desktop\Games for Windows LIVE Disabler.exe
[2014/07/07 19:27:35 | 000,000,773 | ---- | C] () -- C:\Users\Rybak\Desktop\index.html
[2014/07/07 16:21:06 | 000,000,891 | ---- | C] () -- C:\Users\Rybak\Desktop\Mozilla Thunderbird.lnk
[2014/07/07 13:42:07 | 000,000,949 | ---- | C] () -- C:\Users\Rybak\Desktop\Skyrim (SKSE).lnk
[2014/07/07 13:00:23 | 000,000,820 | ---- | C] () -- C:\Users\Rybak\Desktop\Skyrim - Legendary Edition.lnk
[2014/07/04 17:05:16 | 000,000,707 | ---- | C] () -- C:\Users\Rybak\Desktop\Digital Pictures.lnk
[2014/07/03 19:48:53 | 000,000,220 | ---- | C] () -- C:\Users\Rybak\Desktop\Sid Meier's Civilization V.url
[2014/07/02 13:14:25 | 000,001,393 | ---- | C] () -- C:\Users\Rybak\Desktop\Opera.lnk
[2014/07/01 20:48:36 | 071,006,772 | ---- | C] () -- C:\Users\Rybak\Desktop\HardNox - At The Sapphire.mp4
[2014/07/01 16:02:19 | 000,000,959 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2014/06/30 01:17:46 | 000,000,851 | ---- | C] () -- C:\Users\Rybak\Desktop\µTorrent.lnk
[2014/06/30 01:17:46 | 000,000,831 | ---- | C] () -- C:\Users\Rybak\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2014/06/17 15:34:47 | 002,601,752 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_moh.exe
[2014/06/07 18:40:51 | 000,721,263 | ---- | C] () -- C:\Windows\SysWow64\ISCM64.dll
[2014/06/07 18:40:51 | 000,214,528 | ---- | C] () -- C:\Windows\SysWow64\ISCM32.dll
[2014/06/03 13:38:31 | 000,034,308 | ---- | C] () -- C:\Windows\SysWow64\bassmod.dll
[2014/05/30 15:18:32 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\Lagarith.dll
[2014/05/30 11:22:37 | 001,198,476 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2014/05/29 20:59:04 | 000,005,632 | ---- | C] () -- C:\Users\Rybak\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/05/29 04:11:49 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2014/04/30 23:24:06 | 000,000,600 | ---- | C] () -- C:\Users\Rybak\AppData\Roaming\PUTTY.RND
[2014/04/28 16:17:41 | 000,001,478 | ---- | C] () -- C:\Users\Rybak\AppData\Local\recently-used.xbel
[2014/02/17 22:58:00 | 000,000,132 | ---- | C] () -- C:\Users\Rybak\AppData\Roaming\Adobe GIF Format CS6 Prefs
[2014/01/28 11:50:21 | 000,000,600 | ---- | C] () -- C:\Users\Rybak\AppData\Local\PUTTY.RND
[2014/01/18 13:17:08 | 000,000,340 | ---- | C] () -- C:\Users\Rybak\AppData\Local\HackLogs.dat
[2014/01/17 22:15:31 | 000,000,620 | -HS- | C] () -- C:\Users\Rybak\AppData\Local\settingsFL.dat
[2014/01/17 21:58:07 | 000,001,213 | -HS- | C] () -- C:\Users\Rybak\AppData\Local\win_fldb_sys.dat
[2014/01/17 21:58:07 | 000,000,693 | -HS- | C] () -- C:\Windows\SysWow64\win_fldb_sys.dat
[2014/01/17 21:55:46 | 000,000,700 | -HS- | C] () -- C:\Users\Rybak\AppData\Local\systemFL7.dat
[2014/01/17 21:47:04 | 000,003,465 | -HS- | C] () -- C:\Windows\SysWow64\win_stlthdb_sys.dat
[2014/01/17 21:47:04 | 000,003,465 | -HS- | C] () -- C:\Users\Rybak\AppData\Local\win_stlthdb_sys.dat
[2014/01/17 21:44:55 | 000,034,816 | ---- | C] () -- C:\Windows\SysWow64\WinFLAdrv.sys
[2014/01/17 21:44:54 | 000,197,648 | ---- | C] () -- C:\Windows\SysWow64\WinVDEdrv6.sys
[2014/01/17 21:44:38 | 000,014,024 | ---- | C] () -- C:\Windows\SysWow64\WinFLMsgService.exe
[2014/01/17 21:44:37 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\nwsftUninstall.exe
[2013/12/27 03:45:59 | 000,000,262 | ---- | C] () -- C:\Users\Rybak\uacossack.inkyp
[2013/12/07 05:46:16 | 000,355,840 | ---- | C] () -- C:\Windows\SysWow64\LiveWrapRTSP.dll
[2013/11/23 21:55:56 | 000,000,037 | -HS- | C] () -- C:\Users\Rybak\AppData\Local\70149b02515b3bb20dd492.47983420
[2013/11/19 18:35:30 | 000,000,132 | ---- | C] () -- C:\Users\Rybak\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2013/11/10 14:13:44 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2013/11/07 20:15:59 | 002,250,024 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2013/11/02 10:30:28 | 000,000,012 | ---- | C] () -- C:\Windows\wind3264st.dat
[2013/10/23 03:54:57 | 000,000,600 | ---- | C] () -- C:\Users\Rybak\PUTTY.RND
[2013/10/19 19:14:53 | 000,110,602 | ---- | C] () -- C:\Windows\SysWow64\xcdsfx32.bin
[2013/10/18 18:50:58 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\acovcnt.exe
[2013/10/18 16:30:37 | 000,004,545 | ---- | C] () -- C:\Users\Rybak\AppData\Roaming\CamStudio.cfg
[2013/10/18 16:30:37 | 000,000,408 | ---- | C] () -- C:\Users\Rybak\AppData\Roaming\CamShapes.ini
[2013/10/18 16:30:37 | 000,000,408 | ---- | C] () -- C:\Users\Rybak\AppData\Roaming\CamLayout.ini
[2013/10/18 16:30:37 | 000,000,100 | ---- | C] () -- C:\Users\Rybak\AppData\Roaming\Camdata.ini
[2013/10/18 16:18:49 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2013/10/18 12:56:45 | 000,775,084 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/10/17 13:56:20 | 000,482,408 | ---- | C] () -- C:\Windows\ssndii.exe
[2013/10/16 16:52:40 | 000,000,380 | ---- | C] () -- C:\Users\Rybak\AppData\Roaming\sp_data.sys
[2013/10/16 16:48:33 | 000,001,313 | ---- | C] () -- C:\Windows\THXCfg_SP_APOIM.ini
[2013/10/16 16:48:33 | 000,001,212 | ---- | C] () -- C:\Windows\THXCfg_HP_APOIM.ini
[2013/10/16 16:48:33 | 000,001,212 | ---- | C] () -- C:\Windows\THXCfg_APOIM.ini
[2013/10/16 16:48:32 | 000,185,856 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2013/10/16 16:48:32 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
 
========== ZeroAccess Check ==========
 
[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/24 21:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/24 21:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/07/04 17:04:55 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\.ACEStream
[2014/06/10 13:59:10 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\.mono
[2013/12/02 18:22:20 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\ACEStream
[2013/12/19 17:07:25 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\AMS Software
[2014/02/13 09:07:32 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\AnvSoft
[2014/03/23 15:28:21 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\Apowersoft
[2014/04/19 02:14:57 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\Arc
[2013/10/20 08:59:06 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\Ashampoo
[2013/12/22 20:42:26 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\Asterisk Password Decryptor
[2013/11/24 17:24:24 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\Awesomium
[2013/10/24 09:57:12 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\Bigasoft Video Downloader Pro
[2014/07/06 23:06:41 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\Bitcoin
[2013/12/19 17:07:30 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\Chamber
[2013/12/04 18:39:24 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\Digital Confidence
[2014/06/18 22:20:54 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\DiskDefrag
[2014/07/25 04:23:39 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\DiskSpaceFan
[2014/07/27 15:07:52 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\Dropbox
[2013/12/13 17:37:55 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\Durbetsel 6.3
[2014/07/06 23:09:45 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\Electrum
[2013/11/15 18:21:32 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\FaceOffMax
[2014/07/29 07:57:43 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\FileZilla
[2013/11/10 14:13:42 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\Flock
[2014/05/30 12:32:20 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\Foxit Software
[2013/11/05 20:32:42 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\freac
[2014/01/23 22:35:29 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\FTPRush
[2014/05/31 16:40:35 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\Globalscape
[2014/06/07 11:42:13 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\HandBrake
[2014/01/20 07:12:31 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\Hensense.com
[2014/04/11 16:20:30 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\I2P
[2014/06/02 16:09:28 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\ICQ-Profile
[2014/06/02 13:19:09 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\ICQM
[2014/06/08 19:48:57 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\ImTOO
[2014/07/05 11:24:36 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\IObit
[2014/05/03 19:54:45 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\IrfanView
[2014/01/09 16:24:57 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\jagex_cache
[2014/02/04 05:58:35 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\KompoZer
[2014/05/20 09:43:17 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\Leadertech
[2014/07/26 16:39:17 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\Leawo
[2014/06/02 12:07:46 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\LibreOffice
[2014/01/06 23:19:57 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\LockHunter
[2014/07/03 14:24:11 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\LogoMaker
[2013/12/05 00:49:16 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\Miranda
[2014/02/24 15:45:53 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\MouseMonitor
[2014/07/25 12:07:11 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\MultiBit
[2014/06/19 16:47:29 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\MusicBee
[2013/10/20 18:51:19 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\NeoDownloader
[2014/04/22 12:17:36 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\No Company Name
[2014/04/29 21:27:37 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\Notepad++
[2014/01/10 12:58:17 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\OpenDNS Updater
[2014/02/02 21:15:41 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\Opera Software
[2013/10/19 17:18:44 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\Origin
[2014/01/19 18:12:44 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\Passware
[2013/10/23 12:52:36 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\PDAppFlex
[2013/12/21 20:05:42 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\PearlMountain
[2014/06/14 08:43:15 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\Pegasys Inc
[2014/07/13 19:18:37 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\PowerISO
[2013/10/19 16:37:25 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\Preme for Windows
[2014/06/24 03:03:23 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\ProductData
[2013/11/02 10:47:47 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\RoboForm
[2014/07/07 13:00:23 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\Skyrim - Legendary Edition
[2014/02/28 20:52:13 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\Softland
[2014/06/02 16:24:40 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\Spotify
[2013/10/28 16:11:25 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\TAC
[2013/12/07 18:13:27 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\TeamViewer
[2014/05/26 13:14:49 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\Thunderbird
[2014/07/26 16:40:23 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\tiger-k
[2014/01/17 13:24:17 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\TightVNC
[2014/01/27 19:06:00 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\TomTom
[2014/01/03 16:48:58 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\TuneUp Software
[2013/11/22 18:35:22 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\Unity
[2014/07/29 08:00:37 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\uTorrent
[2014/06/03 12:15:11 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\Veronisoft
[2013/11/08 22:05:16 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\Wargaming.net
[2014/05/25 12:08:27 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\Xilisoft
[2013/12/24 02:15:17 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\Xirrus
[2014/01/11 20:02:20 | 000,000,000 | ---D | M] -- C:\Users\Rybak\AppData\Roaming\Yandex
 
========== Purity Check ==========
 
 
 
========== Files - Unicode (All) ==========
[2014/01/24 19:39:26 | 000,000,162 | -H-- | M] ()(C:\Users\Rybak\Desktop\~$??????? ?????.docx) -- C:\Users\Rybak\Desktop\~$??????? ?????.docx
[2014/01/24 19:39:26 | 000,000,162 | -H-- | C] ()(C:\Users\Rybak\Desktop\~$??????? ?????.docx) -- C:\Users\Rybak\Desktop\~$??????? ?????.docx
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 54 bytes -> C:\Users\Rybak\ntuser.ini:l_encryption_d
@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:1CE11B51
@Alternate Data Stream - 12 bytes -> C:\Windows:{4B9A1497-0817-47C4-9612-D6A1C53ACF57}
@Alternate Data Stream - 12 bytes -> C:\Users\Rybak\Documents:{2C848322-7882-41E2-AFF6-B060B946FEE9}3

< End of report >
 

 

 

 

 

 

-------------------

 

Here are my computer specifications:

 

Here are the details of my Laptop PC.

u3jTHKD.jpg


Here is the specifications of my Video Card.

smX1Bo8.jpg

 

Thank you!!


Edited by CompCav, 02 August 2014 - 07:39 AM.

  • 0

Advertisements


#2
BearCavalry

BearCavalry

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 141 posts

As a part of my attempt to solve my Windows issues, I ran through all the programs with instructions that Rockmilk linked to, in a response to one of my previous threads, here is his reply with the link: http://www.geekstogo...g/#entry2419768.

 

Also, don't know if this will help, but it's my computer information via Speccy. http://speccy.pirifo...6gNbTc21kEjVKQb

 

 

**Update 8/1/2014**  Here is my scan results from Malwarebytes AntiMalware. It find 3 PUP files, and I delete them.

 

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Scan Date: 8/1/2014
Scan Time: 5:11:20 PM
Logfile:
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.08.01.05
Rootkit Database: v2014.08.01.01

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS

Scan Type: Custom Scan
Result: Completed
Objects Scanned: 625309
Time Elapsed: 1 hr, 51 min, 22 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Disabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Warn
PUM: Warn

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected

Physical Sectors: 0
(No malicious items detected)


(end)


Edited by BearCavalry, 01 August 2014 - 06:09 PM.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP