So I got Malware Bites and it wont let me run it I've been told multiple times I'm infected, but nobody knows how I can fix it. http://gyazo.com/52f...081490d4c9ff662
Here are my logs:
log #1:
OTL Extras logfile created on: 11/27/2014 11:33:42 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Snarpie\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17420)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
7.96 Gb Total Physical Memory | 5.05 Gb Available Physical Memory | 63.46% Memory free
15.92 Gb Paging File | 11.98 Gb Available in Paging File | 75.27% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 905.22 Gb Total Space | 845.39 Gb Free Space | 93.39% Space Free | Partition Type: NTFS
Drive D: | 416.80 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: SNARPIE-PC | User Name: Snarpie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{015260EE-FDB6-4ED8-90B5-B1531BE169F8}" = rport=10243 | protocol=6 | dir=out | app=system |
"{037B92C2-CEB6-4959-A77E-0EA74B099EBD}" = rport=138 | protocol=17 | dir=out | app=system |
"{0F20167B-D4A5-4D31-8751-7E3696D8D81C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{14BEFA54-93C4-449B-82DE-DC5F97157F5E}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{1550F857-3C40-48AE-AF42-BFD891F51775}" = lport=445 | protocol=6 | dir=in | app=system |
"{2022437A-2977-44D6-AC3B-6455476B86C9}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{229358A8-D8C6-4CAD-8ACE-B1DAE5D6736C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{23DDD0D1-ED62-49F5-8093-27A9293868D0}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{315E9FF8-FA26-4B98-9467-AF8FE6AD31EC}" = lport=138 | protocol=17 | dir=in | app=system |
"{3263161D-46AB-4FB6-AB05-53B69C3D264A}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{591FC985-0CDD-41E8-9B29-FF32B5F27271}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{5A2EDAD6-4104-45A0-88BD-F6F68BD03A7D}" = rport=137 | protocol=17 | dir=out | app=system |
"{5F3A06A9-4188-4BD9-A970-0B4774DD9A07}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6E1E3EF7-F822-4F03-94EB-88B015B74BC0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6E98101C-756B-454D-998C-412EF924AE48}" = lport=139 | protocol=6 | dir=in | app=system |
"{78683C7A-4F83-45AB-9299-FB8B1EEC654D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{791634DB-80BF-4420-BAC8-77C823F43254}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{8F1565AB-FDB9-4292-A052-A1F7FE066D15}" = lport=2869 | protocol=6 | dir=in | app=system |
"{90D183A6-C874-420E-AE48-490F21C2E774}" = lport=54925 | protocol=17 | dir=in | name=brothernetwork scanner |
"{A213CFA2-522E-4D14-A20A-49B6E9B63C12}" = lport=8317 | protocol=6 | dir=in | name=techsmith camtasia studio |
"{A6E507F7-2C26-47CA-B08F-C8836D9F1C48}" = lport=10243 | protocol=6 | dir=in | app=system |
"{C1AEFC7B-3EE2-49B4-808B-53DFEF37B853}" = rport=139 | protocol=6 | dir=out | app=system |
"{CBFB9C3E-8432-424F-9BA5-7AA685EC2EC5}" = rport=445 | protocol=6 | dir=out | app=system |
"{CC0E023B-7850-4E90-AEC9-298D76AB8D27}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CCE9DF68-4AA8-4CEF-ABA1-9BED992427D8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CDB7C259-D0CF-491A-AA29-626486AA215B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D655AC8A-0FE2-42CC-95CB-8DB8D2B878CE}" = lport=137 | protocol=17 | dir=in | app=system |
"{F66CD900-3BC7-4627-BCD9-492BBAC997C3}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0CA33930-74FA-4029-88DE-FCDE0E761BB1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{102483B9-934C-44BF-8FFE-177E66BC5D64}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{187FDD42-213E-40BB-AFEA-6AC36363173A}" = protocol=1 | dir=out | [email protected],-28544 |
"{1CB1F0AB-5E77-4BD2-90B0-AA9007A3209F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1E1BC904-2E32-4B80-BBF2-48276D432AB7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{2DF6BBBE-0CEB-4710-BDF5-E7683B7AFEBA}" = protocol=58 | dir=out | [email protected],-28546 |
"{37D48D16-1D16-47B4-AA1F-DA23186AFAD9}" = protocol=17 | dir=in | app=c:\program files (x86)\cracked steam\bin\steamwebhelper.exe |
"{41DD27AC-1008-4D45-A846-64FAFE3866E5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{43102559-7C36-45BE-BF9D-2783CC311CBF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{466B497F-E270-44BF-A6D7-86B8ACC62E04}" = protocol=17 | dir=in | app=c:\program files (x86)\cracked steam\steam.exe |
"{499B6E2E-34C0-41A2-94EB-43A3A8399BF7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{4C52AB37-876A-414F-99BB-83D07641694C}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{51A72DCB-5813-4C2F-A259-3D1BA4CD78C0}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{588CACF6-E839-42B9-810C-84AE440A24CF}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{6CF81319-EC7B-4458-9DE0-FF855011591B}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{72F35EAB-68D9-4BE1-8001-BFA640910BBA}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{74BC8719-DC2C-4E22-8849-0D4AF700FE18}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{74DCD349-0AEA-48A1-9631-EB76BF41CA10}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{750AD8E9-289D-4448-A382-43224A68E70A}" = protocol=6 | dir=in | app=c:\program files (x86)\cracked steam\steam.exe |
"{7A4BEA0D-29FD-4B6C-8462-2A8C1A673A56}" = protocol=6 | dir=in | app=c:\program files (x86)\cracked steam\steam.exe |
"{81FB543A-16BA-4A85-B8B2-C32858B9CCA5}" = protocol=6 | dir=in | app=c:\program files (x86)\cracked steam\bin\steamwebhelper.exe |
"{8346E5EE-D776-4A61-9E09-1369294A93EB}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{85ADE4B5-A152-4A68-9FA7-FD4F25E1FE18}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8CD6D0C7-110E-4E1F-B833-3D9E13D4FDBF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{90320039-BB29-423F-A9CF-965309588552}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{941C19E2-628F-46BF-A26F-651DDAA5335B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{96890DE2-9846-4A68-B46C-386EA4B86B1E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9A891606-07DF-4313-BB65-F88BAC2B6C72}" = protocol=1 | dir=in | [email protected],-28543 |
"{A442E9A1-0A62-4C8B-869C-15338ED69E35}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A99259BF-9696-4C3A-99E3-C6E51F6D4B20}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{ACFF136A-600B-4A39-9DE8-2BA6B3A64A3C}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{B1B3E6F7-4DE7-417B-A1F1-B81C4E2FBD09}" = protocol=6 | dir=out | app=system |
"{B59F2A91-375D-4A85-837E-EDFE39E780A4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{BCD98708-88E8-49CA-A97D-C627515E6775}" = protocol=58 | dir=in | [email protected],-28545 |
"{C19B58C4-05A7-4D4F-AD29-79B22D927624}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C5F3A81B-4839-4BBC-924C-FC50D3124466}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{C6CD4118-1F62-4571-B794-757BBB6C31B8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CF9DBE23-90F4-4848-80CC-77899B7C6B2E}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{D3FA906D-F593-4ECA-B9FC-F2B54A475726}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{D4C6E6EF-FFD8-451E-9752-B54E3672EF4E}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D8F4FFFA-4D2B-4BBB-870D-A74AF9EABF91}" = protocol=17 | dir=in | app=c:\program files (x86)\cracked steam\steam.exe |
"{E21EBA83-19B9-4E73-A3F5-185CA9DF22DD}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{E31CF2B6-DD90-41A0-9769-426DFC11F36E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E8CCD070-C5B8-45AD-86D9-8BC0F42607B8}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{F3436851-38FF-40E8-94D6-325D32411D01}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{FF72AC12-AA02-4B2A-BACE-6D2725536933}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"TCP Query User{11E53806-3D41-49D5-8674-ADE468C801F5}C:\users\snarpie\desktop\limitlesslogger\limitless logger.exe" = protocol=6 | dir=in | app=c:\users\snarpie\desktop\limitlesslogger\limitless logger.exe |
"TCP Query User{30E81C1B-71CB-42DB-AF88-601AFADFF71E}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{4104E33E-2D09-43ED-95CA-F4B42C8C700E}C:\users\snarpie\appdata\local\temp\rar$exa0.840\incognito\kl\client.exe" = protocol=6 | dir=in | app=c:\users\snarpie\appdata\local\temp\rar$exa0.840\incognito\kl\client.exe |
"TCP Query User{759A77D8-EA46-4BAD-B386-1B0059D29ECA}C:\users\snarpie\appdata\local\temp\rar$exa0.295\incognito\kl\client.exe" = protocol=6 | dir=in | app=c:\users\snarpie\appdata\local\temp\rar$exa0.295\incognito\kl\client.exe |
"TCP Query User{BE038B45-FE13-42B9-BD73-AF83EAF1D9B6}C:\users\snarpie\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\snarpie\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{FCAE0648-8164-48C6-A859-5C74CB50B44F}C:\program files\bitcoin\bitcoin-qt.exe" = protocol=6 | dir=in | app=c:\program files\bitcoin\bitcoin-qt.exe |
"UDP Query User{12C6393A-E69E-4877-8C26-73A5D322DD0B}C:\program files\bitcoin\bitcoin-qt.exe" = protocol=17 | dir=in | app=c:\program files\bitcoin\bitcoin-qt.exe |
"UDP Query User{2A13253E-B3D7-4DAD-9D0E-7F3B746220ED}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{43141C41-A9E5-492A-AFE4-3A8125EC073C}C:\users\snarpie\appdata\local\temp\rar$exa0.840\incognito\kl\client.exe" = protocol=17 | dir=in | app=c:\users\snarpie\appdata\local\temp\rar$exa0.840\incognito\kl\client.exe |
"UDP Query User{4448C80C-B54C-4A53-B434-D3E5AFF26244}C:\users\snarpie\desktop\limitlesslogger\limitless logger.exe" = protocol=17 | dir=in | app=c:\users\snarpie\desktop\limitlesslogger\limitless logger.exe |
"UDP Query User{77AB7381-D03B-441B-BAB6-07DDDEB5E809}C:\users\snarpie\appdata\local\temp\rar$exa0.295\incognito\kl\client.exe" = protocol=17 | dir=in | app=c:\users\snarpie\appdata\local\temp\rar$exa0.295\incognito\kl\client.exe |
"UDP Query User{C6D2DB27-4481-4B2F-AD01-F969278CD4F6}C:\users\snarpie\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\snarpie\appdata\roaming\dropbox\bin\dropbox.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{135FD245-2480-478A-9D2B-83B50673440E}" = Kerio VPN Client
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Atheros Bluetooth Suite (64)
"{26784146-6E05-3FF9-9335-786C7C0FB5BE}" = Microsoft .NET Framework 4.5.2
"{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}" = iTunes
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{44302C2F-11BD-FC0C-555C-4A3616E8D927}" = ccc-utility64
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{538B98C3-773F-4F20-9C66-802D104DCBE2}" = Intel® Trusted Connect Service Client
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6096C0CC-7E19-4355-87F0-627EC5AA146D}" = iCloud
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}" = PaperPort Image Printer 64-bit
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.2
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}" = Apple Mobile Device Support
"{C2956908-53A3-88FC-B795-B16508296FC4}" = AMD Catalyst Install Manager
"{C9270CB8-7F02-D437-EF1D-3924DB369CFE}" = AMD AVIVO64 Codecs
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"6F64DF2E-3B8E-41DB-89E4-75BD3F370CDE_is1" = Cracked Steam
"Dell Support Center" = Dell Support Center
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00CC71D6-D10E-CD8C-9987-2B21CD89F3B8}" = CCC Help Korean
"{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}" = Scansoft PDF Professional
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
"{153286B6-8551-645B-B1AE-C90744899465}" = CCC Help Thai
"{1865CA20-6CA0-2B47-10FB-079D442A0AC4}" = CCC Help Czech
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FAC373D-3564-698C-520D-F0E5E5447514}" = Catalyst Control Center
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel® USB 3.0 eXtensible Host Controller Driver
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 6.22
"{2583CDBA-8A53-4622-BB67-1D163714C1B4}" = Python 3.4.2
"{26A24AE4-039D-4CA4-87B4-2F83218025F0}" = Java 8 Update 25
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Dell WLAN and Bluetooth Client Installation
"{28656860-4728-433C-8AD4-D1A930437BC8}" = Nuance PDF Viewer Plus
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2E2C9814-436A-A62D-65B4-5B282B2433E3}" = CCC Help Italian
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{34363EEA-096F-5942-7AB8-71035D22CBEF}" = CCC Help English
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}" = Brother MFL-Pro Suite HL-2280DW
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{41068A8C-3F30-46B6-978A-EA692F28D1AF}" = Multimedia Card Reader
"{4554C679-5E8A-736B-2077-BCB6FE44F444}" = CCC Help German
"{474DFABF-E55B-4905-ABAA-40791A6AC77F}" = Camtasia Studio 8
"{517FBD21-11B8-C5C6-A117-407A92ADBF21}" = CCC Help Greek
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{583D68F8-9D9A-76CB-DDCB-5B135CFA73C1}" = CCC Help Portuguese
"{5D9E8D1D-9C13-4EA3-2FBF-5BC16B309859}" = CCC Help Swedish
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{653C1B5A-3287-47B1-8613-0745D4E771C4}" = Kaspersky Internet Security
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}" = Nuance PaperPort 12
"{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1" = Gyazo 2.2
"{70F7F759-6F96-490A-7C83-87F7B3E6DE59}" = CCC Help Chinese Standard
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76BD5955-2A21-A049-4B25-241E107B5D1E}" = CCC Help Turkish
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A036E28-AE5C-4662-B24F-8D8B65116F3C}" = Catalyst Control Center - Branding
"{7EC66A95-AC2D-4127-940B-0445A526AB2F}" = Dell DataSafe Online
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{810ADC23-569C-EBB9-015F-DA6658FDC380}" = CCC Help Chinese Traditional
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}" = Apple Application Support
"{84F52EFF-C6BB-80E5-0294-3FF7927054E1}" = CCC Help Norwegian
"{856D3E24-0DB4-1C23-8196-3F899C866259}" = Catalyst Control Center Localization All
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8DED2990-A33F-E54F-7F8A-8B7622E19D0D}" = CCC Help Polish
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DEAF9B4-3967-DEC7-4721-2624D7A52330}" = CCC Help French
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A69F04D1-01E7-F06E-BD5C-AA5BB72A5124}" = CCC Help Japanese
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A80DB23D-0618-405B-89D9-28F99814E287}_is1" = AntiLogger Free version 1.8.2.16
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.09)
"{ADF06D43-D3D3-C38F-4627-177BAC9D4C76}" = CCC Help Spanish
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B9C42CED-B790-78F6-3C25-6C3EE07EE765}" = CCC Help Hungarian
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{CD144FE2-58C1-603B-9BD8-A39096D1D9A3}" = CCC Help Danish
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D5EB832B-F953-A1BC-B9B4-9EBEBD17D3FB}" = CCC Help Russian
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEFD0E9E-5A6D-34C8-8338-DF2E7770D0FA}" = CCC Help Finnish
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F47C37A4-7189-430A-B81D-739FF8A7A554}" = Consumer In-Home Service Agreement
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{F9145944-F223-777C-CBBE-FF35ED649ACE}" = CCC Help Dutch
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"FileZilla Client" = FileZilla Client 3.9.0.6
"Google Chrome" = Google Chrome
"InstallShield_{41068A8C-3F30-46B6-978A-EA692F28D1AF}" = Multimedia Card Reader
"InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}" = Kaspersky Internet Security
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.3.1025
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"Steam" = Steam
"TeamViewer 9" = TeamViewer 9
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 5.01 (32-bit)
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Bitcoin Core (64-bit)" = Bitcoin Core (64-bit)
"Flux" = f.lux
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 10/29/2014 8:55:01 PM | Computer Name = Snarpie-PC | Source = Application Error | ID = 1000
Description = Faulting application name: TBNotifier.exe, version: 31.10.3.0, time
stamp: 0x542f0232 Faulting module name: TBNotifier.exe, version: 31.10.3.0, time
stamp: 0x542f0232 Exception code: 0x40000015 Fault offset: 0x0011486c Faulting process
id: 0xfc4 Faulting application start time: 0x01cff3d2330842ed Faulting application
path: C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe Faulting
module path: C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
Report
Id: 601e7e56-5fcf-11e4-9535-6894230acb22
Error - 10/30/2014 4:57:42 PM | Computer Name = Snarpie-PC | Source = Application Error | ID = 1000
Description = Faulting application name: TBNotifier.exe, version: 31.10.3.0, time
stamp: 0x542f0232 Faulting module name: TBNotifier.exe, version: 31.10.3.0, time
stamp: 0x542f0232 Exception code: 0x40000015 Fault offset: 0x0011486c Faulting process
id: 0x19f0 Faulting application start time: 0x01cff47d41cabc43 Faulting application
path: C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe Faulting
module path: C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
Report
Id: 63739f03-6077-11e4-9535-6894230acb22
Error - 10/30/2014 5:43:26 PM | Computer Name = Snarpie-PC | Source = System Restore | ID = 8193
Description =
Error - 10/30/2014 5:43:27 PM | Computer Name = Snarpie-PC | Source = System Restore | ID = 8193
Description =
Error - 10/30/2014 7:33:51 PM | Computer Name = Snarpie-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 10/30/2014 7:33:51 PM | Computer Name = Snarpie-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 6927
Error - 10/30/2014 7:33:51 PM | Computer Name = Snarpie-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6927
Error - 10/31/2014 4:31:04 PM | Computer Name = Snarpie-PC | Source = System Restore | ID = 8193
Description =
Error - 10/31/2014 11:51:21 PM | Computer Name = Snarpie-PC | Source = Application Error | ID = 1000
Description = Faulting application name: TBNotifier.exe, version: 31.10.3.0, time
stamp: 0x542f0232 Faulting module name: TBNotifier.exe, version: 31.10.3.0, time
stamp: 0x542f0232 Exception code: 0x40000015 Fault offset: 0x0011486c Faulting process
id: 0xab8 Faulting application start time: 0x01cff57fcb27dd34 Faulting application
path: C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe Faulting
module path: C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
Report
Id: 576a742d-617a-11e4-9535-6894230acb22
Error - 11/1/2014 11:18:07 AM | Computer Name = Snarpie-PC | Source = Application Error | ID = 1000
Description = Faulting application name: TBNotifier.exe, version: 31.10.3.0, time
stamp: 0x542f0232 Faulting module name: TBNotifier.exe, version: 31.10.3.0, time
stamp: 0x542f0232 Exception code: 0x40000015 Fault offset: 0x0011486c Faulting process
id: 0x3fe4 Faulting application start time: 0x01cff5dfb3ebea3c Faulting application
path: C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe Faulting
module path: C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
Report
Id: 47ceae5f-61da-11e4-9535-6894230acb22
Error - 11/1/2014 11:32:33 AM | Computer Name = Snarpie-PC | Source = Brother BrLog | ID = 1001
Description = TWN BrtTWN: [2014/11/01 10:32:33.995]: [00011540]: BrStiIf: Escape
STIESCAPE_BIDIOPEN failed.
[ System Events ]
Error - 10/31/2014 4:20:02 PM | Computer Name = Snarpie-PC | Source = Server | ID = 2505
Description = The server could not bind to the transport \Device\NetBT_Tcpip_{9DA089A6-DC69-45BE-9F5C-85F0A9550596}
because another computer on the network has the same name. The server could not
start.
Error - 11/2/2014 7:36:32 PM | Computer Name = Snarpie-PC | Source = Service Control Manager | ID = 7034
Description = The BlueStacks Updater Service service terminated unexpectedly. It
has done this 1 time(s).
Error - 11/2/2014 8:10:55 PM | Computer Name = Snarpie-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
ttnfd
Error - 11/2/2014 8:11:29 PM | Computer Name = Snarpie-PC | Source = DCOM | ID = 10016
Description =
Error - 11/2/2014 8:11:41 PM | Computer Name = Snarpie-PC | Source = DCOM | ID = 10016
Description =
Error - 11/2/2014 10:57:23 PM | Computer Name = Snarpie-PC | Source = DCOM | ID = 10010
Description =
Error - 11/10/2014 10:14:55 PM | Computer Name = Snarpie-PC | Source = DCOM | ID = 10010
Description =
Error - 11/14/2014 5:10:32 AM | Computer Name = Snarpie-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
ttnfd
Error - 11/14/2014 5:11:12 AM | Computer Name = Snarpie-PC | Source = DCOM | ID = 10016
Description =
Error - 11/14/2014 5:11:18 AM | Computer Name = Snarpie-PC | Source = DCOM | ID = 10016
Description =
< End of report >
Log #2:
OTL logfile created on: 11/27/2014 11:33:42 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Snarpie\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17420)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
7.96 Gb Total Physical Memory | 5.05 Gb Available Physical Memory | 63.46% Memory free
15.92 Gb Paging File | 11.98 Gb Available in Paging File | 75.27% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 905.22 Gb Total Space | 845.39 Gb Free Space | 93.39% Space Free | Partition Type: NTFS
Drive D: | 416.80 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: SNARPIE-PC | User Name: Snarpie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/11/27 11:33:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Snarpie\Downloads\OTL.exe
PRC - [2014/11/25 00:39:27 | 000,856,904 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/11/18 14:23:36 | 001,519,808 | ---- | M] (Valve Corporation) -- c:\Program Files (x86)\Cracked Steam\bin\steamwebhelper.exe
PRC - [2014/11/18 14:23:34 | 001,940,160 | ---- | M] (Valve Corporation) -- c:\Program Files (x86)\Cracked Steam\Steam.exe
PRC - [2014/11/18 14:23:34 | 000,833,728 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2014/11/13 12:20:28 | 007,721,736 | ---- | M] (Zemana Ltd.) -- C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe
PRC - [2014/11/13 08:35:14 | 000,230,792 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
PRC - [2014/10/11 12:05:40 | 000,060,712 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
PRC - [2014/10/09 03:43:50 | 000,808,744 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\plugin-nm-server.exe
PRC - [2014/09/16 14:45:52 | 003,095,328 | ---- | M] (Nota Inc.) -- C:\Program Files (x86)\Gyazo\GyStation.exe
PRC - [2014/09/12 12:14:55 | 004,799,760 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
PRC - [2014/09/12 03:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/08/15 22:58:02 | 000,043,816 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
PRC - [2014/08/14 17:20:40 | 000,043,816 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
PRC - [2014/08/07 23:39:08 | 000,043,816 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
PRC - [2014/04/20 15:15:58 | 000,233,552 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
PRC - [2014/04/20 15:15:18 | 000,192,160 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe
PRC - [2014/04/20 00:41:10 | 000,359,104 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\klwtblfs.exe
PRC - [2014/04/11 23:08:08 | 000,103,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
PRC - [2013/10/23 16:39:14 | 001,017,224 | ---- | M] (Flux Software LLC) -- C:\Users\Snarpie\AppData\Local\FluxSoftware\Flux\flux.exe
PRC - [2013/08/14 15:45:20 | 001,474,560 | ---- | M] (Kerio Technologies Inc.) -- C:\Program Files (x86)\Kerio\VPN Client\kvpncgui.exe
PRC - [2013/08/14 15:45:18 | 001,376,256 | ---- | M] (Kerio Technologies Inc.) -- C:\Program Files (x86)\Kerio\VPN Client\kvpncsvc.exe
PRC - [2013/06/26 18:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2013/06/26 18:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2012/09/06 20:11:30 | 001,327,104 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
PRC - [2012/09/06 20:06:14 | 000,393,216 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
PRC - [2012/06/06 14:31:56 | 003,076,096 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
PRC - [2012/06/05 14:56:28 | 000,266,240 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Browny02\BrYNSvc.exe
PRC - [2012/02/17 00:33:34 | 000,291,608 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012/02/16 11:49:44 | 001,695,040 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2012/02/01 15:29:58 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2012/02/01 15:29:56 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2012/01/27 15:30:16 | 000,465,216 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
PRC - [2012/01/26 20:49:34 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
PRC - [2012/01/26 20:47:36 | 004,293,952 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
PRC - [2012/01/21 10:35:24 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2012/01/21 10:35:22 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2011/12/29 17:12:06 | 000,158,880 | ---- | M] (Atheros) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2011/12/26 19:53:00 | 000,076,960 | ---- | M] (Atheros) -- C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
PRC - [2010/11/20 21:24:03 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWOW64\cmd.exe
PRC - [2010/03/10 15:26:30 | 000,237,568 | ---- | M] (Alcor Micro Corp.) -- C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
PRC - [2010/03/08 23:42:02 | 000,029,984 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
PRC - [2010/03/08 23:40:36 | 000,144,672 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
PRC - [2010/03/05 19:11:30 | 000,636,192 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
PRC - [2009/05/05 15:06:06 | 000,222,496 | ---- | M] (Acresso Corporation) -- C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
========== Modules (No Company Name) ==========
MOD - [2014/11/25 00:39:25 | 014,910,280 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\PepperFlash\pepflashplayer.dll
MOD - [2014/11/25 00:39:24 | 009,009,480 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\pdf.dll
MOD - [2014/11/25 00:39:20 | 001,077,064 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libglesv2.dll
MOD - [2014/11/25 00:39:18 | 000,211,272 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libegl.dll
MOD - [2014/11/25 00:39:17 | 001,677,128 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\ffmpegsumo.dll
MOD - [2014/11/18 14:23:50 | 002,227,904 | ---- | M] () -- c:\Program Files (x86)\Cracked Steam\video.dll
MOD - [2014/11/18 14:23:34 | 000,690,880 | ---- | M] () -- c:\Program Files (x86)\Cracked Steam\bin\chromehtml.dll
MOD - [2014/11/14 03:15:59 | 000,489,472 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\510d3cca1455e91a81604f4781c4760c\IAStorUtil.ni.dll
MOD - [2014/11/14 03:11:32 | 000,774,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\875c35969785fa170d186e7ca546ac9e\System.Runtime.Remoting.ni.dll
MOD - [2014/11/11 12:48:12 | 001,171,456 | ---- | M] () -- c:\Program Files (x86)\Cracked Steam\libavcodec-56.dll
MOD - [2014/11/11 12:48:12 | 000,485,888 | ---- | M] () -- c:\Program Files (x86)\Cracked Steam\libswscale-3.dll
MOD - [2014/11/11 12:48:12 | 000,442,368 | ---- | M] () -- c:\Program Files (x86)\Cracked Steam\libavutil-54.dll
MOD - [2014/11/11 12:48:12 | 000,403,968 | ---- | M] () -- c:\Program Files (x86)\Cracked Steam\libavformat-56.dll
MOD - [2014/11/11 12:48:12 | 000,332,800 | ---- | M] () -- c:\Program Files (x86)\Cracked Steam\libavresample-2.dll
MOD - [2014/11/11 12:48:04 | 034,589,888 | ---- | M] () -- c:\Program Files (x86)\Cracked Steam\bin\libcef.dll
MOD - [2014/11/11 12:47:56 | 000,774,656 | ---- | M] () -- c:\Program Files (x86)\Cracked Steam\SDL2.dll
MOD - [2014/10/16 03:15:38 | 000,035,328 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
MOD - [2014/10/16 02:30:17 | 001,358,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\9c41049a9716f9c34e8dfad27ac45153\System.WorkflowServices.ni.dll
MOD - [2014/10/16 02:30:04 | 001,707,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\26e521624e8e8c879ac83245694d809a\System.ServiceModel.Web.ni.dll
MOD - [2014/10/16 02:30:02 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\3063abda312516739bc808360071bad9\System.Xml.Linq.ni.dll
MOD - [2014/10/16 02:29:26 | 002,297,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\e3641fa3359f37ad12c84183ce765093\System.Core.ni.dll
MOD - [2014/10/16 02:29:05 | 001,084,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\11295b4ad79dbeadee6c83ae45a8a07f\System.IdentityModel.ni.dll
MOD - [2014/10/16 02:29:04 | 002,347,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\b1e0939384cc320d6ac7b8921ccc2877\System.Runtime.Serialization.ni.dll
MOD - [2014/10/16 02:29:03 | 017,477,120 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\0d51a457c4cb85cd5ae8439094387ad3\System.ServiceModel.ni.dll
MOD - [2014/10/16 02:29:03 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\da4175d4363c1bcecb984a44cd53664f\SMDiagnostics.ni.dll
MOD - [2014/10/16 02:25:12 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7b22741531a2850c807656d0298a96bd\PresentationFramework.Aero.ni.dll
MOD - [2014/10/16 02:25:06 | 011,922,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\b4001d722e320fa42cd87b04b5249b2d\System.Web.ni.dll
MOD - [2014/10/16 02:24:54 | 014,340,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1f539baa94516139240877cb6afd72c2\PresentationFramework.ni.dll
MOD - [2014/10/16 02:24:45 | 012,435,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1453d9e9a4989833ef3db4b22549ba1a\System.Windows.Forms.ni.dll
MOD - [2014/10/16 02:24:41 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\836e10dfd0811b303553216f5cb092ef\System.Drawing.ni.dll
MOD - [2014/10/16 02:24:38 | 005,467,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49908aa93a23c84847b1f8b1b667860\System.Xml.ni.dll
MOD - [2014/10/16 02:24:36 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\237d509a79aeef6e4635b09450d98f2a\System.Configuration.ni.dll
MOD - [2014/10/16 02:24:35 | 012,236,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\3d4f835b8078dacc8d5da623e2c3f0ee\PresentationCore.ni.dll
MOD - [2014/10/16 02:24:25 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d97a5aa0eb7697aca7c6e90ae471af2b\WindowsBase.ni.dll
MOD - [2014/10/16 02:24:23 | 007,991,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\908ba9e296e92b4e14bdc2437edac603\System.ni.dll
MOD - [2014/10/11 12:05:58 | 001,044,776 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2014/09/12 05:41:00 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\26b50aa1e86a984a5c0d53f2bbf95798\IAStorCommon.ni.dll
MOD - [2014/09/12 05:33:38 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
MOD - [2014/07/31 11:16:44 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/05/24 10:41:24 | 000,892,416 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
MOD - [2014/05/24 10:41:24 | 000,091,648 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
MOD - [2012/01/26 20:49:34 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
MOD - [2009/02/27 15:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
========== Services (SafeList) ==========
SRV:64bit: - [2014/11/05 21:30:08 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/05/26 23:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/01/10 20:01:52 | 000,627,936 | ---- | M] (Intel® Corporation) [Auto | Running] -- c:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2011/10/26 13:01:00 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\WINDOWS\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2014/11/18 14:23:34 | 000,833,728 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014/09/12 12:14:55 | 004,799,760 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
SRV - [2014/09/12 03:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/04/20 15:15:58 | 000,233,552 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe -- (AVP15.0.0)
SRV - [2014/04/11 23:08:08 | 000,103,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2014/04/03 19:21:48 | 000,315,008 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014/03/20 16:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013/08/14 15:45:18 | 001,376,256 | ---- | M] (Kerio Technologies Inc.) [Auto | Running] -- C:\Program Files (x86)\Kerio\VPN Client\kvpncsvc.exe -- (KVPNCSvc)
SRV - [2013/06/26 18:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2013/06/26 18:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2012/06/05 14:56:28 | 000,266,240 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Running] -- C:\Program Files (x86)\Browny02\BrYNSvc.exe -- (BrYNSvc)
SRV - [2012/02/16 11:49:44 | 001,695,040 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2012/02/01 15:29:58 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2012/01/21 10:35:24 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/01/21 10:35:22 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011/12/29 17:12:06 | 000,158,880 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt&Wlan Coex Agent)
SRV - [2011/12/29 16:53:48 | 000,106,144 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2011/12/26 19:53:00 | 000,076,960 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe -- (ZAtheros Wlan Agent)
SRV - [2010/08/25 19:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)
SRV - [2010/03/08 23:40:36 | 000,144,672 | ---- | M] (Nuance Communications, Inc.) [Auto | Running] -- C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe -- (PDFProFiltSrvPP)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014/11/13 12:20:26 | 000,071,400 | ---- | M] (Zemana Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\KeyCrypt64.sys -- (keycrypt)
DRV:64bit: - [2014/10/09 03:44:10 | 000,793,800 | ---- | M] (Kaspersky Lab ZAO) [File_System | System | Running] -- C:\WINDOWS\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2014/10/09 03:44:10 | 000,141,320 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\klflt.sys -- (klflt)
DRV:64bit: - [2014/07/28 13:52:00 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2014/07/28 08:06:24 | 000,049,264 | ---- | M] (Visicom Media Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\mcvidrv.sys -- (ManyCam)
DRV:64bit: - [2014/05/13 07:21:18 | 000,035,440 | ---- | M] (Visicom Media Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\mcaudrv_x64.sys -- (mcaudrv_simple)
DRV:64bit: - [2014/04/10 16:25:34 | 000,243,808 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\klhk.sys -- (klhk)
DRV:64bit: - [2014/03/28 16:51:04 | 000,028,768 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\klkbdflt.sys -- (klkbdflt)
DRV:64bit: - [2014/03/26 16:05:28 | 000,179,296 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\kneps.sys -- (kneps)
DRV:64bit: - [2014/03/25 15:26:04 | 000,055,904 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\kltdi.sys -- (kltdi)
DRV:64bit: - [2014/02/25 12:09:02 | 000,030,304 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2014/02/20 11:59:04 | 000,457,824 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\kl1.sys -- (kl1)
DRV:64bit: - [2013/10/17 09:32:56 | 000,035,112 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\teamviewervpn.sys -- (teamviewervpn)
DRV:64bit: - [2013/08/14 15:27:32 | 000,030,208 | ---- | M] (Kerio Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\kvnet.sys -- (kvnet)
DRV:64bit: - [2013/08/08 16:11:00 | 000,029,280 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2013/06/26 18:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2013/06/26 18:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2013/06/26 18:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2013/06/26 18:21:44 | 000,767,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2013/04/12 14:34:48 | 000,015,456 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\klpd.sys -- (klpd)
DRV:64bit: - [2013/02/09 00:45:38 | 000,036,736 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2012/10/04 13:55:35 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/10/04 13:55:30 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/10/04 13:55:30 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/02/01 17:16:40 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2012/01/27 01:39:34 | 000,787,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012/01/27 01:39:34 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012/01/27 01:39:34 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2011/12/29 17:02:50 | 000,548,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2011/12/29 17:02:24 | 000,280,992 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2011/12/29 17:02:12 | 000,068,256 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2011/12/29 17:01:42 | 000,167,584 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2011/12/29 17:01:24 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2011/12/29 17:01:12 | 000,030,368 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2011/12/29 17:00:54 | 000,110,752 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2011/12/29 17:00:42 | 000,338,592 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2011/12/13 10:32:22 | 002,797,056 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011/12/06 05:23:08 | 000,331,264 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011/11/24 01:02:20 | 000,648,808 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/11/10 19:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011/10/26 14:05:12 | 010,496,512 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/10/26 12:22:00 | 000,326,656 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/10/18 04:40:50 | 000,093,712 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010/11/20 21:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 21:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 21:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 18:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 18:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2009/07/13 18:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/07/13 18:01:09 | 000,679,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\xnacc.sys -- (xnacc)
DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2006/11/01 03:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {67982285-E19F-4CE1-9BFD-A28F31AB4294}
IE:64bit: - HKLM\..\SearchScopes\{67982285-E19F-4CE1-9BFD-A28F31AB4294}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {67982285-E19F-4CE1-9BFD-A28F31AB4294}
IE - HKLM\..\SearchScopes\{67982285-E19F-4CE1-9BFD-A28F31AB4294}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/USCON/1
IE - HKCU\..\SearchScopes,DefaultScope = {67982285-E19F-4CE1-9BFD-A28F31AB4294}
IE - HKCU\..\SearchScopes\{67982285-E19F-4CE1-9BFD-A28F31AB4294}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: support%40real-hide-ip.com:1.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:32.0.3
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.25.2: C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2: C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@kaspersky.com/content_blocker: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\[email protected] [2014/10/09 03:44:14 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@kaspersky.com/online_banking: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\[email protected] [2014/10/09 03:44:14 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@kaspersky.com/virtual_keyboard: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\[email protected] [2014/10/09 03:44:14 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\[email protected] [2014/10/09 03:44:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\[email protected] [2014/10/09 03:44:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\[email protected] [2014/10/09 03:44:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\[email protected] [2014/10/09 03:44:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\[email protected] [2014/10/09 03:44:14 | 000,000,000 | ---D | M]
[2014/09/20 17:23:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Snarpie\AppData\Roaming\mozilla\Extensions
[2014/10/11 20:22:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Snarpie\AppData\Roaming\mozilla\Firefox\Profiles\2wvl8fc2.default\extensions
[2014/10/11 19:47:40 | 000,004,527 | ---- | M] () (No name found) -- C:\Users\Snarpie\AppData\Roaming\mozilla\firefox\profiles\2wvl8fc2.default\extensions\[email protected]
[2014/10/09 03:44:14 | 000,000,000 | ---D | M] (Chặn quảng cáo) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 15.0.0\FFEXT\[email protected]
[2014/10/09 03:44:14 | 000,000,000 | ---D | M] (Ngăn chặn trang web nguy hiểm) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 15.0.0\FFEXT\[email protected]
[2014/10/09 03:44:14 | 000,000,000 | ---D | M] (An toàn giao dịch tài chính) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 15.0.0\FFEXT\[email protected]
[2014/10/09 03:44:14 | 000,000,000 | ---D | M] (Công cụ kiểm tra liên kết của Kaspersky) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 15.0.0\FFEXT\[email protected]
[2014/10/09 03:44:14 | 000,000,000 | ---D | M] (Bàn phím ảo) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 15.0.0\FFEXT\[email protected]
========== Chrome ==========
CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Snarpie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.8_0\
CHR - Extension: No name found = C:\Users\Snarpie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: No name found = C:\Users\Snarpie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\Snarpie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: No name found = C:\Users\Snarpie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\Snarpie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.7_0\
CHR - Extension: No name found = C:\Users\Snarpie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\Snarpie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho\4.0.9.130_0\
CHR - Extension: No name found = C:\Users\Snarpie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.0_0\
CHR - Extension: No name found = C:\Users\Snarpie\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg\1.4.1_0\
CHR - Extension: No name found = C:\Users\Snarpie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfmkllfplegemejikoabfpjdaoncphip\1.2_0\
CHR - Extension: No name found = C:\Users\Snarpie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: No name found = C:\Users\Snarpie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\Snarpie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2014/09/05 20:30:44 | 000,000,992 | ---- | M]) - C:\WINDOWS\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 http://www.virustotal.com
O1 - Hosts: 127.0.0.1 http://www.vscan.novirusthanks.org
O1 - Hosts: 127.0.0.1 http://www.virusscan.jotti.org
O1 - Hosts: 127.0.0.1 http://www.metascan-online.com/
O2:64bit: - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (PlusIEEventHelper Class) - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\bin\PlusIEContextMenu.dll (Zeon Corporation)
O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe (Atheros Commnucations)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" File not found
O4 - HKLM..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [IndexSearch] C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [Kepard] "C:\Program Files (x86)\Kepard\Kepard.exe" tray File not found
O4 - HKLM..\Run: [Kerio VPN Client] C:\Program Files (x86)\Kerio\VPN Client\kvpncgui.exe (Kerio Technologies Inc.)
O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDF5 Registry Controller] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDFHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PPort12reminder] C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe (Alcor Micro Corp.)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKLM..\Run: [ZALFree] C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe (Zemana Ltd.)
O4 - HKCU..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKCU..\Run: [Cracked Steam Service] C:\Program Files (x86)\Cracked Steam\Cracked Steam.exe (Anti-Valve Software )
O4 - HKCU..\Run: [f.lux] C:\Users\Snarpie\AppData\Local\FluxSoftware\Flux\flux.exe (Flux Software LLC)
O4 - HKCU..\Run: [Free Multi Skype Launcher.exe] C:\Program Files (x86)\Media Freeware\Free Multi Skype Launcher\Free Multi Skype Launcher.exe File not found
O4 - HKCU..\Run: [GoogleChromeAutoLaunch_727C97B3280FDFD715E74E0C0EDA45CF] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKCU..\Run: [Gyazo] C:\Program Files (x86)\Gyazo\GyStation.exe (Nota Inc.)
O4 - HKCU..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe (Apple Inc.)
O4 - HKCU..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKCU..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKCU..\Run: [Windows Defender] C:\Users\Snarpie\AppData\Local\Temp\MSASCui.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\ie_banner_deny.htm ()
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\ie_banner_deny.htm ()
O9:64bit: - Extra Button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8 8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9DA089A6-DC69-45BE-9F5C-85F0A9550596}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9EA8E74E-7B7F-4CA9-8AD5-C234E2C6588B}: DhcpNameServer = 8.8.8.8 8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DBE8CF88-A13F-425A-A2CC-E5CCD1A57808}: DhcpNameServer = 172.27.120.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F691932C-1688-49C1-BC5F-D62872AECDD2}: NameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KEYCRY~1\KE6D28~1.DLL) - C:\Program Files (x86)\KeyCryptSDK\KeyCrypt64(2).dll (Zemana Ltd.)
O20 - AppInit_DLLs: (C:\PROGRA~2\KEYCRY~1\KE50FD~1.DLL) - C:\Program Files (x86)\KeyCryptSDK\KeyCrypt32(2).dll (Zemana Ltd.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\avcenter.exe: Debugger - nsjw.exe File not found
O27:64bit: - HKLM IFEO\avguard.exe: Debugger - nsjw.exe File not found
O27:64bit: - HKLM IFEO\bdagent.exe: Debugger - nsjw.exe File not found
O27:64bit: - HKLM IFEO\ccuac.exe: Debugger - nsjw.exe File not found
O27:64bit: - HKLM IFEO\ComboFix.exe: Debugger - nsjw.exe File not found
O27:64bit: - HKLM IFEO\egui.exe: Debugger - nsjw.exe File not found
O27:64bit: - HKLM IFEO\hijackthis.exe: Debugger - nsjw.exe File not found
O27:64bit: - HKLM IFEO\keyscrambler.exe: Debugger - nsjw.exe File not found
O27:64bit: - HKLM IFEO\mbam.exe: Debugger - nsjw.exe File not found
O27:64bit: - HKLM IFEO\MpCmdRun.exe: Debugger - nsjw.exe File not found
O27:64bit: - HKLM IFEO\MSASCui.exe: Debugger - nsjw.exe File not found
O27:64bit: - HKLM IFEO\MsMpEng.exe: Debugger - nsjw.exe File not found
O27:64bit: - HKLM IFEO\msseces.exe: Debugger - nsjw.exe File not found
O27:64bit: - HKLM IFEO\spybotsd.exe: Debugger - nsjw.exe File not found
O27:64bit: - HKLM IFEO\wireshark.exe: Debugger - nsjw.exe File not found
O27:64bit: - HKLM IFEO\zlclient.exe: Debugger - nsjw.exe File not found
O27 - HKLM IFEO\avcenter.exe: Debugger - nsjw.exe File not found
O27 - HKLM IFEO\avguard.exe: Debugger - nsjw.exe File not found
O27 - HKLM IFEO\bdagent.exe: Debugger - nsjw.exe File not found
O27 - HKLM IFEO\ccuac.exe: Debugger - nsjw.exe File not found
O27 - HKLM IFEO\ComboFix.exe: Debugger - nsjw.exe File not found
O27 - HKLM IFEO\egui.exe: Debugger - nsjw.exe File not found
O27 - HKLM IFEO\hijackthis.exe: Debugger - nsjw.exe File not found
O27 - HKLM IFEO\keyscrambler.exe: Debugger - nsjw.exe File not found
O27 - HKLM IFEO\mbam.exe: Debugger - nsjw.exe File not found
O27 - HKLM IFEO\MpCmdRun.exe: Debugger - nsjw.exe File not found
O27 - HKLM IFEO\MSASCui.exe: Debugger - nsjw.exe File not found
O27 - HKLM IFEO\MsMpEng.exe: Debugger - nsjw.exe File not found
O27 - HKLM IFEO\msseces.exe: Debugger - nsjw.exe File not found
O27 - HKLM IFEO\spybotsd.exe: Debugger - nsjw.exe File not found
O27 - HKLM IFEO\wireshark.exe: Debugger - nsjw.exe File not found
O27 - HKLM IFEO\zlclient.exe: Debugger - nsjw.exe File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/10/19 23:14:28 | 000,000,043 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{187b88c8-0e5e-11e2-bfbb-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{187b88c8-0e5e-11e2-bfbb-806e6f6e6963}\Shell\AutoRun\command - "" = D:\start.exe -- [2010/02/24 23:41:20 | 001,912,336 | R--- | M] (Macromedia, Inc.)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/11/27 11:03:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/11/27 11:03:21 | 000,093,400 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/11/27 11:03:21 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/11/27 11:03:21 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/11/27 11:03:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/11/27 11:03:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/11/27 10:56:39 | 000,000,000 | R--D | C] -- C:\Users\Snarpie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2014/11/27 10:36:02 | 000,000,000 | ---D | C] -- C:\2ceb4acb00a89fd53de0bec602
[2014/11/27 10:35:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/11/27 10:35:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2014/11/27 10:17:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2014/11/27 10:17:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2014/11/27 10:15:15 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2014/11/27 10:14:21 | 000,000,000 | ---D | C] -- C:\AMD
[2014/11/26 23:10:09 | 000,000,000 | -HSD | C] -- C:\Users\Snarpie\AppData\Local\EmieBrowserModeList
[2014/11/26 20:58:46 | 000,000,000 | ---D | C] -- C:\Users\Snarpie\AppData\Local\143VPN
[2014/11/26 20:55:45 | 000,036,736 | ---- | C] (The OpenVPN Project) -- C:\Windows\SysNative\drivers\tap0901.sys
[2014/11/26 20:55:45 | 000,000,000 | ---D | C] -- C:\Users\Snarpie\Desktop\143vpnclient
[2014/11/22 14:38:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
[2014/11/22 14:38:44 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1995-08.com.techsmith
[2014/11/22 14:38:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\TechSmith Shared
[2014/11/22 14:38:35 | 000,000,000 | ---D | C] -- C:\ProgramData\TechSmith
[2014/11/22 14:38:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TechSmith
[2014/11/21 15:55:07 | 000,000,000 | ---D | C] -- C:\Users\Snarpie\Desktop\COC SERVER
[2014/11/09 20:30:03 | 000,000,000 | ---D | C] -- C:\Users\Snarpie\Desktop\PhonePics2
[2014/11/02 19:22:40 | 000,000,000 | ---D | C] -- C:\Users\Snarpie\Desktop\profile
[2014/11/02 17:48:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Paessler
[2014/11/02 17:48:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Logs
[2014/11/02 17:48:20 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2014/11/02 17:48:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Licenses
[2014/11/02 17:47:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PRTG Network Monitor
[2014/11/01 10:37:52 | 000,000,000 | ---D | C] -- C:\Users\Snarpie\AppData\Local\SolarWinds
[2014/11/01 10:37:47 | 000,000,000 | ---D | C] -- C:\ProgramData\SolarWinds
[2014/10/31 14:50:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Reprise
[2014/10/31 14:50:19 | 000,000,000 | ---D | C] -- C:\Users\Snarpie\Documents\faceshift
[2014/10/31 14:50:19 | 000,000,000 | ---D | C] -- C:\Users\Snarpie\AppData\Roaming\faceshift
[2014/10/30 15:39:56 | 000,000,000 | ---D | C] -- C:\Users\Snarpie\AppData\Roaming\Wireshark
[2014/10/30 15:36:49 | 000,000,000 | ---D | C] -- C:\Program Files\Wireshark
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/11/27 11:07:28 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2014/11/27 10:55:40 | 000,028,352 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/11/27 10:55:40 | 000,028,352 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/11/27 10:52:41 | 000,783,424 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/11/27 10:52:41 | 000,662,836 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/11/27 10:52:41 | 000,122,446 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/11/27 10:47:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/11/27 10:47:23 | 2116,784,127 | -HS- | M] () -- C:\hiberfil.sys
[2014/11/27 10:40:47 | 000,775,546 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/11/26 15:56:09 | 000,282,688 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/11/21 15:19:52 | 000,000,632 | RHS- | M] () -- C:\Users\Snarpie\ntuser.pol
[2014/11/13 12:20:26 | 000,071,400 | ---- | M] (Zemana Ltd.) -- C:\Windows\SysNative\drivers\KeyCrypt64.sys
[2014/11/13 08:35:26 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cfff4f106f42ad.job
[2014/11/13 08:35:26 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cfec5351980ce7.job
[2014/11/02 17:48:18 | 000,001,024 | ---- | M] () -- C:\.rnd
[2014/11/01 09:58:30 | 000,000,397 | ---- | M] () -- C:\Users\Snarpie\AppData\Roaming\DataAccounts.xml
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/11/27 10:17:20 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2014/11/27 09:44:32 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2014/11/13 08:35:26 | 000,000,894 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cfff4f106f42ad.job
[2014/11/04 19:23:53 | 000,000,632 | RHS- | C] () -- C:\Users\Snarpie\ntuser.pol
[2014/11/02 17:48:18 | 000,001,024 | ---- | C] () -- C:\.rnd
[2014/09/15 14:30:17 | 000,000,397 | ---- | C] () -- C:\Users\Snarpie\AppData\Roaming\DataAccounts.xml
[2014/09/08 18:59:42 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\BRTCPCON.DLL
[2014/09/08 18:59:36 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\BRLMW03A.INI
[2014/09/07 12:15:16 | 000,041,836 | ---- | C] () -- C:\Users\Snarpie\AppData\Roaming\msconfig.ini
========== ZeroAccess Check ==========
[2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\WINDOWS\SysNative\shell32.dll -- [2014/06/24 20:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/06/24 19:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\WINDOWS\SysNative\wbem\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 21:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\WINDOWS\SysNative\wbem\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2014/11/27 01:34:51 | 000,000,000 | ---D | M] -- C:\Users\Snarpie\AppData\Roaming\.minecraft
[2014/11/27 00:12:36 | 000,000,000 | ---D | M] -- C:\Users\Snarpie\AppData\Roaming\Bitcoin
[2014/11/01 09:42:25 | 000,000,000 | ---D | M] -- C:\Users\Snarpie\AppData\Roaming\ControlCenter4
[2014/10/20 11:04:54 | 000,000,000 | ---D | M] -- C:\Users\Snarpie\AppData\Roaming\Dropbox
[2014/10/31 14:50:19 | 000,000,000 | ---D | M] -- C:\Users\Snarpie\AppData\Roaming\faceshift
[2014/11/22 16:21:58 | 000,000,000 | ---D | M] -- C:\Users\Snarpie\AppData\Roaming\FileZilla
[2014/11/27 09:38:49 | 000,000,000 | ---D | M] -- C:\Users\Snarpie\AppData\Roaming\GHISLER
[2014/10/04 16:24:33 | 000,000,000 | ---D | M] -- C:\Users\Snarpie\AppData\Roaming\Gyazo
[2014/10/17 20:56:44 | 000,000,000 | ---D | M] -- C:\Users\Snarpie\AppData\Roaming\Kerio
[2014/10/08 20:13:19 | 000,000,000 | ---D | M] -- C:\Users\Snarpie\AppData\Roaming\LolClient
[2014/09/15 14:09:53 | 000,000,000 | ---D | M] -- C:\Users\Snarpie\AppData\Roaming\Media Freeware
[2014/10/04 19:17:02 | 000,000,000 | ---D | M] -- C:\Users\Snarpie\AppData\Roaming\MultiForce Backup
[2014/09/08 18:57:52 | 000,000,000 | ---D | M] -- C:\Users\Snarpie\AppData\Roaming\Nuance
[2014/11/27 00:13:30 | 000,000,000 | ---D | M] -- C:\Users\Snarpie\AppData\Roaming\OmniCoin
[2014/10/18 17:43:42 | 000,000,000 | ---D | M] -- C:\Users\Snarpie\AppData\Roaming\PDAppFlex
[2014/10/08 15:38:08 | 000,000,000 | ---D | M] -- C:\Users\Snarpie\AppData\Roaming\Riot Games
[2014/11/27 09:58:18 | 000,000,000 | ---D | M] -- C:\Users\Snarpie\AppData\Roaming\SoftGrid Client
[2014/09/06 11:18:38 | 000,000,000 | ---D | M] -- C:\Users\Snarpie\AppData\Roaming\TechSmith
[2014/09/16 16:52:30 | 000,000,000 | ---D | M] -- C:\Users\Snarpie\AppData\Roaming\TP
[2014/10/23 17:02:33 | 000,000,000 | ---D | M] -- C:\Users\Snarpie\AppData\Roaming\uTorrent
[2014/10/30 15:39:56 | 000,000,000 | ---D | M] -- C:\Users\Snarpie\AppData\Roaming\Wireshark
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 464 bytes -> C:\ProgramData\TEMP:9A870F8B
< End of report >
I'd appreciate help!