Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Possible Malware?

antivirus malware

  • Please log in to reply

#1
mikeindidginus

mikeindidginus

    New Member

  • Member
  • Pip
  • 1 posts
Hello,
 
I have recently developed an issue whereby some letters of websites disappear (in other words only some letters of written words on the page are visible) - this has happened on my own website (www.indidginus.com) and also on Facebook. I have run a Malware Bytes scan, a BitDefender scan, an Adware Cleaner scan and a Windows Defender scan, none of which turned up anything. I have done an OTL scan and attached the log file as suggested. Any help or advice is much appreciated.
 
 
Michael.

OTL logfile created on: 28/02/2015 17:23:00 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\indidginus\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.17148)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

7.70 Gb Total Physical Memory | 4.42 Gb Available Physical Memory | 57.34% Memory free
15.41 Gb Paging File | 11.78 Gb Available in Paging File | 76.43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 446.72 Gb Total Space | 316.62 Gb Free Space | 70.88% Space Free | Partition Type: NTFS
Drive F: | 931.48 Gb Total Space | 465.59 Gb Free Space | 49.98% Space Free | Partition Type: NTFS
Drive G: | 465.76 Gb Total Space | 42.41 Gb Free Space | 9.11% Space Free | Partition Type: NTFS
Drive Q: | 17.58 Gb Total Space | 5.13 Gb Free Space | 29.16% Space Free | Partition Type: NTFS

Computer Name: STUDIO | User Name: indidginus | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2015/02/28 17:21:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\indidginus\Desktop\OTL.exe
PRC - [2015/02/19 21:43:20 | 003,411,408 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
PRC - [2015/02/19 21:41:30 | 003,710,416 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2015\avgui.exe
PRC - [2015/02/19 21:37:34 | 000,308,720 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
PRC - [2015/02/12 09:59:54 | 002,623,768 | ---- | M] (IBM Corp.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
PRC - [2015/02/12 09:59:54 | 001,919,256 | ---- | M] (IBM Corp.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2015/01/09 13:46:46 | 000,641,992 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
PRC - [2014/12/11 17:47:00 | 000,111,048 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\micmute.exe
PRC - [2014/12/06 03:50:53 | 000,856,904 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/11/29 19:57:40 | 001,388,888 | ---- | M] (BitTorrent Inc.) -- C:\Users\indidginus\AppData\Roaming\BitTorrent\BitTorrent.exe
PRC - [2014/11/14 06:07:00 | 001,668,848 | ---- | M] (Lenovo) -- C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
PRC - [2014/11/14 06:07:00 | 000,127,216 | ---- | M] (Lenovo Group Limited) -- C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
PRC - [2014/08/07 14:42:36 | 000,197,408 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
PRC - [2014/08/07 14:42:24 | 000,072,992 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
PRC - [2014/08/07 14:42:00 | 000,059,168 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Communications Utility\CamMute.exe
PRC - [2014/07/10 21:21:16 | 000,272,672 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
PRC - [2014/07/10 21:21:04 | 000,133,408 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
PRC - [2014/07/10 21:02:32 | 000,610,304 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
PRC - [2014/04/30 23:09:52 | 000,023,552 | ---- | M] (Fork Ltd.) -- C:\Tools\Prey\platform\windows\cronsvc.exe
PRC - [2014/04/08 22:29:36 | 000,413,128 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2014/04/01 15:45:20 | 000,126,512 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
PRC - [2014/03/06 23:53:26 | 002,925,760 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Tools\Process_Explorer\procexp.exe
PRC - [2013/09/05 10:54:46 | 001,361,256 | ---- | M] (Lenovo Group Limited) -- C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_desktop.exe
PRC - [2013/09/05 10:53:06 | 001,112,936 | ---- | M] (Lenovo Group Limited) -- C:\Program Files (x86)\Lenovo\Password Manager\password_manager.exe
PRC - [2013/07/18 01:44:30 | 000,292,088 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2013/05/31 01:05:00 | 000,394,096 | ---- | M] (KORG Inc.) -- C:\Hardware\Korg\EsHelper2.exe
PRC - [2013/05/30 16:01:56 | 000,364,856 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2013/05/30 16:01:10 | 000,167,736 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/06/07 10:54:22 | 000,153,600 | ---- | M] (troubadix) -- C:\Hardware\TPFanControl\TPFanControl.exe
PRC - [2012/02/16 12:46:20 | 001,011,056 | ---- | M] (GFI Software Ltd.) -- C:\Tools\GFI_BackUp\GFIFInst.exe
PRC - [2012/02/16 12:46:18 | 002,664,816 | ---- | M] (GFI Software Ltd.) -- C:\Tools\GFI_BackUp\GFIFSched.exe
PRC - [2012/01/17 08:29:24 | 000,169,776 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
PRC - [2010/08/31 07:56:16 | 001,028,096 | ---- | M] (Lenovo Group Limited) -- C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
PRC - [2010/03/11 23:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2008/01/10 21:13:50 | 000,061,440 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe


========== Modules (No Company Name) ==========

MOD - [2014/12/06 03:50:51 | 014,913,352 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll
MOD - [2014/12/06 03:50:50 | 009,009,480 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
MOD - [2014/12/06 03:50:46 | 001,077,064 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
MOD - [2014/12/06 03:50:45 | 000,211,272 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
MOD - [2014/12/06 03:50:44 | 001,677,128 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
MOD - [2014/04/09 08:11:18 | 000,012,120 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
MOD - [2014/03/23 16:04:20 | 000,557,056 | ---- | M] () -- C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll


========== Services (SafeList) ==========

SRV:64bit: - [2014/12/11 17:47:00 | 000,111,048 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\micmute.exe -- (LENOVO.MICMUTE)
SRV:64bit: - [2014/11/14 05:36:32 | 000,084,208 | ---- | M] (Lenovo.) [Auto | Running] -- C:\Windows\SysNative\ibmpmsvc.exe -- (IBMPMSVC)
SRV:64bit: - [2014/10/16 17:13:48 | 000,272,776 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe -- (LSCWinService)
SRV:64bit: - [2014/08/18 15:13:34 | 003,817,168 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:64bit: - [2014/08/18 15:13:18 | 000,265,936 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2014/08/18 15:13:06 | 000,632,528 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2014/08/18 15:12:42 | 000,154,832 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2014/08/07 14:42:36 | 000,197,408 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe -- (LENOVO.TVTVCAM)
SRV:64bit: - [2014/08/07 14:42:24 | 000,072,992 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe -- (LENOVO.TPKNRSVC)
SRV:64bit: - [2014/08/07 14:42:00 | 000,059,168 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\Communications Utility\CamMute.exe -- (LENOVO.CAMMUTE)
SRV:64bit: - [2014/07/09 16:52:26 | 010,571,056 | ---- | M] (DisplayLink Corp.) [Auto | Running] -- C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe -- (DisplayLinkService)
SRV:64bit: - [2014/07/08 17:51:34 | 000,115,184 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe -- (Lenovo.VIRTSCRLSVC)
SRV:64bit: - [2014/06/10 11:15:44 | 000,124,400 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\tphkload.exe -- (TPHKLOAD)
SRV:64bit: - [2014/04/01 15:45:20 | 000,126,512 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe -- (TPHKSVC)
SRV:64bit: - [2013/06/20 16:49:36 | 000,049,920 | ---- | M] (Lenovo.) [Disabled | Stopped] -- C:\Windows\SysNative\TPHDEXLG64.exe -- (TPHDEXLGSVC)
SRV:64bit: - [2013/05/27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/05/14 12:28:44 | 001,008,344 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2013/01/08 08:03:24 | 000,107,944 | ---- | M] (Condusiv Technologies) [Auto | Running] -- C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe -- (ExpressCache)
SRV:64bit: - [2012/12/10 14:31:44 | 000,803,872 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel®
SRV:64bit: - [2012/12/10 14:31:28 | 000,732,160 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2012/05/30 13:11:34 | 000,149,544 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2012/05/11 00:45:58 | 000,143,936 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe -- (HyperW7Svc)
SRV:64bit: - [2011/12/05 14:02:44 | 005,739,008 | ---- | M] (Native Instruments GmbH) [Disabled | Stopped] -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService)
SRV:64bit: - [2009/07/14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2015/02/19 21:43:20 | 003,411,408 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2015/02/19 21:37:34 | 000,308,720 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe -- (avgwd)
SRV - [2015/02/12 09:59:54 | 001,919,256 | ---- | M] (IBM Corp.) [Auto | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2015/01/31 22:56:45 | 000,114,800 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2015/01/15 17:40:58 | 000,049,648 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Lenovo\System Update\SUService.exe -- (SUService)
SRV - [2015/01/15 11:37:50 | 000,619,776 | ---- | M] (Lenovo) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Lenovo\easyplussdk\bin\EPHotspot64.exe -- (Lenovo EasyPlus Hotspot)
SRV - [2014/12/11 10:30:48 | 000,315,496 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014/11/14 06:07:00 | 001,668,848 | ---- | M] (Lenovo) [On_Demand | Running] -- C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe -- (Power Manager DBC Service)
SRV - [2014/11/14 06:07:00 | 001,664,752 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.exe -- (PwmEWSvc)
SRV - [2014/11/14 06:07:00 | 000,319,536 | ---- | M] (Lenovo.) [On_Demand | Stopped] -- C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE -- (DozeSvc)
SRV - [2014/07/10 21:21:16 | 000,272,672 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe -- (AcSvc)
SRV - [2014/07/10 21:21:04 | 000,133,408 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe -- (AcPrfMgrSvc)
SRV - [2014/04/30 23:09:52 | 000,023,552 | ---- | M] (Fork Ltd.) [Auto | Running] -- C:\Tools\Prey\platform\windows\cronsvc.exe -- (CronService)
SRV - [2014/04/11 23:08:08 | 000,103,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2014/04/08 22:29:36 | 000,413,128 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014/03/21 00:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013/11/01 08:10:30 | 001,260,320 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/09/05 16:04:00 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/05/30 16:01:56 | 000,364,856 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2013/05/30 16:01:10 | 000,167,736 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/09/03 12:52:48 | 000,276,288 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/04/19 09:15:38 | 000,084,080 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe -- (VIPAppService)
SRV - [2012/02/16 12:46:20 | 001,011,056 | ---- | M] (GFI Software Ltd.) [Auto | Running] -- C:\Tools\GFI_BackUp\GFIFInst.exe -- (GFIBckFAtt)
SRV - [2012/02/16 12:46:18 | 002,664,816 | ---- | M] (GFI Software Ltd.) [Auto | Running] -- C:\Tools\GFI_BackUp\GFIFSched.exe -- (GFIBckFSched)
SRV - [2012/01/17 08:29:24 | 000,169,776 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe -- (FastbootService)
SRV - [2011/03/24 13:24:58 | 000,095,976 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Tools\SandBoxie\SbieSvc.exe -- (SbieSvc)
SRV - [2010/08/31 07:56:16 | 001,028,096 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe -- (ThinkVantage Registry Monitor Service)
SRV - [2010/03/11 23:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2008/01/10 21:13:50 | 000,061,440 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2015/02/19 21:26:58 | 000,270,816 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2015/02/12 10:00:04 | 000,535,576 | ---- | M] (IBM Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\RapportKE64.sys -- (RapportKE64)
DRV:64bit: - [2015/02/03 10:47:26 | 000,341,472 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2015/01/23 09:42:12 | 000,133,088 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2015/01/16 11:17:44 | 000,284,128 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2014/11/21 06:14:12 | 000,093,400 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbamchameleon.sys -- (mbamchameleon)
DRV:64bit: - [2014/11/18 21:42:04 | 000,203,544 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2014/11/14 06:07:00 | 000,029,512 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\DZHDD64.SYS -- (DzHDD64)
DRV:64bit: - [2014/11/14 06:07:00 | 000,020,736 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\TPPWR64V.SYS -- (TPPWRIF)
DRV:64bit: - [2014/11/14 05:36:32 | 000,060,112 | ---- | M] (Lenovo.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ibmpmdrv.sys -- (IBMPMDRV)
DRV:64bit: - [2014/08/28 21:47:24 | 000,243,480 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2014/07/28 12:25:34 | 000,461,552 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2014/07/28 12:25:34 | 000,045,296 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2014/07/10 07:28:16 | 000,046,384 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DisplayLinkUsbIo_x64_7.6.56275.0.sys -- (DisplayLinkUsbIo_x64)
DRV:64bit: - [2014/07/09 16:56:02 | 000,435,504 | ---- | M] (DisplayLink Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dlkmd.sys -- (dlkmd)
DRV:64bit: - [2014/07/09 16:56:02 | 000,018,736 | ---- | M] (DisplayLink Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\dlkmdldr.sys -- (dlkmdldr)
DRV:64bit: - [2014/07/01 07:50:14 | 011,524,096 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwsw00.sys -- (NETwNs64)
DRV:64bit: - [2014/06/27 18:12:04 | 000,495,376 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress)
DRV:64bit: - [2014/06/18 21:03:34 | 000,153,368 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgdiska.sys -- (Avgdiska)
DRV:64bit: - [2014/06/18 21:03:20 | 000,031,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2014/06/16 08:01:38 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2014/06/16 08:01:38 | 000,110,336 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2014/04/09 08:11:18 | 000,300,320 | ---- | M] (NVIDIA Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\nvkflt.sys -- (nvkflt)
DRV:64bit: - [2014/04/09 08:11:18 | 000,032,544 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2013/11/16 04:59:44 | 000,632,168 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2013/11/16 04:59:40 | 000,028,008 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorF.sys -- (iaStorF)
DRV:64bit: - [2013/11/11 18:28:44 | 000,035,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2013/11/11 18:28:44 | 000,025,528 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2013/10/02 04:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/07/18 01:43:40 | 000,795,632 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2013/07/18 01:43:40 | 000,358,896 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2013/07/18 01:43:40 | 000,020,464 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2013/06/20 19:36:54 | 000,206,744 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usb3Hub.sys -- (usb3Hub)
DRV:64bit: - [2013/06/20 16:49:36 | 000,150,272 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ApsX64.sys -- (Shockprf)
DRV:64bit: - [2013/06/20 16:49:36 | 000,025,856 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ApsHM64.sys -- (TPDIGIMN)
DRV:64bit: - [2013/05/31 01:14:00 | 000,034,136 | ---- | M] (KORG INC.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\KORGUM64.SYS -- (KORGUMDS)
DRV:64bit: - [2013/05/13 15:15:06 | 000,064,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2013/03/27 04:50:20 | 000,170,200 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcbtums.sys -- (bcbtums)
DRV:64bit: - [2013/01/08 08:03:30 | 000,112,552 | ---- | M] (Condusiv Technologies) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\excsd.sys -- (excsd)
DRV:64bit: - [2013/01/08 08:03:30 | 000,026,024 | ---- | M] (Condusiv Technologies) [File_System | System | Running] -- C:\Windows\SysNative\drivers\excfs.sys -- (excfs)
DRV:64bit: - [2012/12/04 04:38:26 | 000,598,808 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2012/09/03 12:52:42 | 009,000,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/08/23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/07/04 21:38:52 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/07/04 21:35:45 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2012/07/04 21:35:45 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2012/05/30 13:42:10 | 000,569,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2012/05/30 13:10:50 | 000,016,168 | ---- | M] (Intel® Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2012/05/02 07:18:28 | 000,184,144 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2012/03/27 01:07:06 | 000,033,344 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Program Files\Lenovo\RapidBoot\PHCORE64.sys -- (PHCORE)
DRV:64bit: - [2012/03/06 12:29:42 | 000,210,984 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2012/03/06 12:29:38 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2012/02/17 01:19:42 | 000,216,064 | ---- | M] (Ricoh co.,Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\5U877.sys -- (5U877)
DRV:64bit: - [2011/12/26 11:10:44 | 000,040,248 | ---- | M] (Lenovo Information Product(ShenZhen China) Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\psadd.sys -- (psadd)
DRV:64bit: - [2011/12/08 23:06:07 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/12/08 23:06:07 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/12/08 03:59:52 | 000,027,432 | ---- | M] (ThinkVantage Communications Utility) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tvtvcamd.sys -- (tvtvcamd)
DRV:64bit: - [2011/10/31 15:22:34 | 000,053,080 | ---- | M] (Focusrite Audio Engineering Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ffusbaudio.sys -- (FFUsbAudio)
DRV:64bit: - [2011/09/18 01:38:52 | 000,039,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2011/08/01 15:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2011/05/29 12:48:04 | 000,040,248 | ---- | M] (Lenovo Information Product(ShenZhen China) Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tvti2c.sys -- (TVTI2C)
DRV:64bit: - [2011/05/26 02:23:00 | 000,101,888 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdxc64.sys -- (risdxc)
DRV:64bit: - [2011/05/18 08:08:32 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2010/11/21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 01:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/11/04 13:12:08 | 000,023,096 | ---- | M] (Samsung Electronics, Inc. ) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\MTiCtwl.sys -- (MagicTune)
DRV:64bit: - [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2006/10/13 03:21:00 | 000,016,080 | ---- | M] (EnTech Taiwan) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVicPort64.sys -- (TVicPort64)
DRV - [2015/02/24 08:46:11 | 000,844,440 | ---- | M] (IBM Corp.) [Kernel | System | Running] -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_80128.sys -- (RapportCerberus_80128)
DRV - [2015/02/12 10:00:04 | 000,558,872 | ---- | M] (IBM Corp.) [Kernel | System | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys -- (RapportPG64)
DRV - [2015/02/12 10:00:04 | 000,445,816 | ---- | M] (IBM Corp.) [Kernel | System | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys -- (RapportEI64)
DRV - [2013/07/18 07:34:28 | 000,037,344 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2011/03/24 13:24:54 | 000,148,072 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Tools\SandBoxie\SbieDrv.sys -- (SbieDrv)
DRV - [2010/07/01 19:11:24 | 000,012,352 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Tools\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=LENP&bmod=LENP
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.co.uk/
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...ng}&rlz=1I7LENP
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.isUS: false
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.co.uk"
FF - prefs.js..extensions.enabledAddons: %7BF74D5734-46F5-4B16-96F0-1E7FBF41B750%7D:4.40
FF - prefs.js..extensions.enabledAddons: %7Ba7c6cf7f-112c-4500-a7ea-39801a327e5f%7D:2.0.22
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:35.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.31.2: C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2: C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@Sibelius.com/Scorch Plugin,version=6.2.0.88: C:\Program Files (x86)\Sibelius Software\Scorch\npsibelius.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]om: C:\Program Files (x86)\Symantec\VIP Access Client\ [2012/07/04 22:07:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Web_and_Graphics\Adobe\CS5.5\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014/06/14 13:14:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 35.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 35.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2015/01/31 22:56:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 31.5.0\extensions\\Components: C:\Tools\Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 31.5.0\extensions\\Plugins: C:\Tools\Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{F74D5734-46F5-4B16-96F0-1E7FBF41B750}: C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12 [2013/10/06 19:50:01 | 000,000,000 | ---D | M]

[2013/10/06 14:58:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\indidginus\AppData\Roaming\mozilla\Extensions
[2015/01/31 22:42:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\indidginus\AppData\Roaming\mozilla\Firefox\Profiles\n9xj2s3u.default\extensions
[2015/01/27 16:59:03 | 000,000,000 | ---D | M] (FireFTP) -- C:\Users\indidginus\AppData\Roaming\mozilla\Firefox\Profiles\n9xj2s3u.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
[2015/01/31 22:42:57 | 000,020,889 | ---- | M] () (No name found) -- C:\Users\indidginus\AppData\Roaming\mozilla\firefox\profiles\n9xj2s3u.default\extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi
[2015/01/27 16:57:12 | 000,985,112 | ---- | M] () (No name found) -- C:\Users\indidginus\AppData\Roaming\mozilla\firefox\profiles\n9xj2s3u.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2015/01/31 22:56:37 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2015/01/31 22:56:46 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/10/06 19:50:01 | 000,000,000 | ---D | M] (ThinkVantage Password Manager) -- C:\PROGRAM FILES (X86)\LENOVO\PASSWORD MANAGER\PWM FIREFOX EXTENSION\2.0B12
[2010/03/31 11:09:22 | 010,437,264 | ---- | M] (PDFTron Systems Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\PDFNetC.dll
[2010/04/08 12:35:52 | 009,822,960 | R--- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\ScorchAxPlugin.dll
[2010/04/08 13:36:02 | 000,107,760 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\ScorchPDFWrapper.dll

========== Chrome ==========

CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\gcswf32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - plugin: Chrome NaCl (Disabled) = C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
CHR - plugin: Norton Confidential (Enabled) = C:\Users\indidginus\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.1.0.30_0\npcoplgn.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Intel® Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel® Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Windows Live™ Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: No name found = C:\Users\indidginus\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: No name found = C:\Users\indidginus\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm\0.4.6_0\
CHR - Extension: No name found = C:\Users\indidginus\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.11_0\
CHR - Extension: No name found = C:\Users\indidginus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
CHR - Extension: No name found = C:\Users\indidginus\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiedkoafeodhiiccoclonninnkjbjnff\1.7.10_0\
CHR - Extension: No name found = C:\Users\indidginus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.151_0\

O1 HOSTS File: ([2013/10/21 20:07:52 | 000,003,811 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 adobe.activate.com
O1 - Hosts: 127.0.0.1 adobeereg.com
O1 - Hosts: 127.0.0.1 www.adobeereg.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 125.252.224.90
O1 - Hosts: 127.0.0.1 125.252.224.91
O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
O1 - Hosts: 127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
O1 - Hosts: 33 more lines...
O2:64bit: - BHO: (Symantec VIP Access Add-On) - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Symantec VIP Access Add-On) - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [PasswordManager] C:\Program Files\Lenovo\Password Manager\password_manager.exe (Lenovo Group Limited)
O4:64bit: - HKLM..\Run: [TPFanControl] C:\Hardware\TPFanControl\TPFanControl.exe (troubadix)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2015\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Fastboot] C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe (Lenovo)
O4 - HKLM..\Run: [KORG USB-MIDI Driver] C:\Hardware\Korg\EsHelper2.exe (KORG Inc.)
O4 - HKLM..\Run: [PWMTRV] C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL (Lenovo Group Limited)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Tools\Microsoft\Office_2007\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Tools\Microsoft\Office_2007\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Tools\Microsoft\Office_2007\Office12\REFIEBAR.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: hola.org ([]http in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{355A6432-21D0-453D-9AE1-05C139089726}: DhcpNameServer = 10.0.0.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E56FEA63-3B9C-427F-92BA-FA37368552E2}: DhcpNameServer = 10.0.0.2
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\taskmgr.exe: Debugger - C:\TOOLS\PROCESS_EXPLORER\PROCEXP.EXE (Sysinternals - www.sysinternals.com)
O27 - HKLM IFEO\taskmgr.exe: Debugger - C:\TOOLS\PROCESS_EXPLORER\PROCEXP.EXE (Sysinternals - www.sysinternals.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/07/10 19:32:30 | 000,000,000 | ---D | M] - F:\AUTORUN -- [ NTFS ]
O32 - AutoRun File - [2004/01/22 16:47:32 | 000,000,038 | R--- | M] () - F:\AUTORUN.INF -- [ NTFS ]
O32 - AutoRun File - [2012/10/30 18:04:46 | 000,000,000 | ---D | M] - G:\AUTORUN -- [ NTFS ]
O32 - AutoRun File - [2012/10/30 18:04:22 | 000,000,037 | R--- | M] () - G:\AUTORUN.INF -- [ NTFS ]
O32 - AutoRun File - [2011/12/15 05:05:40 | 000,000,049 | -HS- | M] () - Q:\AUTORUN.INF -- [ NTFS ]
O33 - MountPoints2\{0f881343-2e34-11e3-97f0-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{0f881343-2e34-11e3-97f0-806e6f6e6963}\Shell\AutoRun\command - "" = Q:\LenovoQDrive.exe -- [2011/12/15 05:05:40 | 000,267,576 | -HS- | M] (Lenovo Group Limited)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2015/02/28 17:21:28 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\indidginus\Desktop\OTL.exe
[2015/02/28 17:13:32 | 000,000,000 | ---D | C] -- C:\FRST
[2015/02/28 17:08:18 | 000,000,000 | ---D | C] -- C:\Users\indidginus\Desktop\The.Water.Diviner.2014.HDRip
[2015/02/28 07:02:00 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2015/02/28 06:49:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tools
[2015/02/27 19:36:34 | 000,000,000 | ---D | C] -- C:\Users\indidginus\Desktop\Couriers
[2015/02/24 08:44:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Endpoint Protection
[2015/02/19 21:26:58 | 000,270,816 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys
[2015/02/03 10:47:26 | 000,341,472 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgloga.sys
[2015/02/01 00:51:54 | 000,000,000 | ---D | C] -- C:\Users\indidginus\AppData\Roaming\SketchUp
[2015/02/01 00:49:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Reprise
[2015/02/01 00:48:47 | 000,000,000 | ---D | C] -- C:\ProgramData\SketchUp
[2015/02/01 00:30:38 | 000,000,000 | ---D | C] -- C:\Users\indidginus\Desktop\Garden_Shed_Build
[2015/01/31 22:56:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2015/01/31 11:44:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2015/01/31 10:46:58 | 000,000,000 | ---D | C] -- C:\Users\indidginus\Desktop\Outdoor_SoundProofing

========== Files - Modified Within 30 Days ==========

[2015/02/28 17:21:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\indidginus\Desktop\OTL.exe
[2015/02/28 17:08:22 | 000,000,029 | ---- | M] () -- C:\Windows\SysWow64\TempWmicBatchFile.bat
[2015/02/28 16:33:39 | 000,000,000 | -HS- | M] () -- C:\DkHyperbootSync
[2015/02/28 16:12:09 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015/02/28 16:07:34 | 000,034,432 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/02/28 16:07:34 | 000,034,432 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/02/28 16:04:27 | 000,787,214 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015/02/28 16:04:27 | 000,670,322 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015/02/28 16:04:27 | 000,127,906 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015/02/28 15:58:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/02/28 15:58:42 | 1909,690,367 | -HS- | M] () -- C:\hiberfil.sys
[2015/02/27 19:34:38 | 000,007,609 | ---- | M] () -- C:\Users\indidginus\Desktop\proof-1991-720p.torrent
[2015/02/26 19:08:13 | 000,001,456 | ---- | M] () -- C:\Users\indidginus\AppData\Local\Adobe Save for Web 12.0 Prefs
[2015/02/21 20:23:14 | 000,206,613 | ---- | M] () -- C:\Users\indidginus\Desktop\Roof Sheeting and Steel Products - Installation and Other Info.pdf
[2015/02/21 17:44:29 | 000,417,923 | ---- | M] () -- C:\Users\indidginus\Desktop\Inkulu Roofing Translucent Profiled Sheeting - Instructions.pdf
[2015/02/19 21:26:58 | 000,270,816 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys
[2015/02/14 12:49:20 | 000,162,820 | ---- | M] () -- C:\Users\indidginus\Desktop\Bulbs_Disposal_Cape_Town.pdf
[2015/02/13 21:58:48 | 010,780,338 | ---- | M] () -- C:\Users\indidginus\Desktop\Shiva_Mahamrityunjaya_Mantra.mp3
[2015/02/13 21:51:40 | 000,395,539 | ---- | M] () -- C:\Users\indidginus\Desktop\Shiva_Mahamrityunjaya_Mantra.jpg
[2015/02/11 20:39:45 | 000,593,292 | ---- | M] () -- C:\Users\indidginus\Desktop\Installing Translucent Corrugated Roof Panels.pdf
[2015/02/11 10:32:49 | 007,672,624 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015/02/08 20:06:17 | 000,069,652 | ---- | M] () -- C:\Users\indidginus\Desktop\Monthly_Load_Shedding_Schedule.pdf
[2015/02/03 10:47:26 | 000,341,472 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgloga.sys

========== Files Created - No Company Name ==========

[2015/02/28 16:33:39 | 000,000,000 | -HS- | C] () -- C:\DkHyperbootSync
[2015/02/27 19:34:38 | 000,007,609 | ---- | C] () -- C:\Users\indidginus\Desktop\proof-1991-720p.torrent
[2015/02/21 17:44:29 | 000,417,923 | ---- | C] () -- C:\Users\indidginus\Desktop\Inkulu Roofing Translucent Profiled Sheeting - Instructions.pdf
[2015/02/21 17:14:09 | 000,206,613 | ---- | C] () -- C:\Users\indidginus\Desktop\Roof Sheeting and Steel Products - Installation and Other Info.pdf
[2015/02/14 12:49:19 | 000,162,820 | ---- | C] () -- C:\Users\indidginus\Desktop\Bulbs_Disposal_Cape_Town.pdf
[2015/02/14 11:06:11 | 000,395,539 | ---- | C] () -- C:\Users\indidginus\Desktop\Shiva_Mahamrityunjaya_Mantra.jpg
[2015/02/14 00:12:34 | 010,780,338 | ---- | C] () -- C:\Users\indidginus\Desktop\Shiva_Mahamrityunjaya_Mantra.mp3
[2015/02/11 20:39:44 | 000,593,292 | ---- | C] () -- C:\Users\indidginus\Desktop\Installing Translucent Corrugated Roof Panels.pdf
[2015/02/08 20:06:17 | 000,069,652 | ---- | C] () -- C:\Users\indidginus\Desktop\Monthly_Load_Shedding_Schedule.pdf
[2014/09/27 11:58:10 | 000,000,775 | ---- | C] () -- C:\Users\indidginus\AppData\Local\recently-used.xbel
[2014/09/27 11:47:20 | 000,000,132 | ---- | C] () -- C:\Users\indidginus\AppData\Roaming\Adobe BMP Format CS5 Prefs
[2014/08/05 10:14:19 | 000,000,132 | ---- | C] () -- C:\Users\indidginus\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2014/06/04 15:30:12 | 000,036,585 | ---- | C] () -- C:\Users\indidginus\AppData\Roaming\Comma Separated Values (Windows).ADR
[2014/04/30 19:47:48 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2014/04/26 09:30:50 | 001,083,136 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2014/04/25 14:07:55 | 000,036,445 | ---- | C] () -- C:\Users\indidginus\AppData\Local\WiDiSetupLog.20140425.140755.wdl
[2014/04/24 14:51:10 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2013/10/23 17:26:22 | 000,001,456 | ---- | C] () -- C:\Users\indidginus\AppData\Local\Adobe Save for Web 12.0 Prefs
[2013/10/22 17:15:25 | 015,695,872 | ---- | C] () -- C:\Windows\SysWow64\SSL Channel Stereo.dll
[2013/10/22 17:15:25 | 013,545,472 | ---- | C] () -- C:\Windows\SysWow64\SSL X-Verb Stereo.dll
[2013/10/22 17:15:25 | 006,569,984 | ---- | C] () -- C:\Windows\SysWow64\SSL X-Eq Stereo.dll
[2013/10/22 17:15:25 | 006,569,984 | ---- | C] () -- C:\Windows\SysWow64\SSL X-Eq Mono.dll
[2013/10/22 17:15:25 | 006,217,728 | ---- | C] () -- C:\Windows\SysWow64\SSL X-Comp Stereo.dll
[2013/10/22 17:15:25 | 006,217,728 | ---- | C] () -- C:\Windows\SysWow64\SSL X-Comp Mono.dll
[2013/10/22 17:15:25 | 005,787,648 | ---- | C] () -- C:\Windows\SysWow64\SSL Drumstrip Stereo.dll
[2013/10/22 17:15:25 | 005,783,552 | ---- | C] () -- C:\Windows\SysWow64\SSL Drumstrip Mono.dll
[2013/10/22 17:15:25 | 005,079,040 | ---- | C] () -- C:\Windows\SysWow64\SSL Vocalstrip Stereo.dll
[2013/10/22 17:15:25 | 005,074,944 | ---- | C] () -- C:\Windows\SysWow64\SSL Vocalstrip Mono.dll
[2013/10/22 17:15:24 | 015,687,680 | ---- | C] () -- C:\Windows\SysWow64\SSL Channel Mono.dll
[2013/10/22 17:15:24 | 007,122,944 | ---- | C] () -- C:\Windows\SysWow64\SSL Bus Compressor Stereo.dll
[2013/10/22 17:15:24 | 007,122,944 | ---- | C] () -- C:\Windows\SysWow64\SSL Bus Compressor Mono.dll
[2013/10/22 17:15:24 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\FxShared.dll
[2013/10/22 17:15:24 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\com.fxpansion.fxshared.dll
[2013/10/22 17:02:55 | 000,002,756 | ---- | C] () -- C:\Windows\SysWow64\ssolekuy.dll
[2013/10/22 17:02:55 | 000,002,756 | ---- | C] () -- C:\Windows\SysWow64\ssoleht.dll
[2013/10/22 17:02:55 | 000,002,756 | ---- | C] () -- C:\Windows\SysWow64\sslibtth.dll
[2013/10/22 17:02:55 | 000,002,756 | ---- | C] () -- C:\Windows\SysWow64\sslibram.dll
[2013/10/22 17:02:55 | 000,002,756 | ---- | C] () -- C:\Windows\SysWow64\sslibmmn.dll
[2013/10/22 17:02:55 | 000,002,756 | ---- | C] () -- C:\Windows\SysWow64\sslibkh.dll
[2013/10/22 17:02:55 | 000,002,756 | ---- | C] () -- C:\Windows\SysWow64\sslibfg.dll
[2013/10/22 17:02:55 | 000,002,756 | ---- | C] () -- C:\Windows\SysWow64\sslibeh.dll
[2013/10/22 17:02:55 | 000,002,756 | ---- | C] () -- C:\Windows\SysWow64\solegeh.dll
[2013/10/22 17:02:55 | 000,002,756 | ---- | C] () -- C:\Windows\SysWow64\slibff.dll
[2013/10/22 17:02:55 | 000,002,756 | ---- | C] () -- C:\Windows\SysWow64\slibddf.dll
[2013/10/22 17:02:54 | 000,002,756 | ---- | C] () -- C:\Windows\SysWow64\sslibjy.dll
[2013/10/22 17:02:50 | 000,678,746 | ---- | C] () -- C:\Windows\unins000.exe
[2013/10/22 17:02:50 | 000,024,372 | ---- | C] () -- C:\Windows\unins000.dat
[2013/10/22 16:53:14 | 006,613,504 | ---- | C] () -- C:\Windows\SysWow64\PSP VintageWarmer2.dll
[2013/10/22 16:53:14 | 006,573,568 | ---- | C] () -- C:\Windows\SysWow64\PSP MicroWarmer.dll
[2013/10/22 16:53:13 | 006,605,312 | ---- | C] () -- C:\Windows\SysWow64\PSP VintageWarmer.dll
[2013/10/22 16:16:55 | 000,833,180 | ---- | C] () -- C:\Windows\Replicant VST plug-in Uninstaller.exe
[2013/10/22 16:15:40 | 000,833,159 | ---- | C] () -- C:\Windows\PhaseTwo VST plug-in Uninstaller.exe
[2013/10/21 20:33:46 | 000,036,864 | ---- | C] () -- C:\Windows\Algouinstall.exe
[2013/10/21 18:15:43 | 000,001,784 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2013/10/21 17:50:52 | 000,110,592 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDevice.Dll
[2013/10/21 17:50:52 | 000,037,344 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDisk.Sys
[2013/10/21 15:49:35 | 000,034,505 | ---- | C] () -- C:\Users\indidginus\AppData\Local\WiDiSetupLog.20131021.154935.wdl
[2013/10/06 01:44:37 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2013/10/06 01:39:19 | 000,756,084 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin
[2013/10/06 01:39:19 | 000,561,508 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin
[2013/10/05 20:41:21 | 000,000,000 | ---- | C] () -- C:\Windows\firstboot.dat

========== ZeroAccess Check ==========

[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/06/25 04:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/06/25 03:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/10/22 12:25:17 | 000,000,000 | ---D | M] -- C:\Users\indidginus\AppData\Roaming\Ableton
[2014/06/22 18:12:38 | 000,000,000 | ---D | M] -- C:\Users\indidginus\AppData\Roaming\Amazon
[2013/10/22 16:00:18 | 000,000,000 | ---D | M] -- C:\Users\indidginus\AppData\Roaming\Antares
[2014/10/20 08:58:52 | 000,000,000 | ---D | M] -- C:\Users\indidginus\AppData\Roaming\AVG2015
[2015/02/28 17:28:17 | 000,000,000 | ---D | M] -- C:\Users\indidginus\AppData\Roaming\BitTorrent
[2014/04/26 09:29:25 | 000,000,000 | ---D | M] -- C:\Users\indidginus\AppData\Roaming\chc
[2014/04/26 09:29:24 | 000,000,000 | ---D | M] -- C:\Users\indidginus\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2014/10/18 18:25:56 | 000,000,000 | ---D | M] -- C:\Users\indidginus\AppData\Roaming\inkscape
[2013/10/22 16:35:27 | 000,000,000 | ---D | M] -- C:\Users\indidginus\AppData\Roaming\iZotope
[2013/10/21 16:21:30 | 000,000,000 | ---D | M] -- C:\Users\indidginus\AppData\Roaming\Korg
[2013/10/05 20:44:26 | 000,000,000 | ---D | M] -- C:\Users\indidginus\AppData\Roaming\Leadertech
[2014/04/25 10:21:12 | 000,000,000 | ---D | M] -- C:\Users\indidginus\AppData\Roaming\Lenovo
[2013/10/22 16:46:44 | 000,000,000 | ---D | M] -- C:\Users\indidginus\AppData\Roaming\Lexicon PCM Native
[2014/12/29 23:54:24 | 000,000,000 | ---D | M] -- C:\Users\indidginus\AppData\Roaming\Mp3tag
[2014/04/24 14:24:36 | 000,000,000 | ---D | M] -- C:\Users\indidginus\AppData\Roaming\MPC-HC
[2014/09/25 18:25:48 | 000,000,000 | ---D | M] -- C:\Users\indidginus\AppData\Roaming\OpenOffice
[2014/05/04 16:09:45 | 000,000,000 | ---D | M] -- C:\Users\indidginus\AppData\Roaming\Oracle
[2013/10/21 20:19:38 | 000,000,000 | ---D | M] -- C:\Users\indidginus\AppData\Roaming\PACE Anti-Piracy
[2013/10/22 17:21:20 | 000,000,000 | ---D | M] -- C:\Users\indidginus\AppData\Roaming\Plugin Alliance
[2013/10/22 11:40:24 | 000,000,000 | ---D | M] -- C:\Users\indidginus\AppData\Roaming\Publish Providers
[2013/10/06 01:24:04 | 000,000,000 | ---D | M] -- C:\Users\indidginus\AppData\Roaming\PwrMgr
[2015/02/27 22:19:39 | 000,000,000 | ---D | M] -- C:\Users\indidginus\AppData\Roaming\QuickScan
[2014/12/28 15:11:07 | 000,000,000 | ---D | M] -- C:\Users\indidginus\AppData\Roaming\Samsung
[2015/02/01 00:51:54 | 000,000,000 | ---D | M] -- C:\Users\indidginus\AppData\Roaming\SketchUp
[2013/10/22 11:40:27 | 000,000,000 | ---D | M] -- C:\Users\indidginus\AppData\Roaming\Sony
[2013/10/22 18:02:43 | 000,000,000 | ---D | M] -- C:\Users\indidginus\AppData\Roaming\SPL Plug-Ins
[2013/10/21 20:20:29 | 000,000,000 | ---D | M] -- C:\Users\indidginus\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013/10/22 13:30:33 | 000,000,000 | ---D | M] -- C:\Users\indidginus\AppData\Roaming\Steinberg
[2014/05/14 18:34:38 | 000,000,000 | ---D | M] -- C:\Users\indidginus\AppData\Roaming\TagScanner
[2014/06/05 13:41:57 | 000,000,000 | ---D | M] -- C:\Users\indidginus\AppData\Roaming\Thunderbird
[2013/10/05 21:11:33 | 000,000,000 | ---D | M] -- C:\Users\indidginus\AppData\Roaming\TuneUp Software
[2013/10/28 13:50:33 | 000,000,000 | ---D | M] -- C:\Users\indidginus\AppData\Roaming\Ulead Systems
[2013/10/22 12:49:15 | 000,000,000 | ---D | M] -- C:\Users\indidginus\AppData\Roaming\VST3 Presets
[2013/10/22 19:08:11 | 000,000,000 | ---D | M] -- C:\Users\indidginus\AppData\Roaming\Waves
[2013/10/22 18:44:59 | 000,000,000 | ---D | M] -- C:\Users\indidginus\AppData\Roaming\Waves Audio
[2013/10/22 19:08:19 | 000,000,000 | ---D | M] -- C:\Users\indidginus\AppData\Roaming\Waves Preferences
[2013/10/27 11:15:12 | 000,000,000 | ---D | M] -- C:\Users\indidginus\AppData\Roaming\Windows Live Writer

========== Purity Check ==========



< End of report >

Attached Files


  • 0

Advertisements







Similar Topics


Also tagged with one or more of these keywords: antivirus, malware

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP