Hello there,
Well my computer started to slow down/lag not sure why so i need to do a check-up please for my pc if possible please.
Here is the OTL Log.
OTL logfile created on: 12/7/2014 6:29:38 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Fadod\Downloads
64bit- Enterprise Edition (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16384)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.04 Gb Available Physical Memory | 52.14% Memory free
4.27 Gb Paging File | 2.48 Gb Available in Paging File | 58.20% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97.31 Gb Total Space | 3.65 Gb Free Space | 3.75% Space Free | Partition Type: NTFS
Drive D: | 200.43 Gb Total Space | 74.12 Gb Free Space | 36.98% Space Free | Partition Type: NTFS
Computer Name: FADY | User Name: Fadod | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Fadod\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Users\Fadod\AppData\Local\Skillbrains\lightshot\5.1.4.41\Lightshot.exe (Skillbrains)
PRC - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe (BlueStack Systems, Inc.)
PRC - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.)
PRC - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\netcut\services\aips.exe (Arcai.com)
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\ffmpegsumo.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV:64bit: - (SbieSvc) -- C:\Program Files\Sandboxie\SbieSvc.exe (Sandboxie Holdings, LLC)
SRV:64bit: - (VsEtwService120) -- C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe (Microsoft Corporation)
SRV:64bit: - (c2wts) -- C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV - (Origin Client Service) -- D:\Programs\Origin\OriginClientService.exe (Electronic Arts)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (MBAMService) -- D:\Programs\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- D:\Programs\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (BstHdUpdaterSvc) -- C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe (BlueStack Systems, Inc.)
SRV - (BstHdLogRotatorSvc) -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.)
SRV - (BstHdAndroidSvc) -- C:\Program Files (x86)\BlueStacks\HD-Service.exe (BlueStack Systems, Inc.)
SRV - (TeamViewer9) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Te.Service) -- C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe (Microsoft Corporation)
SRV - (fussvc) -- C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe (Microsoft Corporation)
SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (AIPS) -- C:\Program Files (x86)\netcut\services\aips.exe (Arcai.com)
========== Driver Services (SafeList) ==========
DRV:64bit: - (MBAMWebAccessControl) -- C:\Windows\SysNative\Drivers\mwac.sys (Malwarebytes Corporation)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\Drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (tapSF0901) -- C:\Windows\SysNative\Drivers\tapSF0901.sys (Spotflux, Inc.)
DRV:64bit: - (ManyCam) -- C:\Windows\SysNative\Drivers\mcvidrv.sys (Visicom Media Inc.)
DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\Drivers\VBoxNetAdp.sys (Oracle Corporation)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\Drivers\dtsoftbus01.sys (Disc Soft Ltd)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\Drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\Drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (AODDriver4.3) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys (Advanced Micro Devices)
DRV:64bit: - (SbieDrv) -- C:\Program Files\Sandboxie\SbieDrv.sys (Sandboxie Holdings, LLC)
DRV:64bit: - (NuidFltr) -- C:\Windows\SysNative\Drivers\nuidfltr.sys (Microsoft Corporation)
DRV:64bit: - (dc3d) -- C:\Windows\SysNative\Drivers\dc3d.sys (Microsoft Corporation)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\Drivers\AtihdW86.sys (Advanced Micro Devices)
DRV:64bit: - (mcaudrv_simple) -- C:\Windows\SysNative\Drivers\mcaudrv_x64.sys (Visicom Media Inc.)
DRV:64bit: - (AU8168) -- C:\Windows\SysNative\Drivers\au630x64.sys (Realtek )
DRV:64bit: - (tap0901) -- C:\Windows\SysNative\Drivers\tap0901.sys (The OpenVPN Project)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\Drivers\ASACPI.sys ()
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\Drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (NPF) -- C:\Windows\SysNative\Drivers\npf.sys (Riverbed Technology, Inc.)
DRV:64bit: - (amdkmafd) -- C:\Windows\SysNative\Drivers\amdkmafd.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\Drivers\usbfilter.sys (Advanced Micro Devices)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\Drivers\Synth3dVsc.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (Vid) -- C:\Windows\SysNative\Drivers\Vid.sys (Microsoft Corporation)
DRV:64bit: - (storvsp) -- C:\Windows\SysNative\Drivers\storvsp.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (vmbusr) -- C:\Windows\SysNative\Drivers\vmbusr.sys (Microsoft Corporation)
DRV:64bit: - (vpcivsp) -- C:\Windows\SysNative\Drivers\vpcivsp.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (tsusbhub) -- C:\Windows\SysNative\Drivers\tsusbhub.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (RTL8168) -- C:\Windows\SysNative\Drivers\Rt630x64.sys (Realtek )
DRV:64bit: - (netr28ux) -- C:\Windows\SysNative\Drivers\netr28ux.sys (Ralink Technology Corp.)
DRV:64bit: - (tapoas) -- C:\Windows\SysNative\Drivers\tapoas.sys (The OpenVPN Project)
DRV:64bit: - (UnlockerDriver5) -- C:\Program Files\Unlocker\UnlockerDriver5.sys ()
DRV:64bit: - (ScreamBAudioSvc) -- C:\Windows\SysNative\Drivers\ScreamingBAudio64.sys (Screaming Bee LLC)
DRV:64bit: - (ElRawDisk) -- C:\Windows\SysNative\Drivers\rsdrvx64.sys (EldoS Corporation)
DRV - (BstHdDrv) -- C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys (BlueStack Systems)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,DefaultNetProfile = 94556222
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,DefaultNetworkProfile = 94561153
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US,en;q=0.8,ar-EG;q=0.5,ar;q=0.3
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 3A 7D AD 09 39 5E CF 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local;<local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = socks=187.94.99.197:1080
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: linkgopher%40oooninja.com:1.3.3
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:33.1.1
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.5.1: C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Programs\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.3.0: C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.5.1: C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.71.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Program Files (x86)\DAP\daplinkchecker [2014/05/11 13:25:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 33.1.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 33.1.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2014/01/24 01:39:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fadod\AppData\Roaming\Mozilla\Extensions
[2014/01/24 01:39:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fadod\AppData\Roaming\Mozilla\Extensions\net.openvpn.client
[2014/11/20 18:12:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fadod\AppData\Roaming\Mozilla\Firefox\Profiles\nplx9b8a.default\extensions
[2014/10/02 13:03:42 | 000,026,646 | ---- | M] () (No name found) -- C:\Users\Fadod\AppData\Roaming\Mozilla\Firefox\Profiles\nplx9b8a.default\extensions\
[email protected]
[2014/11/20 18:12:44 | 000,979,699 | ---- | M] () (No name found) -- C:\Users\Fadod\AppData\Roaming\Mozilla\Firefox\Profiles\nplx9b8a.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014/10/02 13:01:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/11/23 09:45:10 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
========== Chrome ==========
CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Fadod\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\2.0.0_0\
CHR - Extension: No name found = C:\Users\Fadod\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: No name found = C:\Users\Fadod\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1\
CHR - Extension: No name found = C:\Users\Fadod\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: No name found = C:\Users\Fadod\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\
CHR - Extension: No name found = C:\Users\Fadod\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1\
CHR - Extension: No name found = C:\Users\Fadod\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\2.1.0.1_0\
CHR - Extension: No name found = C:\Users\Fadod\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.14.4_0\
CHR - Extension: No name found = C:\Users\Fadod\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp\6.1.0_0\
CHR - Extension: No name found = C:\Users\Fadod\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
CHR - Extension: No name found = C:\Users\Fadod\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\
O1 HOSTS File: ([2014/06/13 14:31:41 | 000,000,893 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O1 - Hosts: 127.0.0.1 ads.adk2.com
O1 - Hosts: 127.0.0.1 s.m2pub.com
O1 - Hosts: 127.0.0.1 www.w3.org
O2 - BHO: (Microsoft Web Test Recorder 12.0 Helper) - {432dd630-7e03-4c97-9d62-b99f52df4fc2} - D:\Programs\Visual Studio Ultimate 2013\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (SpeedBit Link Verification Helper) - {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} - C:\Program Files (x86)\DAP\LinkVerifier.dll (Speedbit Ltd.)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Fadod\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] D:\Programs\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKCU..\Run: [LightShot] C:\Users\Fadod\AppData\Local\Skillbrains\lightshot\Lightshot.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: &Download with &DAP - C:\Program Files (x86)\DAP\dapextie.htm ()
O8:64bit: - Extra context menu item: &Verify with DAP - C:\Program Files (x86)\DAP\dapverify.htm ()
O8:64bit: - Extra context menu item: Download &all with DAP - C:\Program Files (x86)\DAP\dapextie2.htm ()
O8 - Extra context menu item: &Download with &DAP - C:\Program Files (x86)\DAP\dapextie.htm ()
O8 - Extra context menu item: &Verify with DAP - C:\Program Files (x86)\DAP\dapverify.htm ()
O8 - Extra context menu item: Download &all with DAP - C:\Program Files (x86)\DAP\dapextie2.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 7.254.254.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{04FC5572-248E-495D-9BF8-53E12CF7D1BC}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3B0CF3DB-6CF9-4DA3-9145-7ADF8F385CD1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4B3D1CBE-8213-4686-8876-2EAAB7CC559E}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6C792C2B-6003-4A4E-BEFC-9693831B1051}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9374268F-5B09-46C9-A79C-876BD0CBCBC9}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A0931231-BA64-41F9-B86A-1B4E293A365C}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BB84026E-E7BE-4699-AE2C-E3CC7F5E1236}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D62002D3-FFFD-4CDF-A530-C6CA1F7F947B}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F2544B34-168D-46C1-B82E-93C5BA379E16}: DhcpNameServer = 62.240.110.198 62.240.110.197
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FC42E50B-47EB-487A-96F2-B3AFBF4600D9}: NameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{93702667-f67d-11e3-bece-485b3976fdd0}\Shell - "" = AutoRun
O33 - MountPoints2\{93702667-f67d-11e3-bece-485b3976fdd0}\Shell\AutoRun\command - "" = "F:\Windows/Install.exe"
O33 - MountPoints2\{968a05f6-ebfb-11e3-beb6-485b3976fdd0}\Shell - "" = AutoRun
O33 - MountPoints2\{968a05f6-ebfb-11e3-beb6-485b3976fdd0}\Shell\AutoRun\command - "" = "F:\Windows/Install.exe"
O33 - MountPoints2\{cfab77f5-7758-11e3-be66-485b3976fdd0}\Shell - "" = AutoRun
O33 - MountPoints2\{cfab77f5-7758-11e3-be66-485b3976fdd0}\Shell\AutoRun\command - "" = "H:\Windows/Install.exe"
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = "H:\Windows/Install.exe"
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (bootdelete)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/12/07 18:13:31 | 000,000,000 | ---D | C] -- C:\Users\Fadod\AppData\Local\AutoIt v3
[2014/12/07 14:19:22 | 000,000,000 | ---D | C] -- C:\Users\Fadod\Documents\7 Days To Die
[2014/12/06 22:16:49 | 000,031,232 | ---- | C] (Tunngle.net) -- C:\Windows\SysNative\drivers\tap0901t.sys
[2014/12/06 22:16:49 | 000,000,000 | ---D | C] -- C:\Users\Fadod\Documents\Tunngle
[2014/12/06 22:16:49 | 000,000,000 | ---D | C] -- C:\Users\Fadod\AppData\Roaming\Tunngle
[2014/12/05 23:02:03 | 000,000,000 | ---D | C] -- C:\Users\Fadod\AppData\Local\Spitefulv2
[2014/12/05 20:25:44 | 000,000,000 | ---D | C] -- C:\Users\Fadod\Documents\JoWooD
[2014/12/03 17:59:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Nexon
[2014/12/03 07:19:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon
[2014/12/03 07:14:12 | 000,000,000 | ---D | C] -- C:\ProgramData\NexonEU
[2014/12/02 17:35:28 | 000,000,000 | ---D | C] -- C:\Users\Fadod\AppData\Local\Gameforge4d
[2014/12/02 17:35:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
[2014/12/02 02:17:11 | 000,000,000 | ---D | C] -- C:\Users\Fadod\AppData\Local\Akamai
[2014/11/27 22:57:44 | 000,000,000 | ---D | C] -- C:\Users\Fadod\Documents\My Games
[2014/11/26 18:24:58 | 000,000,000 | ---D | C] -- C:\Users\Fadod\Documents\Clone2Go Video Converter Professional
[2014/11/26 18:24:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Clone2go
[2014/11/26 18:24:49 | 000,000,000 | ---D | C] -- C:\Users\Fadod\AppData\Roaming\Clone2Go Video Converter Professional
[2014/11/26 17:16:34 | 000,000,000 | ---D | C] -- C:\Users\Fadod\AppData\Roaming\DVDVideoSoft
[2014/11/22 17:02:34 | 000,000,000 | ---D | C] -- C:\Users\Fadod\AppData\Local\PunkBuster
[2014/11/21 22:31:38 | 000,000,000 | ---D | C] -- C:\Users\Fadod\AppData\Local\pinger.com
[2014/11/21 22:31:34 | 000,000,000 | ---D | C] -- C:\Users\Fadod\AppData\Local\Caphyon
[2014/11/21 22:31:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pinger
[2014/11/21 22:31:23 | 000,000,000 | ---D | C] -- C:\Users\Fadod\AppData\Roaming\Pinger Inc
[2014/11/09 19:36:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
[2014/11/09 19:35:59 | 000,000,000 | ---D | C] -- C:\Users\Fadod\AppData\Roaming\Notepad++
[2014/11/09 19:35:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Notepad++
[2014/11/09 13:11:23 | 000,000,000 | ---D | C] -- C:\Users\Fadod\AppData\Local\Macromedia
[2014/11/09 00:27:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proxy Finder Enterprise
[2014/11/08 15:53:17 | 000,000,000 | ---D | C] -- C:\Users\Fadod\AppData\Local\Carter
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/12/07 18:25:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/12/07 18:13:37 | 001,182,208 | ---- | M] () -- C:\Users\Fadod\Desktop\Letmesca.exe
[2014/12/07 18:11:45 | 000,029,696 | ---- | M] () -- C:\Users\Fadod\Desktop\Server.exe
[2014/12/07 18:06:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/12/07 17:40:00 | 000,000,398 | ---- | M] () -- C:\Windows\tasks\update-sys.job
[2014/12/07 16:29:00 | 000,000,398 | ---- | M] () -- C:\Windows\tasks\update-S-1-5-21-3315983353-3425692480-1218410527-1001.job
[2014/12/07 15:09:32 | 000,002,198 | -H-- | M] () -- C:\Users\Fadod\Documents\Default.rdp
[2014/12/07 14:23:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/12/07 14:22:45 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/12/07 14:21:54 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/12/07 14:21:54 | 1716,346,880 | -HS- | M] () -- C:\hiberfil.sys
[2014/12/07 10:27:19 | 000,297,752 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/12/02 17:37:35 | 000,000,761 | ---- | M] () -- C:\Users\Public\Desktop\S.K.I.L.L. - Special Force 2.lnk
[2014/12/01 00:07:28 | 000,000,040 | -H-- | M] () -- C:\78E63017C9FB
[2014/11/28 08:08:54 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/11/26 22:15:52 | 000,000,209 | ---- | M] () -- C:\Users\Fadod\Desktop\BioShock Infinite.url
[2014/11/26 21:29:18 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/11/26 18:13:54 | 000,013,411 | ---- | M] () -- C:\Users\Fadod\AppData\Local\recently-used.xbel
[2014/11/26 17:57:58 | 000,006,823 | ---- | M] () -- C:\Users\Fadod\AppData\Local\recently-used.xbel.BMS1PX
[2014/11/22 16:52:25 | 000,001,101 | ---- | M] () -- C:\Users\Fadod\Desktop\Play COD4 MultiPlayer.lnk
[2014/11/21 22:31:32 | 000,000,947 | ---- | M] () -- C:\Users\Fadod\Desktop\Pinger.lnk
[2014/11/21 12:32:19 | 000,000,437 | ---- | M] () -- C:\Users\Fadod\AppData\Local\UserProducts.xml
[2014/11/14 16:35:26 | 002,433,440 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/11/14 16:35:26 | 000,821,268 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2014/11/14 16:35:26 | 000,761,344 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/11/14 16:35:26 | 000,470,256 | ---- | M] () -- C:\Windows\SysNative\perfh001.dat
[2014/11/14 16:35:26 | 000,166,716 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2014/11/14 16:35:26 | 000,149,956 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/11/14 16:35:26 | 000,082,000 | ---- | M] () -- C:\Windows\SysNative\perfc001.dat
[2014/11/12 17:39:31 | 000,001,760 | ---- | M] () -- C:\Users\Fadod\AppData\Local\recently-used.xbel.MGBIPX
[2014/11/12 17:39:25 | 000,001,248 | ---- | M] () -- C:\Users\Fadod\AppData\Local\recently-used.xbel.U4N5OX
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/12/07 18:13:47 | 001,182,208 | ---- | C] () -- C:\Users\Fadod\Desktop\Letmesca.exe
[2014/12/07 18:11:44 | 000,029,696 | ---- | C] () -- C:\Users\Fadod\Desktop\Server.exe
[2014/12/02 17:37:35 | 000,000,761 | ---- | C] () -- C:\Users\Public\Desktop\S.K.I.L.L. - Special Force 2.lnk
[2014/12/01 00:07:28 | 000,000,040 | -H-- | C] () -- C:\78E63017C9FB
[2014/11/26 22:15:52 | 000,000,209 | ---- | C] () -- C:\Users\Fadod\Desktop\BioShock Infinite.url
[2014/11/26 18:13:54 | 000,013,411 | ---- | C] () -- C:\Users\Fadod\AppData\Local\recently-used.xbel
[2014/11/26 17:57:58 | 000,006,823 | ---- | C] () -- C:\Users\Fadod\AppData\Local\recently-used.xbel.BMS1PX
[2014/11/22 16:52:25 | 000,001,101 | ---- | C] () -- C:\Users\Fadod\Desktop\Play COD4 MultiPlayer.lnk
[2014/11/21 22:31:32 | 000,000,947 | ---- | C] () -- C:\Users\Fadod\Desktop\Pinger.lnk
[2014/11/12 17:39:31 | 000,001,760 | ---- | C] () -- C:\Users\Fadod\AppData\Local\recently-used.xbel.MGBIPX
[2014/11/12 17:39:25 | 000,001,248 | ---- | C] () -- C:\Users\Fadod\AppData\Local\recently-used.xbel.U4N5OX
[2014/11/09 09:25:40 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/11/04 16:48:07 | 000,000,437 | ---- | C] () -- C:\Users\Fadod\AppData\Local\UserProducts.xml
[2014/08/19 17:23:13 | 000,715,038 | ---- | C] () -- C:\Windows\unins000.exe
[2014/08/19 17:23:13 | 000,001,938 | ---- | C] () -- C:\Windows\unins000.dat
[2014/06/15 23:07:04 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2014/05/18 22:18:04 | 000,045,400 | ---- | C] () -- C:\Windows\SysWow64\DiscHandler.exe
[2014/05/16 17:54:51 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2014/05/13 17:02:30 | 003,916,288 | ---- | C] () -- C:\Windows\SysWow64\ffmpeg.dll
[2014/05/13 17:01:48 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2014/05/13 17:01:12 | 000,271,360 | ---- | C] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll
[2014/05/13 17:00:58 | 000,157,184 | ---- | C] () -- C:\Windows\SysWow64\ff_unrar.dll
[2014/05/13 17:00:58 | 000,099,840 | ---- | C] () -- C:\Windows\SysWow64\ff_wmv9.dll
[2014/05/13 17:00:56 | 001,525,760 | ---- | C] () -- C:\Windows\SysWow64\ff_samplerate.dll
[2014/05/13 17:00:56 | 000,211,968 | ---- | C] () -- C:\Windows\SysWow64\ff_libdts.dll
[2014/05/13 17:00:56 | 000,147,456 | ---- | C] () -- C:\Windows\SysWow64\ff_libmad.dll
[2014/05/13 17:00:54 | 000,114,688 | ---- | C] () -- C:\Windows\SysWow64\ff_liba52.dll
[2014/05/13 17:00:52 | 000,136,704 | ---- | C] () -- C:\Windows\SysWow64\libmpeg2_ff.dll
[2014/05/11 12:46:10 | 000,000,093 | ---- | C] () -- C:\Users\Fadod\AppData\Local\fusioncache.dat
[2014/05/11 12:45:14 | 002,483,326 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/04/25 18:45:16 | 000,077,824 | ---- | C] () -- C:\Windows\SysWow64\cwrlib32.dll
[2014/04/22 23:43:18 | 000,001,748 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2014/04/18 14:57:47 | 000,000,054 | ---- | C] () -- C:\Users\Fadod\AppData\Roaming\updater.cfg
[2014/04/18 04:22:56 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2014/04/18 04:22:56 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2014/04/17 22:28:30 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2014/04/08 17:29:48 | 000,238,736 | ---- | C] () -- C:\Windows\SysWow64\libbluray.dll
[2014/01/07 07:00:43 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013/12/17 04:19:30 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\Lagarith.dll
[2013/12/17 04:15:32 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\OptimFROG.dll
[2013/12/17 04:15:32 | 000,000,236 | ---- | C] () -- C:\Windows\SysWow64\Formats.ini
[2013/12/17 04:15:30 | 000,047,104 | ---- | C] () -- C:\Windows\SysWow64\bass_tak.dll
[2013/12/17 03:28:18 | 000,109,568 | ---- | C] () -- C:\Windows\SysWow64\avi.dll
[2013/12/17 03:28:18 | 000,097,792 | ---- | C] () -- C:\Windows\SysWow64\avs.dll
[2013/12/17 03:28:18 | 000,093,184 | ---- | C] () -- C:\Windows\SysWow64\avss.dll
[2013/12/17 03:27:52 | 000,113,152 | ---- | C] () -- C:\Windows\SysWow64\dsmux.exe
[2013/12/17 03:27:50 | 000,249,856 | ---- | C] () -- C:\Windows\SysWow64\dxr.dll
[2013/12/17 03:27:40 | 000,358,400 | ---- | C] () -- C:\Windows\SysWow64\gdsmux.exe
[2013/12/17 03:27:16 | 000,137,728 | ---- | C] () -- C:\Windows\SysWow64\mkv2vfr.exe
[2013/12/17 03:27:16 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\mkunicode.dll
[2013/12/17 03:27:14 | 000,150,528 | ---- | C] () -- C:\Windows\SysWow64\mkx.dll
[2013/12/17 03:27:14 | 000,080,384 | ---- | C] () -- C:\Windows\SysWow64\mkzlib.dll
[2013/12/17 03:27:10 | 000,142,336 | ---- | C] () -- C:\Windows\SysWow64\mp4.dll
[2013/12/17 03:26:52 | 000,123,392 | ---- | C] () -- C:\Windows\SysWow64\ogm.dll
[2013/12/17 03:26:40 | 000,154,624 | ---- | C] () -- C:\Windows\SysWow64\ts.dll
[2013/07/08 09:18:34 | 000,091,264 | ---- | C] () -- C:\Windows\SysWow64\EasyHook32.dll
[2013/03/01 03:47:36 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
========== ZeroAccess Check ==========
[2014/05/02 12:59:42 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/07/26 05:07:16 | 019,779,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/07/26 05:19:59 | 017,559,552 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2014/08/21 20:44:48 | 000,000,000 | ---D | M] -- C:\Users\Fadod\AppData\Roaming\.minecraft
[2014/07/23 17:24:25 | 000,000,000 | ---D | M] -- C:\Users\Fadod\AppData\Roaming\.purple
[2014/04/25 19:53:31 | 000,000,000 | ---D | M] -- C:\Users\Fadod\AppData\Roaming\addpcs
[2014/09/28 18:12:27 | 000,000,000 | ---D | M] -- C:\Users\Fadod\AppData\Roaming\Ashampoo
[2014/11/26 18:27:54 | 000,000,000 | ---D | M] -- C:\Users\Fadod\AppData\Roaming\Clone2Go Video Converter Professional
[2014/09/21 22:24:02 | 000,000,000 | ---D | M] -- C:\Users\Fadod\AppData\Roaming\Convivea
[2014/04/24 19:03:04 | 000,000,000 | ---D | M] -- C:\Users\Fadod\AppData\Roaming\Crypto Obfuscator For .Net v2012
[2014/10/18 17:54:27 | 000,000,000 | ---D | M] -- C:\Users\Fadod\AppData\Roaming\DAEMON Tools Lite
[2014/09/28 17:32:36 | 000,000,000 | ---D | M] -- C:\Users\Fadod\AppData\Roaming\DeepBurner Pro
[2014/11/26 17:57:22 | 000,000,000 | ---D | M] -- C:\Users\Fadod\AppData\Roaming\DVDVideoSoft
[2014/05/24 05:19:59 | 000,000,000 | ---D | M] -- C:\Users\Fadod\AppData\Roaming\Easeware
[2014/09/26 18:51:42 | 000,000,000 | ---D | M] -- C:\Users\Fadod\AppData\Roaming\Free 3GP Video Convert Wizard
[2014/04/17 14:38:43 | 000,000,000 | ---D | M] -- C:\Users\Fadod\AppData\Roaming\Gyazo
[2014/08/13 19:05:45 | 000,000,000 | ---D | M] -- C:\Users\Fadod\AppData\Roaming\HandBrake
[2014/06/10 03:34:21 | 000,000,000 | ---D | M] -- C:\Users\Fadod\AppData\Roaming\iFunBox.NXGen
[2014/06/10 03:14:51 | 000,000,000 | ---D | M] -- C:\Users\Fadod\AppData\Roaming\iFunbox_UserCache
[2014/10/26 17:23:46 | 000,000,000 | ---D | M] -- C:\Users\Fadod\AppData\Roaming\ManyCam
[2014/10/12 22:17:30 | 000,000,000 | ---D | M] -- C:\Users\Fadod\AppData\Roaming\MassTube
[2014/11/07 12:27:39 | 000,000,000 | ---D | M] -- C:\Users\Fadod\AppData\Roaming\Molura
[2014/09/28 19:46:24 | 000,000,000 | ---D | M] -- C:\Users\Fadod\AppData\Roaming\Mp3CompressorFreeEdition
[2014/08/15 17:37:44 | 000,000,000 | ---D | M] -- C:\Users\Fadod\AppData\Roaming\MPC-HC
[2014/05/09 23:39:43 | 000,000,000 | ---D | M] -- C:\Users\Fadod\AppData\Roaming\MultiForce
[2014/05/05 00:29:33 | 000,000,000 | ---D | M] -- C:\Users\Fadod\AppData\Roaming\MultiForce Backup
[2014/09/05 19:16:21 | 000,000,000 | ---D | M] -- C:\Users\Fadod\AppData\Roaming\Mumble
[2014/09/26 18:51:40 | 000,000,000 | ---D | M] -- C:\Users\Fadod\AppData\Roaming\New Version Available
[2014/11/09 19:37:55 | 000,000,000 | ---D | M] -- C:\Users\Fadod\AppData\Roaming\Notepad++
[2014/06/07 11:45:36 | 000,000,000 | ---D | M] -- C:\Users\Fadod\AppData\Roaming\NuGet
[2014/06/11 16:34:20 | 000,000,000 | ---D | M] -- C:\Users\Fadod\AppData\Roaming\OmniCoin
[2014/01/24 01:39:01 | 000,000,000 | ---D | M] -- C:\Users\Fadod\AppData\Roaming\OpenVPN Technologies
[2014/11/30 16:30:43 | 000,000,000 | ---D | M] -- C:\Users\Fadod\AppData\Roaming\Origin
[2014/05/24 04:57:09 | 000,000,000 | ---D | M] -- C:\Users\Fadod\AppData\Roaming\PC Drivers HeadQuarters
[2014/04/25 03:32:44 | 000,000,000 | ---D | M] -- C:\Users\Fadod\AppData\Roaming\PE Explorer
[2014/06/16 07:26:33 | 000,000,000 | ---D | M] -- C:\Users\Fadod\AppData\Roaming\PFStaticIP
[2014/11/21 22:31:23 | 000,000,000 | ---D | M] -- C:\Users\Fadod\AppData\Roaming\Pinger Inc
[2014/09/04 20:00:00 | 000,000,000 | ---D | M] -- C:\Users\Fadod\AppData\Roaming\ProxySwitcher
[2014/04/18 11:59:22 | 000,000,000 | ---D | M] -- C:\Users\Fadod\AppData\Roaming\Publish Providers
[2014/04/18 14:55:58 | 000,000,000 | ---D | M] -- C:\Users\Fadod\AppData\Roaming\Red Giant Link
[2014/05/15 01:57:28 | 000,000,000 | ---D | M] -- C:\Users\Fadod\AppData\Roaming\Resource Tuner
[2014/05/27 23:05:35 | 000,000,000 | ---D | M] -- C:\Users\Fadod\AppData\Roaming\Screaming Bee
[2014/06/15 23:07:05 | 000,000,000 | ---D | M] -- C:\Users\Fadod\AppData\Roaming\Shark007
[2014/04/18 12:00:18 | 000,000,000 | ---D | M] -- C:\Users\Fadod\AppData\Roaming\Sony
[2014/05/11 13:25:57 | 000,000,000 | ---D | M] -- C:\Users\Fadod\AppData\Roaming\SpeedBit
[2014/04/30 16:42:57 | 000,000,000 | ---D | M] -- C:\Users\Fadod\AppData\Roaming\TeamViewer
[2014/04/24 19:17:46 | 000,000,000 | ---D | M] -- C:\Users\Fadod\AppData\Roaming\Thinstall
[2014/10/18 16:24:16 | 000,000,000 | ---D | M] -- C:\Users\Fadod\AppData\Roaming\TS3Client
[2014/12/07 10:51:20 | 000,000,000 | ---D | M] -- C:\Users\Fadod\AppData\Roaming\Tunngle
[2014/12/07 16:59:33 | 000,000,000 | ---D | M] -- C:\Users\Fadod\AppData\Roaming\uTorrent
[2014/10/02 23:27:16 | 000,000,000 | ---D | M] -- C:\Users\Fadod\AppData\Roaming\Wireshark
[2014/05/13 14:03:23 | 000,000,000 | ---D | M] -- C:\Users\Fadod\AppData\Roaming\WNR
[2014/11/20 03:34:24 | 000,000,000 | -HSD | M] -- C:\Users\Fadod\AppData\Roaming\wyUpdate AU
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 40 bytes -> C:\ProgramData\MTA San Andreas All:NT
@Alternate Data Stream - 40 bytes -> C:\ProgramData:NT
@Alternate Data Stream - 160 bytes -> C:\ProgramData\MTA San Andreas All:NT2
@Alternate Data Stream - 160 bytes -> C:\ProgramData:NT2
@Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:367BF129
@Alternate Data Stream - 131 bytes -> C:\ProgramData\Temp:7578EF04
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:56E2E879
< End of report >
Edited by Gatt, 07 December 2014 - 10:41 AM.