Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Another virus that my AV isn't removing [Closed]

Started by Izzy1665 , Nov 01 2014 05:55 PM
Virus win32 zperm win32 zperm

  • This topic is locked This topic is locked

#1
Izzy1665
Posted 01 November 2014 - 05:55 PM

Izzy1665

    Member

  • Member
  • PipPipPip
  • 121 posts

Had to use the wonderful services provided here by the experts once before and they did a top notch job but sadly I think my son has somehow gotten a new virus on this system again. Much thanks up front to the tech who assists me with this.

 

OTL logfile created on: 11/1/2014 1:36:55 PM - Run 4
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Living Room\Downloads\Antivirus stuff
 Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Int ernet Explorer (Version = 9.11.9600.17358)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.25 Gb Total Physical Memory | 1.49 Gb Available Physical Memory | 45.91% Memory free
6.49 Gb Paging File | 4.48 Gb Available in Paging File | 68.92% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 508.38 Gb Total Space | 90.62 Gb Free Space | 17.83% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive E: | 205.61 Gb Total Space | 165.16 Gb Free Space | 80.33% Space Free | Partition Type: NTFS
Drive F: | 100.00 Mb Total Space | 36.72 Mb Free Space | 36.72% Space Free | Partition Type: NTFS
Drive Z: | 217.42 Gb Total Space | 85.51 Gb Free Space | 39.33% Space Free | Partition Type: NTFS
 
Computer Name: LIVINGROOM-PC | User Name: Living Room | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/11/01 13:18:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Living Room\Downloads\Antivirus stuff\OTL(1).exe
PRC - [2014/10/30 15:29:49 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2014/10/29 12:18:30 | 004,826,904 | ---- | M] (Piriform Ltd) -- C:\Program Files\CCleaner\CCleaner.exe
PRC - [2014/10/21 09:46:47 | 000,230,792 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.25.5\GoogleCrashHandler.exe
PRC - [2014/10/19 17:47:31 | 004,816,568 | ---- | M] (Emsisoft GmbH) -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe
PRC - [2014/10/15 14:06:24 | 007,670,592 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe
PRC - [2014/10/15 13:56:50 | 000,656,376 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe
PRC - [2014/10/08 12:05:44 | 000,457,216 | ---- | M] (Skillbrains) -- C:\Users\Living Room\AppData\Local\Skillbrains\lightshot\5.1.4.17\Lightshot.exe
PRC - [2014/09/16 22:15:08 | 002,460,488 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014/09/16 22:14:57 | 001,795,912 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2014/09/16 22:14:56 | 000,915,784 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
PRC - [2014/09/16 22:14:55 | 018,044,744 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
PRC - [2014/09/12 05:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/09/05 16:34:22 | 003,364,368 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2015\avgidsagent.exe
PRC - [2014/09/05 16:29:52 | 003,593,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2015\avgui.exe
PRC - [2014/09/05 16:26:36 | 000,659,472 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2015\avgemcx.exe
PRC - [2014/09/05 16:24:58 | 000,848,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2015\avgnsx.exe
PRC - [2014/09/05 16:24:46 | 000,842,768 | ---- | M] (AVG Technologies CZ, s.r.o.) -- c:\Program Files\AVG\AVG2015\avgrsx.exe
PRC - [2014/09/05 16:23:18 | 000,293,448 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2015\avgwdsvc.exe
PRC - [2014/09/05 16:22:58 | 000,693,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2015\avgcsrvx.exe
PRC - [2014/07/25 04:42:20 | 001,562,264 | ---- | M] (Samsung) -- C:\Program Files\SAMSUNG\Kies\Kies.exe
PRC - [2014/07/02 15:42:26 | 000,940,320 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2014/07/02 15:42:25 | 001,818,968 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2014/07/02 13:39:15 | 000,413,128 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2014/06/03 13:44:20 | 000,173,792 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe
PRC - [2014/03/19 22:48:52 | 000,118,360 | ---- | M] () -- c:\Program Files\Real\RealPlayer\RPDS\Tools\ffmpeg\ffprobe.exe
PRC - [2014/03/19 22:48:51 | 001,141,336 | ---- | M] (RealNetworks, Inc.) -- c:\Program Files\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
PRC - [2014/03/19 22:48:51 | 000,814,176 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe
PRC - [2014/03/19 22:48:37 | 000,296,520 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2014/02/12 16:29:36 | 000,023,552 | ---- | M] () -- C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe
PRC - [2014/02/12 14:42:30 | 000,367,192 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
PRC - [2014/02/12 14:42:10 | 000,039,568 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2013/12/09 23:41:59 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2013/09/27 14:46:26 | 000,559,696 | ---- | M] (Lavasoft) -- C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
PRC - [2013/05/13 13:20:52 | 000,384,840 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files\BlueStacks\HD-LogRotatorService.exe
PRC - [2013/03/06 19:29:30 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/10/30 20:10:48 | 000,196,624 | ---- | M] (Nitro PDF Software) -- C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe
PRC - [2012/10/23 18:58:52 | 000,120,728 | ---- | M] () -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
PRC - [2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/11/01 12:07:49 | 000,223,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\eacbcf2834feb7da3b4bda51898a3c4e\System.ServiceProcess.ni.dll
MOD - [2014/11/01 12:07:15 | 007,014,912 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\9434e054c3fa05670bcf1072d3bf6041\System.Core.ni.dll
MOD - [2014/11/01 12:07:08 | 001,903,616 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\a0940ae1341110dba777edbd0492905a\System.Xaml.ni.dll
MOD - [2014/11/01 12:07:07 | 007,721,472 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\fd3b696a1e6977d7ea9a66e685c632f9\System.Xml.ni.dll
MOD - [2014/11/01 12:07:03 | 000,976,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\922aa0fd32a61083434cb8db6282d032\System.Configuration.ni.dll
MOD - [2014/11/01 12:07:01 | 000,802,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\2ca11cc79c78d7812d26a107190c6353\System.Runtime.Remoting.ni.dll
MOD - [2014/11/01 12:06:39 | 018,895,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\0ac22c209dace3988822c3ae15ba6f86\PresentationFramework.ni.dll
MOD - [2014/11/01 12:06:21 | 011,037,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\11048bd3007bf0bd35fac6459d9f296e\PresentationCore.ni.dll
MOD - [2014/11/01 12:06:09 | 003,957,248 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\f5a26a82eef946dc4e73d5c78507564d\WindowsBase.ni.dll
MOD - [2014/11/01 12:06:05 | 010,098,176 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\f117ed1e1f999d390d4e6862a419da98\System.ni.dll
MOD - [2014/11/01 12:05:58 | 015,434,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\52ff15867be096f88222a6c6a7e9e8b3\mscorlib.ni.dll
MOD - [2014/10/30 15:29:47 | 003,649,648 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2014/10/15 14:06:40 | 000,087,896 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_thread-vc100-mt-1_55.dll
MOD - [2014/10/15 14:06:40 | 000,022,360 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_system-vc100-mt-1_55.dll
MOD - [2014/10/15 14:06:38 | 000,405,848 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_locale-vc100-mt-1_55.dll
MOD - [2014/10/15 14:06:38 | 000,107,872 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_filesystem-vc100-mt-1_55.dll
MOD - [2014/10/15 14:06:36 | 000,048,480 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_date_time-vc100-mt-1_55.dll
MOD - [2014/10/15 14:06:36 | 000,030,040 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_chrono-vc100-mt-1_55.dll
MOD - [2014/10/15 14:06:30 | 002,423,600 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\RCF.dll
MOD - [2014/10/15 14:06:28 | 001,626,432 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\HtmlFramework.dll
MOD - [2014/10/15 14:06:28 | 000,641,344 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\Localization.dll
MOD - [2014/10/15 14:06:26 | 000,056,632 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\DllStorage.dll
MOD - [2014/10/15 14:06:24 | 007,670,592 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe
MOD - [2014/10/15 14:06:24 | 000,870,224 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTrayDefaultSkin.dll
MOD - [2014/03/19 22:48:51 | 000,571,992 | ---- | M] () -- c:\Program Files\Real\RealPlayer\RPDS\Lib\r1api.dll
MOD - [2013/12/21 09:24:28 | 001,559,064 | ---- | M] () -- C:\Program Files\AVG SafeGuard toolbar\TBAPI.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2014/11/01 11:18:14 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2014/10/30 15:29:48 | 000,114,288 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/10/22 05:25:38 | 000,997,664 | ---- | M] (Overwolf LTD) [On_Demand | Stopped] -- C:\Program Files\Overwolf\OverwolfUpdater.exe -- (OverwolfUpdater)
SRV - [2014/10/19 17:47:31 | 004,816,568 | ---- | M] (Emsisoft GmbH) [Auto | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware)
SRV - [2014/10/17 22:41:39 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/10/15 13:56:50 | 000,656,376 | ---- | M] () [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe -- (LavasoftAdAwareService11)
SRV - [2014/09/16 22:14:57 | 001,795,912 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014/09/16 22:14:56 | 000,915,784 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
SRV - [2014/09/16 22:14:55 | 018,044,744 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV - [2014/09/12 05:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/09/05 16:34:22 | 003,364,368 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2015\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2014/09/05 16:23:18 | 000,293,448 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2015\avgwdsvc.exe -- (avgwd)
SRV - [2014/07/02 13:39:15 | 000,413,128 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014/06/03 13:44:20 | 000,173,792 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe -- (BingDesktopUpdate)
SRV - [2014/03/19 22:48:51 | 001,141,336 | ---- | M] (RealNetworks, Inc.) [Auto | Running] -- c:\Program Files\Real\RealPlayer\RPDS\Bin\rpdsvc.exe -- (RealPlayer Cloud Service)
SRV - [2014/02/12 16:29:36 | 000,023,552 | ---- | M] () [Auto | Running] -- C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe -- (RealPlayerUpdateSvc)
SRV - [2014/02/12 14:42:10 | 000,039,568 | ---- | M] () [Auto | Running] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2013/12/02 11:58:48 | 002,151,232 | ---- | M] (IObit) [Auto | Stopped] -- C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
SRV - [2013/05/27 00:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/05/13 13:20:52 | 000,384,840 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files\BlueStacks\HD-LogRotatorService.exe -- (BstHdLogRotatorSvc)
SRV - [2013/05/13 13:20:32 | 000,393,032 | ---- | M] (BlueStack Systems, Inc.) [Auto | Stopped] -- C:\Program Files\BlueStacks\HD-Service.exe -- (BstHdAndroidSvc)
SRV - [2012/10/30 20:10:48 | 000,196,624 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe -- (NitroReaderDriverReadSpool3)
SRV - [2012/10/23 18:58:52 | 000,120,728 | ---- | M] () [Auto | Running] -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe -- (Motorola Device Manager)
SRV - [2011/03/08 00:19:23 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009/07/13 21:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\LIVING~1\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2014/10/29 20:08:24 | 000,114,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV - [2014/10/18 00:33:45 | 000,058,200 | ---- | M] (Emsisoft GmbH) [File_System | On_Demand | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2accx86.sys -- (a2acc)
DRV - [2014/10/18 00:33:44 | 000,018,552 | ---- | M] (Emsisoft GmbH) [Kernel | System | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2util32.sys -- (a2util)
DRV - [2014/10/18 00:33:40 | 000,038,248 | ---- | M] (Emsisoft GmbH) [File_System | System | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys -- (a2injectiondriver)
DRV - [2014/10/18 00:33:38 | 000,050,200 | ---- | M] (Emsisoft GmbH) [File_System | On_Demand | Stopped] -- C:\Program Files\Emsisoft Anti-Malware\cleanhlp32.sys -- (cleanhlp)
DRV - [2014/10/18 00:33:38 | 000,022,056 | ---- | M] (Emsisoft GmbH) [Kernel | System | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys -- (A2DDA)
DRV - [2014/09/16 22:14:55 | 000,019,272 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV - [2014/09/04 15:14:38 | 000,032,928 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvvad32v.sys -- (nvvad_WaveExtensible)
DRV - [2014/08/20 21:49:40 | 000,193,304 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2014/08/06 21:38:34 | 000,098,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2014/07/24 14:09:20 | 000,204,056 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2014/07/18 15:55:24 | 000,230,680 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avglogx.sys -- (Avglogx)
DRV - [2014/07/10 14:09:34 | 000,360,376 | ---- | M] (BitDefender S.R.L.) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\Trufos.sys -- (Trufos)
DRV - [2014/07/02 16:54:57 | 010,681,176 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2014/07/02 10:01:44 | 000,199,448 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2014/06/18 21:16:30 | 000,147,736 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2014/06/18 21:03:36 | 000,027,416 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2014/06/18 21:03:34 | 000,121,624 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgdiskx.sys -- (Avgdiskx)
DRV - [2014/06/18 21:03:34 | 000,021,272 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2014/06/16 02:01:38 | 000,184,192 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2014/06/16 02:01:38 | 000,089,856 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2013/11/10 16:31:34 | 000,037,664 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2013/10/01 20:42:31 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2013/05/13 13:20:38 | 000,063,816 | ---- | M] (BlueStack Systems) [Kernel | Auto | Running] -- C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys -- (BstHdDrv)
DRV - [2012/08/23 10:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012/07/26 07:31:44 | 000,281,344 | ---- | M] (D-vitec) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dvitdcnt.sys -- (D-Vitec)
DRV - [2011/01/13 03:17:18 | 000,106,752 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\zghsdiag.sys -- (zghsdiag)
DRV - [2010/11/20 08:30:17 | 000,296,064 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vpcvmm.sys -- (vpcvmm)
DRV - [2010/11/20 08:30:17 | 000,172,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vpchbus.sys -- (vpcbus)
DRV - [2010/11/20 08:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 08:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 08:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 06:50:38 | 000,078,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vpcusb.sys -- (vpcusb)
DRV - [2010/11/20 05:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 05:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 05:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/10/11 01:09:00 | 001,564,160 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athur.sys -- (athur)
DRV - [2010/06/02 00:33:42 | 000,049,904 | ---- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2009/07/13 20:18:07 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2009/07/13 19:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2007/04/09 10:50:34 | 000,009,600 | ---- | M] (Waytech Development, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\UsbFltr.sys -- (UsbFltr)
DRV - [2006/11/02 08:57:08 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\irsir.sys -- (irsir)
DRV - [2003/02/11 14:25:14 | 000,009,216 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pelusblf.sys -- (pelusblf)
DRV - [2003/01/10 14:55:32 | 000,016,384 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PELMOUSE.SYS -- (pelmouse)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-21828565-3005677120-1819634571-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig
IE - HKU\S-1-5-21-21828565-3005677120-1819634571-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKU\S-1-5-21-21828565-3005677120-1819634571-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0A 32 E1 B7 2A 7F CD 01  [binary data]
IE - HKU\S-1-5-21-21828565-3005677120-1819634571-1001\..\SearchScopes,DefaultScope = {E9BBD11B-78CC-4566-A14B-155FB7D9F531}
IE - HKU\S-1-5-21-21828565-3005677120-1819634571-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKU\S-1-5-21-21828565-3005677120-1819634571-1001\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://mysearch.avg.com/search?cid={3676D089-D678-4B66-9CA8-EB83DE303D18}&mid=d162516e7ece47d6853fd16b2e84a5ca-9a17500a96d428a5cdb8b2643968b9a928fc107f&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2013-12-21 08:24:58&v=17.2.0.38&pid=safeguard&sg=&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-21828565-3005677120-1819634571-1001\..\SearchScopes\{E9BBD11B-78CC-4566-A14B-155FB7D9F531}: "URL" = http://www.bing.com/...Box&FORM=IESR02
IE - HKU\S-1-5-21-21828565-3005677120-1819634571-1001\..\SearchScopes\DFEF316A7DF840789BE026CF4E2A55C1: "URL" = http://www.google.co...utputEncoding?}
IE - HKU\S-1-5-21-21828565-3005677120-1819634571-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-21828565-3005677120-1819634571-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;192.168.*.*;<local>
 
========== FireFox ==========
 
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.71.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files\Virtual Earth 3D\ [2011/08/18 11:14:03 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=17.0.6.13: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=17.0.6: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=17.0.6: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=17.0.6: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=17.0.6.13: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@nsroblox.roblox.com/launcher: C:\Users\Living Room\AppData\Local\Roblox\Versions\version-d65566343374484f\\NPRobloxProxy.dll ()
FF - HKCU\Software\MozillaPlugins\@nsroblox.roblox.com/launcher64: C:\Users\Living Room\AppData\Local\Roblox\Versions\version-d65566343374484f\\NPRobloxProxy64.dll ()
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Living Room\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2013/12/24 15:11:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2013/12/24 15:11:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C3949AC2-4B17-43ee-B4F1-D26B9D42404D}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2013/12/24 15:11:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.2.0.38 [2013/12/24 15:11:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{8E8D8D12-A43B-4289-994D-DF2C7C0EF736}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2014/03/19 22:50:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 33.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2014/10/30 15:29:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 33.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014/10/30 15:29:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\SeaMonkey 2.8\extensions\\Components: C:\Program Files\SeaMonkey\components [2012/12/15 07:25:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\SeaMonkey 2.8\extensions\\Plugins: C:\Program Files\SeaMonkey\plugins [2014/10/15 15:52:33 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 33.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2014/10/30 15:29:33 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 33.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014/10/30 15:29:34 | 000,000,000 | ---D | M]
 
[2011/04/14 20:31:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Living Room\AppData\Roaming\Mozilla\Extensions
[2013/12/22 10:02:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Living Room\AppData\Roaming\Mozilla\Firefox\Profiles\4qub62kd.default\extensions
[2014/07/15 22:28:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Living Room\AppData\Roaming\Mozilla\Firefox\Profiles\6hqykdlp.default-1398349730678\extensions
[2014/07/15 22:28:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Living Room\AppData\Roaming\Mozilla\Firefox\Profiles\6hqykdlp.default-1398349730678\extensions\[email protected]
[2014/08/11 22:03:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Living Room\AppData\Roaming\Mozilla\Firefox\Profiles\pb75uh1z.default-1405477682861\extensions
[2014/08/11 22:03:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Living Room\AppData\Roaming\Mozilla\Firefox\Profiles\pb75uh1z.default-1405477682861\extensions\[email protected]
[2014/10/18 01:36:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Living Room\AppData\Roaming\Mozilla\Firefox\Profiles\t0hqx41u.default\extensions
[2014/11/01 11:00:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Living Room\AppData\Roaming\Mozilla\Firefox\Profiles\t0hqx41u.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
[2014/11/01 11:00:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Living Room\AppData\Roaming\Mozilla\Firefox\Profiles\w2rz5yk8.default-1408303769515\extensions
[2014/01/04 10:35:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Living Room\AppData\Roaming\Mozilla\SeaMonkey\Profiles\gcdr6068.default\extensions
[2014/01/04 10:35:33 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Users\Living Room\AppData\Roaming\Mozilla\SeaMonkey\Profiles\gcdr6068.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2013/06/19 13:02:03 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\Users\Living Room\AppData\Roaming\Mozilla\SeaMonkey\Profiles\gcdr6068.default\extensions\[email protected]
[2014/10/21 10:50:54 | 000,079,460 | ---- | M] () (No name found) -- C:\Users\Living Room\AppData\Roaming\Mozilla\Firefox\Profiles\w2rz5yk8.default-1408303769515\extensions\[email protected]
[2014/10/29 20:11:26 | 000,304,000 | ---- | M] () (No name found) -- C:\Users\Living Room\AppData\Roaming\Mozilla\Firefox\Profiles\w2rz5yk8.default-1408303769515\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2014/10/30 15:29:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2014/10/30 15:29:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2014/10/30 15:29:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/10/30 15:29:51 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/01/06 13:12:25 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol400.dll
[2014/03/19 22:49:05 | 000,148,040 | ---- | M] (RealPlayer Cloud) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
 
========== Chrome  ==========
 
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Living Room\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.8_0\
CHR - Extension: No name found = C:\Users\Living Room\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: No name found = C:\Users\Living Room\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\Living Room\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: No name found = C:\Users\Living Room\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\Living Room\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\Living Room\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.0_0\
CHR - Extension: No name found = C:\Users\Living Room\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\17.0.6_1\
CHR - Extension: No name found = C:\Users\Living Room\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\Living Room\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2013/11/01 10:42:05 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\17.2.0.38\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
O3 - HKU\S-1-5-21-21828565-3005677120-1819634571-1001\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [AdAwareTray] C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe ()
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2015\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BingDesktop] C:\Program Files\Microsoft\BingDesktop\BingDesktop.exe (Microsoft Corp.)
O4 - HKLM..\Run: [NvBackend] C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [ShadowPlay] C:\Windows\System32\nvspcap.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG SafeGuard toolbar\vprot.exe ()
O4 - HKU\S-1-5-21-21828565-3005677120-1819634571-1001..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-21828565-3005677120-1819634571-1001..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\S-1-5-21-21828565-3005677120-1819634571-1001..\Run: [LightShot] C:\Users\Living Room\AppData\Local\Skillbrains\lightshot\Lightshot.exe ()
O4 - Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-21828565-3005677120-1819634571-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-21828565-3005677120-1819634571-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-21828565-3005677120-1819634571-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-21828565-3005677120-1819634571-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-21828565-3005677120-1819634571-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O9 - Extra Button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra 'Tools' menuitem : ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra 'Tools' menuitem : ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra Button: Launch Cooliris - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\cooliris.dll (Cooliris Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-21828565-3005677120-1819634571-1001\..Trusted Domains: custhelp.com ([247pearsoned] http in Trusted sites)
O15 - HKU\S-1-5-21-21828565-3005677120-1819634571-1001\..Trusted Domains: myitlab.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-21828565-3005677120-1819634571-1001\..Trusted Domains: pearsoncmg.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-21828565-3005677120-1819634571-1001\..Trusted Domains: pearsoned.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-21828565-3005677120-1819634571-1001\..Trusted Ranges: Range1979 ([http] in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4452C8C3-009C-4145-B7DA-90690DDE7A84}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\linkscanner - No CLSID value found
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.2.0\ViProtocol.dll (AVG Secure Search)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/11/01 12:41:38 | 000,000,000 | --SD | C] -- C:\Windows\System32\CompatTel
[2014/11/01 11:59:43 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2014/10/30 15:29:31 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014/10/23 22:56:15 | 000,000,000 | ---D | C] -- C:\Users\Living Room\Desktop\Camera 10232014
[2014/10/20 11:23:40 | 000,052,440 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\flrhhpx.sys
[2014/10/18 21:16:38 | 000,000,000 | ---D | C] -- C:\Users\Living Room\AppData\Roaming\Lavasoft
[2014/10/18 21:13:44 | 000,000,000 | ---D | C] -- C:\Users\Living Room\AppData\Local\adawarebp
[2014/10/18 01:38:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
[2014/10/18 01:37:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Browsing Protection
[2014/10/18 01:35:45 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2014/10/18 01:34:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Lavasoft
[2014/10/18 01:17:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2014/10/17 23:38:39 | 000,000,000 | ---D | C] -- C:\Users\Living Room\AppData\Roaming\AVG2015
[2014/10/17 23:33:46 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2015
[2014/10/17 22:44:27 | 000,000,000 | ---D | C] -- C:\Users\Living Room\AppData\Local\Avg2015
[2014/10/16 16:43:06 | 000,000,000 | ---D | C] -- C:\Users\Living Room\Documents\Optimizer Pro
[2014/10/16 00:50:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2014/10/12 15:27:24 | 000,000,000 | ---D | C] -- C:\Users\Living Room\AppData\Local\Adobe
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[175 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/11/01 13:27:56 | 000,014,976 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/11/01 13:27:56 | 000,014,976 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/11/01 13:13:58 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/11/01 13:07:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/11/01 13:07:38 | 2615,812,096 | -HS- | M] () -- C:\hiberfil.sys
[2014/11/01 12:54:15 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/11/01 12:53:35 | 000,000,632 | RHS- | M] () -- C:\Users\Living Room\ntuser.pol
[2014/11/01 12:52:02 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/11/01 12:45:51 | 000,317,144 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/11/01 12:05:32 | 000,664,012 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/11/01 12:05:32 | 000,122,870 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/11/01 11:18:17 | 000,016,284 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2014/11/01 11:09:09 | 000,000,388 | ---- | M] () -- C:\Windows\tasks\update-S-1-5-21-21828565-3005677120-1819634571-1001.job
[2014/11/01 10:57:00 | 000,000,388 | ---- | M] () -- C:\Windows\tasks\update-sys.job
[2014/10/31 11:51:17 | 132,418,310 | ---- | M] () -- C:\Users\Living Room\Documents\clip0072.avi
[2014/10/31 11:51:17 | 132,418,310 | ---- | M] () -- C:\Users\Living Room\Desktop\clip0072.avi
[2014/10/31 11:48:17 | 000,049,700 | ---- | M] () -- C:\Users\Living Room\Desktop\medlrg1.jpg
[2014/10/31 11:47:44 | 000,321,424 | ---- | M] () -- C:\Users\Living Room\Desktop\medlrg.jpg
[2014/10/29 20:08:24 | 000,114,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014/10/27 20:36:38 | 000,322,461 | ---- | M] () -- C:\Users\Living Room\Desktop\1.jpg
[2014/10/27 18:12:59 | 000,000,115 | ---- | M] () -- C:\Users\Living Room\Desktop\Munzee game map.url
[2014/10/23 22:47:40 | 007,763,874 | ---- | M] () -- C:\Users\Living Room\Desktop\VID_20141023_224651.3gp
[2014/10/23 22:45:56 | 028,059,953 | ---- | M] () -- C:\Users\Living Room\Desktop\VID_20141023_224248.3gp
[2014/10/23 08:47:51 | 000,029,900 | ---- | M] () -- C:\Users\Living Room\Desktop\IMG_13714951272100.jpeg
[2014/10/20 11:23:40 | 000,052,440 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\flrhhpx.sys
[2014/10/18 22:19:42 | 000,035,256 | ---- | M] () -- C:\Users\Living Room\Desktop\post needs more cowbell3.jpg
[2014/10/18 22:18:56 | 000,026,908 | ---- | M] () -- C:\Users\Living Room\Desktop\morecowbell.jpg
[2014/10/12 20:09:32 | 000,098,300 | ---- | M] () -- C:\Users\Living Room\Desktop\pennywise-435.jpg
[2014/10/12 15:21:18 | 000,037,138 | ---- | M] () -- C:\Users\Living Room\Desktop\a brick.jpg
[2014/10/10 01:53:27 | 000,007,074 | ---- | M] () -- C:\Users\Living Room\Desktop\sector420transarent.gif
[2014/10/08 11:24:21 | 000,001,148 | ---- | M] () -- C:\Users\Living Room\AppData\Local\UserProducts.xml
[2014/10/04 21:58:13 | 000,040,309 | ---- | M] () -- C:\Windows\System32\%living
[2014/10/04 21:57:50 | 000,031,769 | ---- | M] () -- C:\Windows\System32\%li
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[175 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/11/01 11:18:17 | 000,016,284 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2014/10/31 12:04:51 | 132,418,310 | ---- | C] () -- C:\Users\Living Room\Desktop\clip0072.avi
[2014/10/31 11:50:52 | 132,418,310 | ---- | C] () -- C:\Users\Living Room\Documents\clip0072.avi
[2014/10/31 11:48:17 | 000,049,700 | ---- | C] () -- C:\Users\Living Room\Desktop\medlrg1.jpg
[2014/10/31 11:47:44 | 000,321,424 | ---- | C] () -- C:\Users\Living Room\Desktop\medlrg.jpg
[2014/10/27 20:36:38 | 000,322,461 | ---- | C] () -- C:\Users\Living Room\Desktop\1.jpg
[2014/10/27 18:12:51 | 000,000,115 | ---- | C] () -- C:\Users\Living Room\Desktop\Munzee game map.url
[2014/10/23 22:56:33 | 000,029,900 | ---- | C] () -- C:\Users\Living Room\Desktop\IMG_13714951272100.jpeg
[2014/10/23 22:47:41 | 007,763,874 | ---- | C] () -- C:\Users\Living Room\Desktop\VID_20141023_224651.3gp
[2014/10/23 22:45:57 | 028,059,953 | ---- | C] () -- C:\Users\Living Room\Desktop\VID_20141023_224248.3gp
[2014/10/18 22:19:42 | 000,035,256 | ---- | C] () -- C:\Users\Living Room\Desktop\post needs more cowbell3.jpg
[2014/10/18 22:18:45 | 000,026,908 | ---- | C] () -- C:\Users\Living Room\Desktop\morecowbell.jpg
[2014/10/12 15:21:15 | 000,037,138 | ---- | C] () -- C:\Users\Living Room\Desktop\a brick.jpg
[2014/10/10 01:48:47 | 000,007,074 | ---- | C] () -- C:\Users\Living Room\Desktop\sector420transarent.gif
[2014/10/10 00:12:14 | 000,098,300 | ---- | C] () -- C:\Users\Living Room\Desktop\pennywise-435.jpg
[2014/10/04 21:57:37 | 000,031,769 | ---- | C] () -- C:\Windows\System32\%li
[2014/10/04 21:57:05 | 000,040,309 | ---- | C] () -- C:\Windows\System32\%living
[2014/09/09 15:31:42 | 000,216,064 | ---- | C] ( ) -- C:\Windows\System32\Lagarith.dll
[2014/09/09 15:31:41 | 000,753,873 | ---- | C] () -- C:\Windows\unins000.exe
[2014/09/09 15:31:41 | 000,067,853 | ---- | C] () -- C:\Windows\unins000.dat
[2014/07/17 09:33:52 | 003,826,628 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin
[2014/02/13 21:59:13 | 000,024,576 | ---- | C] () -- C:\Windows\System32\FSRremoC.DLL
[2014/02/13 21:59:13 | 000,020,480 | ---- | C] () -- C:\Windows\System32\FSRremoS.EXE
[2014/02/13 21:01:21 | 000,053,248 | ---- | C] () -- C:\Windows\System32\zlib.dll
[2014/02/11 20:45:33 | 000,317,144 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/09/12 15:49:37 | 000,003,728 | ---- | C] () -- C:\Program Files\Mozilla Firefoxavg-secure-search.xml
[2013/08/06 09:27:51 | 000,001,800 | ---- | C] () -- C:\Users\Living Room\.TransferManager.db
[2013/07/03 13:08:51 | 000,000,091 | RHS- | C] () -- C:\Windows\System32\CADlink.ini
[2013/07/03 13:07:20 | 000,207,872 | ---- | C] () -- C:\Windows\System32\patchw32.dll
[2013/07/03 13:07:20 | 000,052,474 | ---- | C] () -- C:\Windows\System32\CDLDIB.DRV
[2013/07/03 13:07:16 | 000,084,448 | ---- | C] () -- C:\Windows\System32\PCDLIB.DLL
[2013/06/06 10:04:04 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/06/06 10:04:04 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/06/06 10:04:04 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/06/06 10:04:04 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/06/06 10:04:04 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/04/25 15:22:42 | 000,173,048 | ---- | C] () -- C:\Windows\hpoins46.dat
[2013/04/25 15:22:42 | 000,000,601 | ---- | C] () -- C:\Windows\hpomdl46.dat
[2013/04/18 19:07:00 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2013/04/18 19:06:46 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2013/04/18 19:06:46 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2013/04/18 19:06:46 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2013/04/18 19:06:46 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2013/03/16 01:15:17 | 000,000,632 | RHS- | C] () -- C:\Users\Living Room\ntuser.pol
[2013/01/25 13:24:06 | 000,000,853 | ---- | C] () -- C:\Users\Living Room\AppData\Local\recently-used.xbel
[2013/01/25 13:05:54 | 000,180,624 | ---- | C] () -- C:\Windows\System32\Primomonnt.dll
[2012/10/16 19:19:11 | 000,000,052 | ---- | C] () -- C:\Users\Living Room\jagex_cl_loginapplet_LIVE.dat
[2012/10/16 19:19:11 | 000,000,024 | ---- | C] () -- C:\Users\Living Room\random.dat
[2012/05/22 00:57:44 | 000,001,056 | ---- | C] () -- C:\Users\Living Room\wxDownloadFast.ini
[2012/03/23 09:27:29 | 000,001,148 | ---- | C] () -- C:\Users\Living Room\AppData\Local\UserProducts.xml
[2012/02/05 15:35:02 | 000,000,051 | ---- | C] () -- C:\Users\Living Room\jagex_cl_runescape_LIVE1.dat
[2012/02/05 15:00:34 | 000,000,032 | ---- | C] () -- C:\Users\Living Room\jagex_cl_runescape_LIVE.dat
[2012/01/24 10:19:27 | 000,070,477 | ---- | C] () -- C:\Users\Living Room\FCAT Test Schedule 2012.pdf
[2011/12/03 00:46:54 | 000,010,240 | ---- | C] () -- C:\Users\Living Room\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/11/04 11:00:17 | 000,356,694 | ---- | C] () -- C:\Users\Living Room\FCAT Practice_GR4_TheRedFox.pdf
[2011/10/28 10:53:35 | 000,242,564 | ---- | C] () -- C:\Users\Living Room\Q2 Intensive Reading Checklist.pdf
[2011/10/28 10:53:15 | 000,287,596 | ---- | C] () -- C:\Users\Living Room\Good Readers_Ten Pegs.pdf
[2011/08/10 22:19:43 | 000,000,053 | ---- | C] () -- C:\ProgramData\lxdd
[2011/05/14 13:59:14 | 000,007,607 | ---- | C] () -- C:\Users\Living Room\AppData\Local\resmon.resmoncfg
[2011/05/06 11:08:31 | 000,020,485 | ---- | C] () -- C:\Users\Living Room\word-wizard.pdf
[2011/05/06 11:08:22 | 000,019,723 | ---- | C] () -- C:\Users\Living Room\story-connector.pdf
[2011/03/18 22:02:32 | 000,000,522 | RHS- | C] () -- C:\ProgramData\ntuser.pol
 
========== ZeroAccess Check ==========
 
[2009/07/14 00:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/06/24 21:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 21:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2011/04/18 11:36:34 | 000,000,000 | ---D | M] -- C:\Users\Ad\AppData\Roaming\Elluminate
[2011/05/05 12:31:52 | 000,000,000 | ---D | M] -- C:\Users\Ad\AppData\Roaming\KidZui
[2012/07/05 07:10:36 | 000,000,000 | ---D | M] -- C:\Users\Ad\AppData\Roaming\Motorola
[2013/03/28 16:30:54 | 000,000,000 | ---D | M] -- C:\Users\Ad\AppData\Roaming\Motorola Mobility
[2013/07/04 03:18:27 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\.minecraft
[2014/10/18 01:26:58 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\AVG2015
[2013/09/18 15:25:14 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Canon
[2013/09/18 15:25:50 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\FileOpen
[2013/06/06 09:06:10 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Motorola Mobility
[2013/09/18 15:25:50 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Nitro
[2014/03/07 23:23:16 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\OpenOffice.org
[2014/10/18 01:36:41 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\SecureSearch
[2013/01/11 10:18:01 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\TuneUp Software
[2013/06/06 09:49:30 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\TweakNow PowerPack 2012
[2014/03/07 11:03:43 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Unity
[2013/01/11 10:18:01 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2013/01/11 10:18:01 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software
[2014/11/01 00:13:53 | 000,000,000 | ---D | M] -- C:\Users\Living Room\AppData\Roaming\.minecraft
[2014/08/16 20:58:33 | 000,000,000 | ---D | M] -- C:\Users\Living Room\AppData\Roaming\16008
[2012/05/06 21:44:09 | 000,000,000 | ---D | M] -- C:\Users\Living Room\AppData\Roaming\Aimersoft Video Converter Ultimate
[2014/10/16 00:24:05 | 000,000,000 | ---D | M] -- C:\Users\Living Room\AppData\Roaming\Audacity
[2011/12/14 17:21:47 | 000,000,000 | ---D | M] -- C:\Users\Living Room\AppData\Roaming\Aura DVD Copy
[2014/04/24 11:20:12 | 000,000,000 | ---D | M] -- C:\Users\Living Room\AppData\Roaming\AVG
[2014/08/22 17:39:46 | 000,000,000 | ---D | M] -- C:\Users\Living Room\AppData\Roaming\AVG2014
[2014/10/17 23:38:39 | 000,000,000 | ---D | M] -- C:\Users\Living Room\AppData\Roaming\AVG2015
[2011/10/22 11:02:00 | 000,000,000 | ---D | M] -- C:\Users\Living Room\AppData\Roaming\Azureus
[2012/08/20 12:39:50 | 000,000,000 | ---D | M] -- C:\Users\Living Room\AppData\Roaming\Blackboard
[2014/08/15 12:27:22 | 000,000,000 | ---D | M] -- C:\Users\Living Room\AppData\Roaming\Canon
[2013/01/06 13:12:20 | 000,000,000 | ---D | M] -- C:\Users\Living Room\AppData\Roaming\Catalina Marketing Corp
[2013/12/23 15:05:46 | 000,000,000 | ---D | M] -- C:\Users\Living Room\AppData\Roaming\CrystalIdea Software
[2011/08/18 11:17:22 | 000,000,000 | ---D | M] -- C:\Users\Living Room\AppData\Roaming\DassaultSystemes
[2012/07/25 13:41:19 | 000,000,000 | ---D | M] -- C:\Users\Living Room\AppData\Roaming\DiskAid
[2014/08/16 20:51:26 | 000,000,000 | ---D | M] -- C:\Users\Living Room\AppData\Roaming\DVDFab9
[2012/01/11 11:24:40 | 000,000,000 | ---D | M] -- C:\Users\Living Room\AppData\Roaming\Elluminate
[2013/08/03 11:51:48 | 000,000,000 | ---D | M] -- C:\Users\Living Room\AppData\Roaming\EurekaLog
[2013/01/25 13:07:25 | 000,000,000 | ---D | M] -- C:\Users\Living Room\AppData\Roaming\FileOpen
[2013/08/10 22:55:25 | 000,000,000 | ---D | M] -- C:\Users\Living Room\AppData\Roaming\Garmin
[2011/10/15 12:11:38 | 000,000,000 | ---D | M] -- C:\Users\Living Room\AppData\Roaming\Graphe Easy
[2013/08/03 11:51:51 | 000,000,000 | ---D | M] -- C:\Users\Living Room\AppData\Roaming\gsak
[2012/01/28 22:19:33 | 000,000,000 | ---D | M] -- C:\Users\Living Room\AppData\Roaming\ImgBurn
[2013/12/09 22:41:21 | 000,000,000 | ---D | M] -- C:\Users\Living Room\AppData\Roaming\IObit
[2012/01/02 22:15:10 | 000,000,000 | ---D | M] -- C:\Users\Living Room\AppData\Roaming\Juniper Networks
[2011/12/08 10:39:23 | 000,000,000 | ---D | M] -- C:\Users\Living Room\AppData\Roaming\Lexmark Productivity Studio
[2013/06/01 16:31:18 | 000,000,000 | ---D | M] -- C:\Users\Living Room\AppData\Roaming\Maxthon3
[2012/07/04 14:14:05 | 000,000,000 | ---D | M] -- C:\Users\Living Room\AppData\Roaming\Motorola
[2012/12/21 22:55:45 | 000,000,000 | ---D | M] -- C:\Users\Living Room\AppData\Roaming\Motorola Mobility
[2011/12/04 00:58:06 | 000,000,000 | ---D | M] -- C:\Users\Living Room\AppData\Roaming\Moyea
[2013/01/25 13:07:25 | 000,000,000 | ---D | M] -- C:\Users\Living Room\AppData\Roaming\Nitro
[2014/09/02 17:55:14 | 000,000,000 | ---D | M] -- C:\Users\Living Room\AppData\Roaming\Nitro PDF
[2013/07/05 17:59:38 | 000,000,000 | ---D | M] -- C:\Users\Living Room\AppData\Roaming\OpenOffice.org
[2014/05/18 20:19:51 | 000,000,000 | ---D | M] -- C:\Users\Living Room\AppData\Roaming\Oracle
[2013/11/02 18:30:37 | 000,000,000 | ---D | M] -- C:\Users\Living Room\AppData\Roaming\Paltalk
[2014/07/09 11:38:45 | 000,000,000 | ---D | M] -- C:\Users\Living Room\AppData\Roaming\PrimoPDF
[2013/06/12 11:20:58 | 000,000,000 | ---D | M] -- C:\Users\Living Room\AppData\Roaming\Samsung
[2014/02/13 21:55:51 | 000,000,000 | ---D | M] -- C:\Users\Living Room\AppData\Roaming\Spotify
[2014/06/09 07:50:06 | 000,000,000 | ---D | M] -- C:\Users\Living Room\AppData\Roaming\TS3Client
[2013/03/04 15:42:53 | 000,000,000 | ---D | M] -- C:\Users\Living Room\AppData\Roaming\TuneUp Software
[2012/05/06 01:13:48 | 000,000,000 | ---D | M] -- C:\Users\Living Room\AppData\Roaming\TweakNow PowerPack 2012
[2013/12/21 01:32:14 | 000,000,000 | ---D | M] -- C:\Users\Living Room\AppData\Roaming\Uniblue
[2011/12/05 17:00:28 | 000,000,000 | ---D | M] -- C:\Users\Living Room\AppData\Roaming\Unity
[2011/04/30 08:03:01 | 000,000,000 | ---D | M] -- C:\Users\Living Room\AppData\Roaming\wargaming.net
[2013/01/11 10:18:01 | 000,000,000 | ---D | M] -- C:\Users\TEMP\AppData\Roaming\TuneUp Software
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:96D0C06F

< End of report >
 

 

 


  • 0

Advertisements

#2
Izzy1665
Posted 04 November 2014 - 12:12 PM

Izzy1665

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 121 posts

I am also getting window audio prompts like when something is plugged into a USB and then removed even when nothing actually is being plugged in or being removed. During that time the mouse freezes until the "removed" prompt sounds.


Edited by Izzy1665, 04 November 2014 - 12:13 PM.

  • 0

#3
Essexboy
Posted 08 November 2014 - 04:26 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi sorry for the delay I would like a fresh look at the system

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Select additions at the bottom
  • Press Scan button.
    frst.JPG
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please attach both logs generated.
THEN

Download aswMBR.exe ( 4.5mb ) to your desktop.
Double click the aswMBR.exe to run it.
You may be offered the option of using virtualisation, accept that
When it offers to download the virus database allow that as well
Click the "Scan" button to start scan

AswMBR%20scan.JPG


On completion of the scan click save log, save it to your desktop and post in your next reply
  • 0

#4
Izzy1665
Posted 09 November 2014 - 11:36 AM

Izzy1665

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 121 posts

Thank you for the reply Essexboy.

 

 

aswMBR version 1.0.1.2201 Copyright© 2014 AVAST Software
Run date: 2014-11-09 00:35:49
-----------------------------
00:35:49.439    OS Version: Windows 6.1.7601 Service Pack 1
00:35:49.439    Number of processors: 2 586 0x1706
00:35:49.441    ComputerName: LIVINGROOM-PC  UserName: Living Room
00:35:52.043    Initialize success
00:35:52.082    VM: initialized successfully
00:35:52.091    VM: Intel CPU supported
00:35:54.148    VM: supported disk I/O ataport.SYS
00:37:48.087    AVAST engine defs: 14110600
00:38:16.232    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
00:38:16.234    Disk 0 Vendor: Hitachi_HDT721010SLA360 ST6OA31B Size: 953869MB BusType: 3
00:38:16.579    VM: Disk 0 MBR read successfully
00:38:16.582    Disk 0 MBR scan
00:38:16.586    Disk 0 Windows 7 default MBR code
00:38:16.612    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
00:38:16.670    Disk 0 default boot code
00:38:16.704    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       520582 MB offset 206848
00:38:16.732    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       222643 MB offset 1066358784
00:38:16.737    Disk 0 Partition - 00     0F Extended LBA            210542 MB offset 1522331648
00:38:16.794    Disk 0 Partition 4 00     07    HPFS/NTFS NTFS       210541 MB offset 1522333696
00:38:16.813    Disk 0 scanning sectors +1953521664
00:38:17.214    Disk 0 scanning C:\Windows\system32\drivers
00:38:47.740    Service scanning
00:39:22.288    Modules scanning
00:40:02.659    Disk 0 trace - called modules:
00:40:02.692    ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS intelide.sys
00:40:02.696    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8694c460]
00:40:02.699    3 CLASSPNP.SYS[8c5af59e] -> nt!IofCallDriver -> [0x8649e918]
00:40:02.703    5 ACPI.sys[8c0a03d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-1[0x864a1908]
00:40:03.567    AVAST engine scan C:\Windows
00:40:45.163    AVAST engine scan C:\Windows\system32
00:48:35.757    AVAST engine scan C:\Windows\system32\drivers
00:49:03.913    AVAST engine scan C:\Users\Living Room
01:38:29.798    AVAST engine scan C:\ProgramData
01:54:46.730    Disk 0 statistics 4923600/0/283 @ 0.60 MB/s
01:54:46.737    Scan finished successfully
12:33:53.530    Disk 0 MBR has been saved successfully to "C:\Users\Living Room\Desktop\MBR.dat"
12:33:53.534    The log file has been saved successfully to "C:\Users\Living Room\Desktop\aswMBR.txt"


Attached File  FRST.txt   67KB   237 downloads

Attached Files


  • 0

#5
Essexboy
Posted 09 November 2014 - 01:02 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
A few bits and bobs to remove, what sort of problems are you experiencing ?

I notice that you have both AVG and Ad-Aware antivirus, I would recommend that you remove one of them

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-21828565-3005677120-1819634571-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM - DefaultScope value is missing.
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Handler: linkscanner - No CLSID Value -
FF Extension: No Name - C:\Users\Living Room\AppData\Roaming\Mozilla\Firefox\Profiles\t0hqx41u.default\Extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c} [2014-10-18]
FF Extension: 1-Click YouTube Video Downloader - C:\Users\Living Room\AppData\Roaming\Mozilla\Firefox\Profiles\w2rz5yk8.default-1408303769515\Extensions\[email protected] [2014-08-18]
FF Extension: No Name - {8E8D8D12-A43B-4289-994D-DF2C7C0EF736} [Not Found]
2014-10-16 15:43 - 2014-10-16 15:43 - 00000000 ____D () C:\Users\Living Room\Documents\Optimizer Pro
2014-10-16 15:32 - 2014-10-16 15:33 - 05935080 _____ (PC Utilities Software Limited ) C:\Users\Living Room\Downloads\OptimizerPro.exe
2014-11-08 22:57 - 2012-03-23 08:27 - 00000388 _____ () C:\Windows\Tasks\update-sys.job
C:\Users\Ad\jagex_cl_runescape_LIVE.dat
C:\Users\Living Room\jagex_cl_loginapplet_LIVE.dat
C:\Users\Living Room\jagex_cl_runescape_LIVE.dat
C:\Users\Living Room\jagex_cl_runescape_LIVE1.dat
C:\Users\Living Room\random.dat
C:\Users\Administrator\AppData\Local\temp\9a7bd64a-3795-4189-87a0-f93eb25a1d40.exe
Task: {ADFBA577-04D5-41BA-B52E-79B959499AC8} - System32\Tasks\update-sys => C:\Program Files\Skillbrains\Updater\Updater.exe [2014-03-25] ()
Task: {F24AF050-3514-483F-94BA-5953B1D4FFD7} - System32\Tasks\update-S-1-5-21-21828565-3005677120-1819634571-1001 => C:\Program Files\Skillbrains\Updater\Updater.exe [2014-03-25] ()
Task: C:\Windows\Tasks\update-S-1-5-21-21828565-3005677120-1819634571-1001.job => C:\Program Files\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files\Skillbrains\Updater\Updater.exe
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

  • 0

#6
Izzy1665
Posted 09 November 2014 - 02:33 PM

Izzy1665

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 121 posts

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 08-11-2014 01
Ran by Living Room at 2014-11-09 15:05:16 Run:2
Running from C:\Users\Living Room\Downloads
Loaded Profile: Living Room (Available profiles: Living Room & Ad & Mcx1-LIVINGROOM-PC & Administrator)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-21828565-3005677120-1819634571-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM - DefaultScope value is missing.
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Handler: linkscanner - No CLSID Value -
FF Extension: No Name - C:\Users\Living Room\AppData\Roaming\Mozilla\Firefox\Profiles\t0hqx41u.default\Extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c} [2014-10-18]
FF Extension: 1-Click YouTube Video Downloader - C:\Users\Living Room\AppData\Roaming\Mozilla\Firefox\Profiles\w2rz5yk8.default-1408303769515\Extensions\[email protected] [2014-08-18]
FF Extension: No Name - {8E8D8D12-A43B-4289-994D-DF2C7C0EF736} [Not Found]
2014-10-16 15:43 - 2014-10-16 15:43 - 00000000 ____D () C:\Users\Living Room\Documents\Optimizer Pro
2014-10-16 15:32 - 2014-10-16 15:33 - 05935080 _____ (PC Utilities Software Limited ) C:\Users\Living Room\Downloads\OptimizerPro.exe
2014-11-08 22:57 - 2012-03-23 08:27 - 00000388 _____ () C:\Windows\Tasks\update-sys.job
C:\Users\Ad\jagex_cl_runescape_LIVE.dat
C:\Users\Living Room\jagex_cl_loginapplet_LIVE.dat
C:\Users\Living Room\jagex_cl_runescape_LIVE.dat
C:\Users\Living Room\jagex_cl_runescape_LIVE1.dat
C:\Users\Living Room\random.dat
C:\Users\Administrator\AppData\Local\temp\9a7bd64a-3795-4189-87a0-f93eb25a1d40.exe
Task: {ADFBA577-04D5-41BA-B52E-79B959499AC8} - System32\Tasks\update-sys => C:\Program Files\Skillbrains\Updater\Updater.exe [2014-03-25] ()
Task: {F24AF050-3514-483F-94BA-5953B1D4FFD7} - System32\Tasks\update-S-1-5-21-21828565-3005677120-1819634571-1001 => C:\Program Files\Skillbrains\Updater\Updater.exe [2014-03-25] ()
Task: C:\Windows\Tasks\update-S-1-5-21-21828565-3005677120-1819634571-1001.job => C:\Program Files\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files\Skillbrains\Updater\Updater.exe
EmptyTemp:
CMD: bitsadmin /reset /allusers
*****************

"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-21828565-3005677120-1819634571-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => value deleted successfully.
"HKCR\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}" => Key not found.
"HKCR\PROTOCOLS\Handler\linkscanner" => Key deleted successfully.
C:\Users\Living Room\AppData\Roaming\Mozilla\Firefox\Profiles\t0hqx41u.default\Extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c} => Moved successfully.
C:\Users\Living Room\AppData\Roaming\Mozilla\Firefox\Profiles\w2rz5yk8.default-1408303769515\Extensions\[email protected] => Moved successfully.
FF Extension: No Name - {8E8D8D12-A43B-4289-994D-DF2C7C0EF736} [Not Found] => not found.
C:\Users\Living Room\Documents\Optimizer Pro => Moved successfully.
C:\Users\Living Room\Downloads\OptimizerPro.exe => Moved successfully.
C:\Windows\Tasks\update-sys.job => Moved successfully.
C:\Users\Ad\jagex_cl_runescape_LIVE.dat => Moved successfully.
C:\Users\Living Room\jagex_cl_loginapplet_LIVE.dat => Moved successfully.
C:\Users\Living Room\jagex_cl_runescape_LIVE.dat => Moved successfully.
C:\Users\Living Room\jagex_cl_runescape_LIVE1.dat => Moved successfully.
C:\Users\Living Room\random.dat => Moved successfully.
C:\Users\Administrator\AppData\Local\temp\9a7bd64a-3795-4189-87a0-f93eb25a1d40.exe => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ADFBA577-04D5-41BA-B52E-79B959499AC8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ADFBA577-04D5-41BA-B52E-79B959499AC8}" => Key deleted successfully.
C:\Windows\System32\Tasks\update-sys => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\update-sys" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F24AF050-3514-483F-94BA-5953B1D4FFD7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F24AF050-3514-483F-94BA-5953B1D4FFD7}" => Key deleted successfully.
C:\Windows\System32\Tasks\update-S-1-5-21-21828565-3005677120-1819634571-1001 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\update-S-1-5-21-21828565-3005677120-1819634571-1001" => Key deleted successfully.
C:\Windows\Tasks\update-S-1-5-21-21828565-3005677120-1819634571-1001.job => Moved successfully.
C:\Windows\Tasks\update-sys.job not found.

=========  bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

{C06F2B81-8003-4C25-BDA7-C72253422E85} canceled.
1 out of 1 jobs canceled.

========= End of CMD: =========

EmptyTemp: => Removed 1.1 GB temporary data.


The system needed a reboot.

==== End of Fixlog ====

 

 

 

 

My AVG Free is hitting on your AdwCleaner as a virus after I downloaded it and tried to run it. I ran it anyway and he are the results.

 

 

# AdwCleaner v4.101 - Report created 09/11/2014 at 15:53:41
# Updated 09/11/2014 by Xplode
# Database : 2014-11-07.1 [Live]
# Operating System : Windows 7 Professional Service Pack 1 (32 bits)
# Username : Living Room - LIVINGROOM-PC
# Running from : C:\Users\Living Room\Desktop\AdwCleaner(1).exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Aimersoft Video Converter Ultimate
Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar
Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
Folder Deleted : C:\Program Files\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files\Uniblue
Folder Deleted : C:\Program Files\Skillbrains
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
Folder Deleted : C:\Users\Administrator\AppData\LocalLow\adawaretb
Folder Deleted : C:\Users\Administrator\AppData\Roaming\SecureSearch
Folder Deleted : C:\Users\Living Room\AppData\Local\Skillbrains
Folder Deleted : C:\Users\Living Room\AppData\Roaming\Aimersoft Video Converter Ultimate
Folder Deleted : C:\Users\Living Room\AppData\Roaming\Uniblue
Folder Deleted : C:\Users\Living Room\Documents\Aimersoft Video Converter Ultimate
Folder Deleted : C:\Users\Ad\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho
Folder Deleted : C:\Users\Ad\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
File Deleted : C:\Users\Living Room\AppData\Roaming\LiveSupport.exe_log.txt
File Deleted : C:\Users\Living Room\AppData\Roaming\regsvr32.exe_log.txt
File Deleted : C:\Users\Living Room\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\driverscanner.lnk
File Deleted : C:\Users\Living Room\AppData\Roaming\Mozilla\Firefox\Profiles\w2rz5yk8.default-1408303769515\searchplugins\web-search.xml

***** [ Scheduled Tasks ] *****

Task Deleted : dsmonitor
Task Deleted : GoforFilesUpdate

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [LightShot]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1CCCE0D-AE21-42A2-BE58-8E6109410995}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Key Deleted : HKCU\Software\AVG SafeGuard toolbar
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
Key Deleted : HKLM\SOFTWARE\Myfree Codec
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17344


-\\ Mozilla Firefox v33.0.3 (x86 en-US)


-\\ Google Chrome v38.0.2125.111

[C:\Users\Ad\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : dhdepfaagokllfmhfbcfmocaeigmoebo
[C:\Users\Ad\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : fbmimoidopbghbcmdmpkjaffffmcbmbg
[C:\Users\Ad\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : hphibigbodkkohoglgfkddblldpfohjl
[C:\Users\Ad\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : jpnbdefcbnoefmmcpelplabbkfmfhlho
[C:\Users\Ad\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : kdcnnmifdmlmjffdgeieikcokcogpbej
[C:\Users\Ad\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : kincjchfokkeneeofpeefomkikfkiedl
[C:\Users\Ad\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : kkkeikdkpjenmoiicggnnodbkebafgpc
[C:\Users\Ad\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : pgmfkblbflahhponhjmkcnpjinenhlnc
[C:\Users\Ad\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : lifbcibllhkdhoafpjfnlhfpfgnpldfl
[C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Living Room\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Living Room\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

*************************

AdwCleaner[R0].txt - [56546 octets] - [21/12/2013 00:28:31]
AdwCleaner[R1].txt - [8818 octets] - [09/11/2014 15:40:38]
AdwCleaner[R2].txt - [8878 octets] - [09/11/2014 15:44:19]
AdwCleaner[R3].txt - [8936 octets] - [09/11/2014 15:51:04]
AdwCleaner[S0].txt - [56361 octets] - [21/12/2013 00:31:16]
AdwCleaner[S1].txt - [9041 octets] - [09/11/2014 15:53:41]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [9101 octets] ##########
 


Edited by Izzy1665, 09 November 2014 - 03:05 PM.

  • 0

#7
Essexboy
Posted 09 November 2014 - 03:02 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Could you temporarily disable AVG whilst it runs.  The programme is safe  


  • 0

#8
Izzy1665
Posted 09 November 2014 - 05:24 PM

Izzy1665

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 121 posts

AV turned off:

 

# AdwCleaner v4.101 - Report created 09/11/2014 at 18:15:04
# Updated 09/11/2014 by Xplode
# Database : 2014-11-07.1 [Live]
# Operating System : Windows 7 Professional Service Pack 1 (32 bits)
# Username : Living Room - LIVINGROOM-PC
# Running from : C:\Users\Living Room\Desktop\AdwCleaner(1).exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17344


-\\ Mozilla Firefox v33.0.3 (x86 en-US)


-\\ Google Chrome v38.0.2125.111


*************************

AdwCleaner[R0].txt - [56546 octets] - [21/12/2013 00:28:31]
AdwCleaner[R1].txt - [8818 octets] - [09/11/2014 15:40:38]
AdwCleaner[R2].txt - [8878 octets] - [09/11/2014 15:44:19]
AdwCleaner[R3].txt - [8936 octets] - [09/11/2014 15:51:04]
AdwCleaner[R4].txt - [1173 octets] - [09/11/2014 18:12:42]
AdwCleaner[S0].txt - [56361 octets] - [21/12/2013 00:31:16]
AdwCleaner[S1].txt - [9181 octets] - [09/11/2014 15:53:41]
AdwCleaner[S2].txt - [1095 octets] - [09/11/2014 18:15:04]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1155 octets] ##########
 


  • 0

#9
Essexboy
Posted 10 November 2014 - 08:37 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
How is the computer behaving now ?

A small programme that will help to alleviate the adware problem with downloads


http://unchecky.com/

Click on the link above to be taken to Unchecky.com
click the very large Download button.
click Save
Click Open folder


Right click on the Unchecky_setupuncheckysetupicon.png or folder and choose to Run as Administrator

Once open click the Install button.

uncheckysetupwindow.png

Then click on Finish

uncheckyfinishsetupwindow.png

Unchecky is now installed and will help you keep unwanted check boxes unchecked ;)
  • 0

#10
Izzy1665
Posted 10 November 2014 - 03:03 PM

Izzy1665

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 121 posts

So far so good. I will get back with you if I notice any other issues. The main issue was something was pausing the mouse for 3-5 seconds and I knew that was not normal. I do not see the issue now though. Thank you for the assistance.


  • 0

Advertisements

#11
Essexboy
Posted 10 November 2014 - 03:08 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Let me know when you are happy and I will remove my bits and bobs :)
  • 0

#12
Izzy1665
Posted 10 November 2014 - 07:44 PM

Izzy1665

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 121 posts

Ok, I don't know why but the 3-5 second pause of the mouse is still happening. When it happens I get the USB audio prompts letting me know something was plugged in and the when the pause ends I get the prompt letting me know something has been unplugged. I am not plugging/unplugging anything in.

 

Can this be viewed in an event viewer or something?


  • 0

#13
Essexboy
Posted 11 November 2014 - 08:34 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you change the USB port that your mouse is plugged into and see if it re-occurs. You may have a dodgy port
  • 0

#14
Izzy1665
Posted 11 November 2014 - 03:16 PM

Izzy1665

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 121 posts

I changed ports on the mouse and it is still happening. I even did so with the keyboard to rule that out as a possible cause too.


  • 0

#15
Essexboy
Posted 11 November 2014 - 04:03 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
I will have a look around to see if I can find a reason for that, it is not , as far as I know, malware related but either driver or system

Apart from that is there anything else ?
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics


Also tagged with one or more of these keywords: Virus, win32 zperm, win32, zperm

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP