Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Possibly a virus. [Solved]

Started by Fatie32 , Oct 25 2014 12:48 PM

This topic is locked

#1
Fatie32

Posted 25 October 2014 - 12:48 PM

Member

Member
122 posts

Had a few strang pop ups as well as a process (my computers name).exe running at 100 percent cpu a few times.

OTL logfile created on: 10/25/2014 12:39:22 PM - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = D:\Downloads

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.11.9600.17358)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.95 Gb Total Physical Memory | 5.40 Gb Available Physical Memory | 67.91% Memory free

7.94 Gb Paging File | 5.12 Gb Available in Paging File | 64.40% Paging File free

Paging file location(s): [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 55.68 Gb Total Space | 6.71 Gb Free Space | 12.06% Space Free | Partition Type: NTFS

Drive D: | 1667.70 Gb Total Space | 1290.96 Gb Free Space | 77.41% Space Free | Partition Type: NTFS

Unable to calculate disk information.

Drive F: | 6.32 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: MIKEY-PC | User Name: Mikey | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/10/25 12:31:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Downloads\OTL.exe

PRC - [2014/10/22 16:38:03 | 002,664,227 | -HS- | M] () -- C:\Users\Mikey\AppData\Roaming\amde.exe

PRC - [2014/10/21 13:22:40 | 001,529,536 | ---- | M] (Valve Corporation) -- D:\Program Files (x86)\Steam\bin\steamwebhelper.exe

PRC - [2014/10/21 13:22:38 | 001,938,624 | ---- | M] (Valve Corporation) -- D:\Program Files (x86)\Steam\Steam.exe

PRC - [2014/10/20 23:51:28 | 002,973,600 | ---- | M] (MicroStudio) -- C:\Program Files (x86)\Windows Network Accelerater\v3\winvxm.exe

PRC - [2014/10/09 20:04:06 | 000,854,344 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

PRC - [2014/09/17 18:49:10 | 001,017,856 | ---- | M] (eRightSoft) -- C:\Program Files (x86)\eRightSoft\SUPER\SUPER.exe

PRC - [2014/09/16 20:15:08 | 002,460,488 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

PRC - [2014/09/16 20:14:57 | 001,795,912 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

PRC - [2014/09/13 14:12:58 | 000,411,968 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

PRC - [2014/09/05 23:22:44 | 002,284,128 | ---- | M] (MicroTools) -- C:\Program Files (x86)\YouTube Downloader Services\youtubeserv.exe

PRC - [2014/09/02 09:35:36 | 000,281,448 | ---- | M] (Binary Fortress Software) -- C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6032.exe

PRC - [2014/06/25 05:23:46 | 000,804,472 | ---- | M] () -- C:\Program Files (x86)\System Optimizer Pro\SystemOptimizerPro.exe

PRC - [2014/04/17 20:07:28 | 004,672,920 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Mikey\AppData\Local\Akamai\netsession_win.exe

PRC - [2014/03/11 22:36:06 | 000,247,968 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE

PRC - [2013/12/30 15:07:06 | 000,307,928 | ---- | M] () -- C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe

PRC - [2013/10/22 17:38:50 | 001,103,712 | ---- | M] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) -- C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe

PRC - [2013/04/07 10:31:26 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe

PRC - [2013/03/12 06:32:58 | 000,506,744 | ---- | M] (Oracle Corporation) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe

PRC - [2012/05/21 01:26:26 | 000,291,648 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

========== Modules (No Company Name) ==========

MOD - [2014/10/22 16:38:03 | 002,664,227 | -HS- | M] () -- C:\Users\Mikey\AppData\Roaming\amde.exe

MOD - [2014/10/21 13:22:58 | 002,226,880 | ---- | M] () -- D:\Program Files (x86)\Steam\video.dll

MOD - [2014/10/21 13:22:40 | 000,682,176 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\chromehtml.dll

MOD - [2014/10/16 03:34:19 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\99cdfef98595ed91f14936cf52a49c54\System.Management.ni.dll

MOD - [2014/10/16 03:29:17 | 006,638,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\4b335bfaa07fc54f2d72213d33f53e97\System.Data.ni.dll

MOD - [2014/10/16 03:28:59 | 012,435,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1453d9e9a4989833ef3db4b22549ba1a\System.Windows.Forms.ni.dll

MOD - [2014/10/16 03:28:53 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\836e10dfd0811b303553216f5cb092ef\System.Drawing.ni.dll

MOD - [2014/10/16 03:28:50 | 005,467,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\2cf12fa95900b4488a6cb9e4aac51c5c\System.Xml.ni.dll

MOD - [2014/10/16 03:28:47 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\237d509a79aeef6e4635b09450d98f2a\System.Configuration.ni.dll

MOD - [2014/10/16 03:28:36 | 007,991,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\908ba9e296e92b4e14bdc2437edac603\System.ni.dll

MOD - [2014/10/11 13:05:58 | 001,044,776 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

MOD - [2014/10/09 20:04:02 | 008,910,664 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\pdf.dll

MOD - [2014/10/09 20:03:56 | 001,042,760 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libglesv2.dll

MOD - [2014/10/09 20:03:54 | 000,211,272 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libegl.dll

MOD - [2014/10/09 20:03:53 | 001,681,224 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\ffmpegsumo.dll

MOD - [2014/10/01 17:16:02 | 000,774,656 | ---- | M] () -- D:\Program Files (x86)\Steam\SDL2.dll

MOD - [2014/09/18 17:03:44 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\0483c93466914f3fbd5b44454b0c8a98\Accessibility.ni.dll

MOD - [2014/09/18 17:03:31 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll

MOD - [2014/09/17 18:46:40 | 000,923,648 | -HS- | M] () -- C:\Program Files (x86)\eRightSoft\SUPER\spk\flvdec.spk

MOD - [2014/09/04 17:29:26 | 034,589,376 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\libcef.dll

MOD - [2014/09/04 17:29:26 | 000,837,824 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\ffmpegsumo.dll

MOD - [2014/08/21 12:15:22 | 001,171,456 | ---- | M] () -- D:\Program Files (x86)\Steam\libavcodec-56.dll

MOD - [2014/08/21 12:15:22 | 000,485,888 | ---- | M] () -- D:\Program Files (x86)\Steam\libswscale-3.dll

MOD - [2014/08/21 12:15:22 | 000,442,368 | ---- | M] () -- D:\Program Files (x86)\Steam\libavutil-54.dll

MOD - [2014/08/21 12:15:22 | 000,403,968 | ---- | M] () -- D:\Program Files (x86)\Steam\libavformat-56.dll

MOD - [2014/08/21 12:15:22 | 000,332,800 | ---- | M] () -- D:\Program Files (x86)\Steam\libavresample-2.dll

MOD - [2014/06/25 05:23:46 | 000,804,472 | ---- | M] () -- C:\Program Files (x86)\System Optimizer Pro\SystemOptimizerPro.exe

MOD - [2014/03/20 16:49:19 | 002,952,704 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll

MOD - [2014/03/07 11:03:58 | 000,109,712 | -HS- | M] () -- C:\Windows\SysWOW64\libbluray.dll

MOD - [2014/01/20 13:17:04 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

MOD - [2013/09/26 13:50:14 | 000,433,664 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libxml2.dll

MOD - [2013/09/26 13:49:28 | 000,315,392 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libtidy.dll

MOD - [2012/10/05 19:54:00 | 000,188,416 | -HS- | M] () -- C:\Windows\SysWOW64\winDCE32.dll

MOD - [2011/06/14 20:05:10 | 000,121,344 | -HS- | M] () -- C:\Windows\SysWOW64\TAKDSDecoder.ax

MOD - [2011/02/11 10:26:20 | 000,112,128 | -HS- | M] () -- C:\Windows\SysWOW64\OptimFROG.dll

MOD - [2010/01/07 00:00:00 | 000,107,520 | -HS- | M] () -- C:\Windows\SysWOW64\TAKDSDecoder.dll

MOD - [2009/08/10 23:00:00 | 000,352,768 | -HS- | M] () -- C:\Windows\SysWOW64\ac3DX.ax

MOD - [2008/06/12 11:31:00 | 000,028,160 | -HS- | M] () -- C:\Program Files (x86)\eRightSoft\SUPER\spk\SmabT.spk

MOD - [2005/02/22 17:55:02 | 000,081,920 | -HS- | M] () -- C:\Windows\SysWOW64\aac_parser.ax

========== Services (SafeList) ==========

SRV:64bit: - [2014/09/18 19:25:49 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)

SRV:64bit: - [2014/09/16 20:14:56 | 001,148,744 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)

SRV:64bit: - [2014/09/16 20:14:52 | 019,439,944 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)

SRV:64bit: - [2014/08/22 14:14:34 | 000,368,624 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)

SRV:64bit: - [2014/08/22 14:14:34 | 000,023,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)

SRV:64bit: - [2013/05/26 23:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV - [2014/10/20 23:51:28 | 002,973,600 | ---- | M] (MicroStudio) [Auto | Running] -- C:\Program Files (x86)\Windows Network Accelerater\v3\winvxm.exe -- (WindowsVNT_R3)

SRV - [2014/09/25 10:09:26 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2014/09/16 20:14:57 | 001,795,912 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)

SRV - [2014/09/13 14:12:58 | 000,411,968 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)

SRV - [2014/09/09 22:35:04 | 005,278,064 | ---- | M] (Binary Fortress Software) [Auto | Running] -- C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe -- (DisplayFusionService)

SRV - [2014/09/05 23:22:44 | 002,284,128 | ---- | M] (MicroTools) [Auto | Running] -- C:\Program Files (x86)\YouTube Downloader Services\youtubeserv.exe -- (YouTubeDownload)

SRV - [2014/07/18 12:13:20 | 000,009,216 | ---- | M] (Hi-Rez Studios) [Auto | Paused] -- D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe -- (HiPatchService)

SRV - [2014/03/20 16:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2014/03/11 22:36:06 | 000,247,968 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE -- (BBUpdate)

SRV - [2014/03/11 22:36:06 | 000,193,696 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE -- (BBSvc)

SRV - [2014/02/25 15:57:46 | 000,568,512 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)

SRV - [2014/01/19 12:50:33 | 000,049,152 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\BattlEye\BEService.exe -- (BEService)

SRV - [2013/12/30 15:07:06 | 000,307,928 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe -- (WSWNDA3100v2)

SRV - [2013/09/11 20:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2013/04/07 10:31:26 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)

SRV - [2010/08/10 21:37:08 | 000,334,848 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\Printer Utilities\UsbService64.exe -- (UsbService)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/09/16 22:51:20 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)

DRV:64bit: - [2014/09/16 20:14:52 | 000,019,272 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)

DRV:64bit: - [2014/09/04 13:14:38 | 000,038,048 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)

DRV:64bit: - [2014/07/28 13:52:00 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)

DRV:64bit: - [2014/07/17 17:05:06 | 000,125,584 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)

DRV:64bit: - [2014/07/01 15:26:21 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)

DRV:64bit: - [2014/04/13 13:06:19 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)

DRV:64bit: - [2013/10/01 20:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2013/07/25 15:53:46 | 000,023,040 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)

DRV:64bit: - [2013/01/18 23:52:08 | 000,046,568 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ISCTD64.sys -- (ISCT)

DRV:64bit: - [2012/11/07 18:00:32 | 000,102,400 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\XHCIdrv.sys -- (XHCIdrv)

DRV:64bit: - [2012/10/02 16:26:46 | 000,066,360 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys -- (LGSHidFilt)

DRV:64bit: - [2012/09/19 10:02:08 | 000,102,368 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)

DRV:64bit: - [2012/09/19 10:02:06 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)

DRV:64bit: - [2012/08/23 08:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)

DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV:64bit: - [2012/07/17 18:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)

DRV:64bit: - [2012/05/21 01:25:30 | 000,789,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)

DRV:64bit: - [2012/05/21 01:25:30 | 000,357,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)

DRV:64bit: - [2012/05/21 01:25:30 | 000,019,264 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)

DRV:64bit: - [2012/03/01 00:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2012/02/15 23:42:00 | 000,676,968 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)

DRV:64bit: - [2011/12/26 15:27:24 | 000,015,288 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\ampa.sys -- (ampa)

DRV:64bit: - [2011/12/12 16:42:00 | 001,256,192 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcmwlhigh664.sys -- (BCMH43XX)

DRV:64bit: - [2011/03/11 00:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011/03/11 00:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2010/11/20 07:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010/02/03 10:21:56 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)

DRV:64bit: - [2009/11/23 19:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)

DRV:64bit: - [2009/11/23 19:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)

DRV:64bit: - [2009/10/22 20:45:40 | 001,155,072 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cmudax3.sys -- (cmuda3)

DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)

DRV:64bit: - [2007/12/17 10:25:14 | 000,047,616 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vuhub.sys -- (vuhub)

DRV - [2011/01/06 11:06:56 | 000,011,888 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Setup Files\Ms7758v270\NTIOLib_X64.sys -- (NTIOLib_1_0_6)

DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 57 27 BB F1 6F 39 CE 01 [binary data]

IE - HKCU\..\SearchScopes,DefaultScope = {E6957116-DFE1-4A9E-9922-66747C34C5F0}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR

IE - HKCU\..\SearchScopes\{E6957116-DFE1-4A9E-9922-66747C34C5F0}: "URL" = https://search.yahoo...p={searchTerms}

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll File not found

FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.2: C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll File not found

FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: D:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll File not found

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll File not found

========== Chrome ==========

CHR - default_search_provider: (Enabled)

CHR - default_search_provider: search_url =

CHR - default_search_provider: suggest_url =

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\PepperFlash\pepflashplayer.dll

CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\pdf.dll

CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll

CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll

CHR - plugin: Java™ Platform SE 7 U17 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll

CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll

CHR - plugin: iTunes Application Detector (Enabled) = D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

CHR - Extension: No name found = C:\Users\Mikey\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\

CHR - Extension: No name found = C:\Users\Mikey\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\

CHR - Extension: No name found = C:\Users\Mikey\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\

CHR - Extension: No name found = C:\Users\Mikey\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\

CHR - Extension: No name found = C:\Users\Mikey\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh\5.0.203.0_0\

CHR - Extension: No name found = C:\Users\Mikey\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\

CHR - Extension: No name found = C:\Users\Mikey\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbangkleohkafngihneedemihgfeikcl\1.0_0\

CHR - Extension: No name found = C:\Users\Mikey\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd\7.9.23.1_0\ietab_nm_

CHR - Extension: No name found = C:\Users\Mikey\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd\7.9.23.1_0\

CHR - Extension: No name found = C:\Users\Mikey\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\

CHR - Extension: No name found = C:\Users\Mikey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc\6.2.6_0\

CHR - Extension: No name found = C:\Users\Mikey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

CHR - Extension: No name found = C:\Users\Mikey\AppData\Local\Google\Chrome\User Data\Default\Extensions\poknhlcknimnnbfcombaooklofipaibk\0.71_0\

O1 HOSTS File: ([2014/07/20 12:57:40 | 000,001,114 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 secure.tune-up.com

O1 - Hosts: 127.0.0.1 www.order.tune-up.com

O1 - Hosts: 127.0.0.1 www.tune-up.com

O1 - Hosts: 127.0.0.1 www.tune-up.com/order

O1 - Hosts: 127.0.0.1 www.registertuneup.com

O1 - Hosts: 127.0.0.1 www.tuneup.de

O2:64bit: - BHO: (Bing Bar Helper) - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)

O2 - BHO: (Bing Bar Helper) - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)

O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Evernote extension) - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)

O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O3:64bit: - HKLM\..\Toolbar: (Bing Bar) - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)

O3 - HKLM\..\Toolbar: (Bing Bar) - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)

O4:64bit: - HKLM..\Run: [CmPCIaudio] C:\Windows\Syswow64\CMICNFG3.dll (C-Media Corporation)

O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)

O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)

O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)

O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)

O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Mikey\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)

O4 - HKCU..\Run: [DAEMON Tools Lite] D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)

O4 - HKCU..\Run: [DisplayFusion] C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe (Binary Fortress Software)

O4 - HKCU..\Run: [MIKEY-PC] C:\Users\Mikey\AppData\Roaming\amde.exe ()

O4 - HKCU..\Run: [Polar FlowSync] File not found

O4 - HKCU..\Run: [uTorrent] C:\Users\Mikey\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)

O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_152_Plugin.exe (Adobe Systems Incorporated)

O4 - Startup: C:\Users\Mikey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)

O4 - Startup: C:\Users\Mikey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mikey.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8:64bit: - Extra context menu item: Clip Image - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4 File not found

O8:64bit: - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3 File not found

O8:64bit: - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1 File not found

O8:64bit: - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 File not found

O8:64bit: - Extra context menu item: New Note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html ()

O8 - Extra context menu item: Clip Image - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4 File not found

O8 - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3 File not found

O8 - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1 File not found

O8 - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 File not found

O8 - Extra context menu item: New Note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html ()

O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html ()

O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html ()

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)

O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)

O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)

O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.76.76 75.75.75.75

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3BF4E769-46BD-4571-BB93-E872E083219D}: DhcpNameServer = 75.75.76.76 75.75.75.75

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7A7F8854-1B54-4F75-AA15-9231B94DF7DD}: DhcpNameServer = 172.20.10.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FC432855-1375-47CE-9F60-1E1BAA5928DB}: DhcpNameServer = 172.20.10.1

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2014/03/02 15:15:49 | 000,000,000 | ---D | M] - D:\Automatically Add to iTunes -- [ NTFS ]

O32 - AutoRun File - [2007/06/11 20:27:33 | 000,000,140 | R--- | M] () - F:\autorun.inf -- [ UDF ]

O33 - MountPoints2\{776c501c-0161-11e4-9536-d43d7e49cda2}\Shell - "" = AutoRun

O33 - MountPoints2\{776c501c-0161-11e4-9536-d43d7e49cda2}\Shell\AutoRun\command - "" = F:\Setup\rsrc\AUTORUN.EXE -- [2007/03/22 17:57:09 | 000,051,336 | R--- | M] ()

O33 - MountPoints2\{776c501c-0161-11e4-9536-d43d7e49cda2}\Shell\dinstall\command - "" = F:\DirectX\DXSETUP.exe -- [2007/05/31 21:23:56 | 000,503,144 | R--- | M] (Microsoft Corporation)

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/10/25 12:41:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Miro Video Converter

[2014/10/25 12:41:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Participatory Culture Foundation

[2014/10/25 12:38:24 | 000,000,000 | ---D | C] -- C:\Users\Mikey\AppData\Roaming\VOPackage

[2014/10/25 12:38:24 | 000,000,000 | ---D | C] -- C:\Users\Mikey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage

[2014/10/25 12:38:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Windows VXM

[2014/10/25 12:38:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Network Accelerater

[2014/10/25 12:37:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Optimizer

[2014/10/25 12:37:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\YouTube Downloader Services

[2014/10/25 12:37:26 | 000,764,416 | -HS- | C] (Abysmal Software) -- C:\Windows\SysWow64\devil.dll

[2014/10/25 12:37:25 | 000,415,744 | -HS- | C] (The Public) -- C:\Windows\SysWow64\avisynth.dll

[2014/10/25 12:37:24 | 000,070,656 | -HS- | C] (www.helixcommunity.org) -- C:\Windows\SysWow64\yv12vfw.dll

[2014/10/25 12:37:23 | 000,070,656 | -HS- | C] (www.helixcommunity.org) -- C:\Windows\SysWow64\i420vfw.dll

[2014/10/25 12:35:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\System Optimizer Pro

[2014/10/25 12:34:22 | 000,000,000 | ---D | C] -- C:\Users\Mikey\Documents\eRightSoft

[2014/10/25 12:34:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ver0BlockAndSurf

[2014/10/25 12:34:14 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\SysWow64\pncrt.dll

[2014/10/25 12:34:13 | 000,550,032 | -HS- | C] (FFmpeg Project) -- C:\Windows\SysWow64\avformat-lav-55.dll

[2014/10/25 12:34:13 | 000,181,392 | -HS- | C] (FFmpeg Project) -- C:\Windows\SysWow64\avutil-lav-52.dll

[2014/10/25 12:34:13 | 000,118,416 | -HS- | C] (FFmpeg Project) -- C:\Windows\SysWow64\swscale-lav-2.dll

[2014/10/25 12:34:13 | 000,098,960 | -HS- | C] (FFmpeg Project) -- C:\Windows\SysWow64\avfilter-lav-4.dll

[2014/10/25 12:34:13 | 000,059,536 | -HS- | C] (FFmpeg Project) -- C:\Windows\SysWow64\avresample-lav-1.dll

[2014/10/25 12:34:12 | 003,109,520 | -HS- | C] (FFmpeg Project) -- C:\Windows\SysWow64\avcodec-lav-55.dll

[2014/10/25 12:34:12 | 000,313,520 | -HS- | C] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysWow64\HLvideo.dll

[2014/10/25 12:34:12 | 000,203,408 | -HS- | C] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysWow64\HLsplit.dll

[2014/10/25 12:34:12 | 000,122,512 | -HS- | C] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysWow64\HLaudio.dll

[2014/10/25 12:34:11 | 000,017,408 | -HS- | C] (RadLight) -- C:\Windows\SysWow64\RLOFRDec.ax

[2014/10/25 12:33:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\eRightSoft

[2014/10/22 21:59:00 | 000,000,000 | -HSD | C] -- C:\Users\Mikey\AppData\Roaming\MIKEY-PC

[2014/10/21 19:16:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

[2014/10/21 19:15:39 | 000,000,000 | ---D | C] -- C:\Program Files\iPod

[2014/10/21 19:15:38 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes

[2014/10/21 19:15:38 | 000,000,000 | ---D | C] -- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7

[2014/10/18 16:44:05 | 000,000,000 | ---D | C] -- C:\Users\Mikey\AppData\Local\fontconfig

[2014/10/18 16:42:41 | 000,000,000 | ---D | C] -- C:\Users\Mikey\Documents\convertedVideos

[2014/10/18 16:42:40 | 000,000,000 | ---D | C] -- C:\Users\Mikey\AppData\Local\SkinSoft

[2014/10/18 16:42:07 | 000,000,000 | ---D | C] -- C:\Users\Mikey\AppData\Roaming\Convert Audio Free

[2014/10/16 03:03:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft ASP.NET

[2014/09/28 14:51:28 | 000,000,000 | ---D | C] -- D:\Desktop\Guild Wars 2

[2014/09/28 10:42:58 | 000,000,000 | ---D | C] -- C:\ProgramData\NexonUS

[2014/09/28 10:41:58 | 000,000,000 | ---D | C] -- C:\Users\Mikey\Documents\Vindictus

[2014/09/28 07:51:04 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner

[2014/09/27 16:55:26 | 000,000,000 | ---D | C] -- D:\Desktop\hike

========== Files - Modified Within 30 Days ==========

[2014/10/25 12:41:50 | 000,002,385 | ---- | M] () -- C:\Users\Public\Desktop\Miro Video Converter.lnk

[2014/10/25 12:28:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2014/10/25 12:09:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2014/10/25 11:28:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2014/10/24 20:16:22 | 000,782,470 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2014/10/24 20:16:22 | 000,662,384 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2014/10/24 20:16:22 | 000,122,252 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2014/10/24 20:11:23 | 000,000,222 | ---- | M] () -- D:\Desktop\DayZ.url

[2014/10/24 16:36:18 | 000,027,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2014/10/24 16:36:18 | 000,027,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2014/10/24 16:29:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2014/10/22 22:03:19 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys

[2014/10/22 18:08:08 | 000,001,106 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2014/10/22 16:38:03 | 002,664,227 | --S- | M] () -- C:\Users\Mikey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mikey.exe

[2014/10/22 16:38:03 | 002,664,227 | -HS- | M] () -- C:\Users\Mikey\AppData\Roaming\amde.exe

[2014/10/21 19:16:06 | 000,001,578 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk

[2014/10/18 16:42:41 | 000,000,096 | ---- | M] () -- C:\Users\Mikey\AppData\Roaming\settings.xml

[2014/10/16 03:22:33 | 000,295,216 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2014/10/04 11:21:29 | 000,000,921 | ---- | M] () -- D:\Desktop\Gw2.exe - Shortcut.lnk

[2014/10/01 11:11:26 | 000,063,704 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys

[2014/10/01 11:11:16 | 000,093,400 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys

[2014/10/01 11:11:12 | 000,025,816 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2014/09/28 07:51:09 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2014/09/28 07:43:05 | 000,001,026 | ---- | M] () -- D:\Desktop\TreeSize Free.lnk

========== Files Created - No Company Name ==========

[2014/10/25 12:37:25 | 000,032,256 | -HS- | C] () -- C:\Windows\SysWow64\AVSredirect.dll

[2014/10/25 12:34:13 | 000,109,712 | -HS- | C] () -- C:\Windows\SysWow64\libbluray.dll

[2014/10/25 12:34:12 | 000,188,416 | -HS- | C] () -- C:\Windows\SysWow64\winDCE32.dll

[2014/10/25 12:34:12 | 000,121,344 | -HS- | C] () -- C:\Windows\SysWow64\TAKDSDecoder.ax

[2014/10/25 12:34:12 | 000,107,520 | -HS- | C] () -- C:\Windows\SysWow64\TAKDSDecoder.dll

[2014/10/25 12:34:11 | 000,352,768 | -HS- | C] () -- C:\Windows\SysWow64\ac3DX.ax

[2014/10/25 12:34:11 | 000,112,128 | -HS- | C] () -- C:\Windows\SysWow64\OptimFROG.dll

[2014/10/25 12:34:11 | 000,081,920 | -HS- | C] () -- C:\Windows\SysWow64\aac_parser.ax

[2014/10/24 20:11:23 | 000,000,222 | ---- | C] () -- D:\Desktop\DayZ.url

[2014/10/22 21:58:52 | 002,664,227 | --S- | C] () -- C:\Users\Mikey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mikey.exe

[2014/10/22 21:58:48 | 002,664,227 | -HS- | C] () -- C:\Users\Mikey\AppData\Roaming\amde.exe

[2014/10/22 18:08:08 | 000,001,106 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2014/10/18 16:42:41 | 000,000,096 | ---- | C] () -- C:\Users\Mikey\AppData\Roaming\settings.xml

[2014/10/04 11:21:29 | 000,000,921 | ---- | C] () -- D:\Desktop\Gw2.exe - Shortcut.lnk

[2014/09/28 07:51:09 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2014/09/28 07:43:05 | 000,001,026 | ---- | C] () -- D:\Desktop\TreeSize Free.lnk

[2014/08/23 23:46:46 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll

[2014/06/30 10:46:28 | 000,000,037 | -HS- | C] () -- C:\Users\Mikey\AppData\Local\70149b02515b3bb20dd492.47983420

[2014/06/29 12:27:31 | 000,000,038 | -HS- | C] () -- C:\Users\Mikey\AppData\Local\134e6589520e51682091c0.32666518

[2014/05/29 12:56:36 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe

[2014/03/30 10:41:03 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat

[2013/04/07 11:47:18 | 000,000,045 | ---- | C] () -- C:\Users\Mikey\jagex_cl_runescape_LIVE1.dat

[2013/04/07 11:44:51 | 000,000,046 | ---- | C] () -- C:\Users\Mikey\jagex_cl_loginapplet_LIVE.dat

[2013/04/07 11:40:32 | 000,000,044 | ---- | C] () -- C:\Users\Mikey\jagex_cl_runescape_LIVE.dat

[2013/04/07 11:40:32 | 000,000,024 | ---- | C] () -- C:\Users\Mikey\random.dat

[2013/02/24 18:50:58 | 000,270,240 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe

[2013/02/24 18:50:57 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe

[2013/02/03 12:02:16 | 000,122,900 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat

[2013/01/26 13:05:40 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini

[2012/12/15 01:28:05 | 000,018,038 | ---- | C] () -- C:\Users\Mikey\whisper_notify.wav

[2012/12/12 20:49:54 | 000,774,592 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2012/12/12 20:15:50 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\VmixP6.dll

[2012/12/12 20:15:50 | 000,000,188 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.cfl

[2012/12/12 20:15:49 | 000,002,641 | ---- | C] () -- C:\Windows\cmudax3.ini

[2012/12/12 20:15:49 | 000,002,123 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.cfg

[2012/12/12 20:15:49 | 000,000,124 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.imi

========== ZeroAccess Check ==========

[2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2014/06/24 20:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2014/06/24 19:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/08/21 07:11:31 | 000,857,088 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/08/21 07:37:44 | 000,636,928 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/08/21 07:08:38 | 000,453,120 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/11/29 10:58:18 | 000,000,000 | ---D | M] -- C:\Users\Mikey\AppData\Roaming\.minecraft

[2014/03/02 11:33:34 | 000,000,000 | ---D | M] -- C:\Users\Mikey\AppData\Roaming\8BitMMO

[2014/09/23 21:07:42 | 000,000,000 | ---D | M] -- C:\Users\Mikey\AppData\Roaming\Arrowhead

[2013/12/25 13:55:20 | 000,000,000 | ---D | M] -- C:\Users\Mikey\AppData\Roaming\Battle.net

[2014/09/23 21:36:11 | 000,000,000 | ---D | M] -- C:\Users\Mikey\AppData\Roaming\Bitdreamers

[2014/10/18 16:42:07 | 000,000,000 | ---D | M] -- C:\Users\Mikey\AppData\Roaming\Convert Audio Free

[2014/09/28 07:54:33 | 000,000,000 | ---D | M] -- C:\Users\Mikey\AppData\Roaming\DAEMON Tools Lite

[2013/04/06 15:09:51 | 000,000,000 | ---D | M] -- C:\Users\Mikey\AppData\Roaming\DAoC Portal

[2013/04/27 08:57:11 | 000,000,000 | ---D | M] -- C:\Users\Mikey\AppData\Roaming\Darkfall

[2014/09/23 07:24:32 | 000,000,000 | ---D | M] -- C:\Users\Mikey\AppData\Roaming\DisplayFusion

[2013/04/06 15:00:24 | 000,000,000 | ---D | M] -- C:\Users\Mikey\AppData\Roaming\Electronic Arts

[2013/05/01 19:40:48 | 000,000,000 | ---D | M] -- C:\Users\Mikey\AppData\Roaming\EVEMon

[2014/09/28 07:54:33 | 000,000,000 | ---D | M] -- C:\Users\Mikey\AppData\Roaming\FileZilla

[2013/04/27 08:07:03 | 000,000,000 | ---D | M] -- C:\Users\Mikey\AppData\Roaming\Foxit Software

[2014/09/28 14:53:00 | 000,000,000 | ---D | M] -- C:\Users\Mikey\AppData\Roaming\Guild Wars 2

[2013/02/24 17:15:26 | 000,000,000 | ---D | M] -- C:\Users\Mikey\AppData\Roaming\JAM Software

[2013/01/01 15:41:49 | 000,000,000 | ---D | M] -- C:\Users\Mikey\AppData\Roaming\Leadertech

[2014/10/22 21:59:02 | 000,000,000 | -HSD | M] -- C:\Users\Mikey\AppData\Roaming\MIKEY-PC

[2014/03/29 10:09:15 | 000,000,000 | ---D | M] -- C:\Users\Mikey\AppData\Roaming\Mumble

[2014/07/20 13:02:44 | 000,000,000 | ---D | M] -- C:\Users\Mikey\AppData\Roaming\MusicBrainz

[2012/12/23 10:19:52 | 000,000,000 | ---D | M] -- C:\Users\Mikey\AppData\Roaming\OpenOffice.org

[2014/03/01 14:07:48 | 000,000,000 | ---D | M] -- C:\Users\Mikey\AppData\Roaming\Origin

[2013/06/07 22:52:32 | 000,000,000 | ---D | M] -- C:\Users\Mikey\AppData\Roaming\RIFT

[2014/03/02 17:34:25 | 000,000,000 | ---D | M] -- C:\Users\Mikey\AppData\Roaming\steamvr

[2012/12/12 19:55:35 | 000,000,000 | ---D | M] -- C:\Users\Mikey\AppData\Roaming\SystemRequirementsLab

[2014/04/13 13:06:59 | 000,000,000 | ---D | M] -- C:\Users\Mikey\AppData\Roaming\Titanium

[2014/07/20 12:59:16 | 000,000,000 | ---D | M] -- C:\Users\Mikey\AppData\Roaming\TuneUpMedia

[2014/10/25 12:22:49 | 000,000,000 | ---D | M] -- C:\Users\Mikey\AppData\Roaming\uTorrent

[2014/10/25 12:38:24 | 000,000,000 | ---D | M] -- C:\Users\Mikey\AppData\Roaming\VOPackage

[2013/05/27 14:05:55 | 000,000,000 | ---D | M] -- C:\Users\Mikey\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}

========== Purity Check ==========

========== Files - Unicode (All) ==========

[2013/03/02 01:42:31 | 000,000,000 | ---D | M](C:\Users\Mikey\Documents\?? ???) -- C:\Users\Mikey\Documents\넥슨 플러그

[2013/03/02 01:42:31 | 000,000,000 | ---D | C](C:\Users\Mikey\Documents\?? ???) -- C:\Users\Mikey\Documents\넥슨 플러그

< End of report >