Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. 
Join 
This topic is locked
I have the Avira antivirus software on my laptop. However, whenever I try to update the antivirus, it doesn't start at all and hangs. The longest record was over two hours.
I have read on the forums that it could be a virus issue. However, I require some guidance on removing the possible case of malware as I am quite illiterate with these complex problems.
I currently run Windows 8.1 on my laptop.
Here are my logs.
OTL logfile created on: 7/12/2013 11:16:13 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\COLIN\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16438)
Locale: 00004809 | Country: Singapore | Language: ENE | Date Format: d/M/yyyy
11.92 Gb Total Physical Memory | 3.29 Gb Available Physical Memory | 27.61% Memory free
14.30 Gb Paging File | 3.95 Gb Available in Paging File | 27.61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 117.85 Gb Total Space | 9.55 Gb Free Space | 8.10% Space Free | Partition Type: NTFS
Drive D: | 679.38 Gb Total Space | 577.59 Gb Free Space | 85.02% Space Free | Partition Type: NTFS
Computer Name: COLIN-NB | User Name: COLIN | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\COLIN\Downloads\OTL (1).exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - D:\Origin\Origin.exe (Electronic Arts)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\ipmgui.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\update.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\updrgui.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
PRC - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe (AVG Secure Search)
PRC - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\loggingserver.exe ()
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer Inc.)
PRC - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe (APN LLC.)
PRC - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (APN)
PRC - C:\Windows\SysWOW64\WWAHost.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - D:\Advanced SystemCare 6\Monitor.exe (IObit)
PRC - C:\Program Files\WinZip\WZQKPICK32.EXE (WinZip Computing, S.L.)
PRC - C:\Program Files (x86)\MSI\KLM\KLM.exe (Micro-Star International Co., Ltd.)
PRC - C:\Program Files (x86)\SCM\MSIService.exe (Micro-Star International Co., Ltd.)
PRC - D:\Advanced SystemCare 6\ASCTray.exe (IObit)
PRC - D:\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - D:\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - D:\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
PRC - C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe (MSI)
PRC - C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe (MSI)
PRC - C:\Program Files (x86)\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.)
PRC - C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\SymcPCCULaunchSvc.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Gaming Mouse\Monitor.EXE ()
PRC - C:\Program Files (x86)\Gaming Mouse\Applets\OSDMSN.EXE ()
PRC - C:\Program Files (x86)\Gaming Mouse\OSD.exe ()
PRC - C:\Program Files (x86)\Gaming Mouse\Applets\CpuRam.exe ()
PRC - C:\Program Files (x86)\Gaming Mouse\Applets\OSDSkype.exe ()
PRC - C:\Program Files (x86)\Gaming Mouse\Applets\EmailPOP3.EXE ()
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppgooglenaclpluginchrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll ()
MOD - C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
MOD - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\log4cplusU.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - D:\Advanced SystemCare 6\madexcept_.bpl ()
MOD - D:\Advanced SystemCare 6\maddisAsm_.bpl ()
MOD - D:\Advanced SystemCare 6\madbasic_.bpl ()
MOD - D:\Advanced SystemCare 6\webres.dll ()
MOD - C:\Program Files (x86)\Gaming Mouse\Monitor.EXE ()
MOD - C:\Program Files (x86)\Gaming Mouse\hiddriver.dll ()
MOD - C:\Program Files (x86)\Gaming Mouse\Applets\OSDMSN.EXE ()
MOD - C:\Program Files (x86)\Gaming Mouse\OSD.exe ()
MOD - C:\Program Files (x86)\Gaming Mouse\Applets\CpuRam.exe ()
MOD - C:\Program Files (x86)\Gaming Mouse\Applets\OSDSkype.exe ()
MOD - C:\Program Files (x86)\Gaming Mouse\Applets\EmailPOP3.EXE ()
MOD - C:\Program Files (x86)\Gaming Mouse\lan.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (IEEtwCollectorService) -- C:\WINDOWS\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (NvStreamSvc) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (WdNisSvc) -- C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (IAStorDataMgrSvc) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV:64bit: - (Qualcomm Atheros Killer Service) -- C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe ()
SRV:64bit: - (Intel® -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe (Intel® Corporation)
SRV:64bit: - (Intel® -- C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel® Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirFirewallService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe (Avira Operations GmbH & Co. KG)
SRV - (vToolbarUpdater17.1.2) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe (AVG Secure Search)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (APNMCP) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe (APN LLC.)
SRV - (NAT) -- C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe (Symantec Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AntiVirWebService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirMailService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe (Avira Operations GmbH & Co. KG)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (lfsvc) -- C:\Windows\SysWOW64\GeofenceMonitorService.dll (Microsoft Corporation)
SRV - (RzMaelstromVADStreamingService) -- C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe (A-Volute)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (PrintNotify) -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
SRV - (Micro Star SCM) -- C:\Program Files (x86)\SCM\MSIService.exe (Micro-Star International Co., Ltd.)
SRV - (MBAMService) -- D:\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- D:\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (Intel® -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Qualcomm Atheros Commnucations)
SRV - (ZAtheros Bt and Wlan Coex Agent) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
SRV - (MSI_SuperCharger) -- C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe (MSI)
SRV - (NOBU) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Symantec Corporation)
SRV - (BstHdLogRotatorSvc) -- c:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.)
SRV - (BstHdAndroidSvc) -- c:\Program Files (x86)\BlueStacks\HD-Service.exe (BlueStack Systems, Inc.)
SRV - (PCCUJobMgr) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\ccSvcHst.exe (Symantec Corporation)
SRV - (Norton PC Checkup Application Launcher) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\SymcPCCULaunchSvc.exe (Symantec Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avfwim) -- C:\Windows\SysNative\drivers\avfwim.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avgtp) -- C:\Windows\SysNative\drivers\avgtpx64.sys (AVG Technologies)
DRV:64bit: - (nvkflt) -- C:\Windows\SysNative\drivers\nvkflt.sys (NVIDIA Corporation)
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (avnetflt) -- C:\Windows\SysNative\drivers\avnetflt.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation)
DRV:64bit: - (intaud_WaveExtensible) -- C:\Windows\SysNative\drivers\intelaud.sys (Intel Corporation)
DRV:64bit: - (iwdbus) -- C:\Windows\SysNative\drivers\iwdbus.sys (Intel Corporation)
DRV:64bit: - (RZMAELSTROMVADService) -- C:\Windows\SysNative\drivers\RzMaelstromVAD.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (avfwot) -- C:\Windows\SysNative\drivers\avfwot.sys (Avira GmbH)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (LSI_SAS3) -- C:\Windows\SysNative\drivers\lsi_sas3.sys (LSI Corporation)
DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (ReFS) -- C:\WINDOWS\SysNative\drivers\refs.sys (Microsoft Corporation)
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc63.sys (Microsoft Corporation)
DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\drivers\BthLEEnum.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (ccSet_NAT) -- C:\Windows\SysNative\drivers\NATx64\010A000.009\ccSetx64.sys (Symantec Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (BfLwf) -- C:\Windows\SysNative\drivers\bwcW8x64.sys (Qualcomm Atheros, Inc.)
DRV:64bit: - (Ke2200) -- C:\Windows\SysNative\drivers\e22w8x64.sys (Qualcomm Atheros, Inc.)
DRV:64bit: - (akw8x64) -- C:\Windows\SysNative\drivers\akw8x64.sys (Qualcomm Atheros, Inc.)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\drivers\btath_a2dp.sys (Qualcomm Atheros)
DRV:64bit: - (btath_avdt) -- C:\Windows\SysNative\drivers\btath_avdt.sys (Qualcomm Atheros)
DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Qualcomm Atheros)
DRV:64bit: - (ATHDFU) -- C:\Windows\SysNative\drivers\AthDfu.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (ccSet_NARA) -- C:\Windows\SysNative\drivers\NARAx64\0403000.00E\ccSetx64.sys (Symantec Corporation)
DRV - (ipadtst) -- C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys (Windows ® Win 7 DDK provider)
DRV - (BstHdDrv) -- c:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys (BlueStack Systems)
DRV - (NTIOLib_1_0_3) -- C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys (MSI)
DRV - (WinRing0_1_2_0) -- C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys (OpenLibSys.org)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {96272E66-CB1C-40DB-B50F-C0482AFD4093}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8473}: "URL" = http://dts.search.as...q={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{96272E66-CB1C-40DB-B50F-C0482AFD4093}: "URL" = http://www.bing.com/...10TR&pc=MAMIJS;
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {96272E66-CB1C-40DB-B50F-C0482AFD4093}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8473}: "URL" = http://dts.search.as...q={searchTerms}
IE - HKLM\..\SearchScopes\{96272E66-CB1C-40DB-B50F-C0482AFD4093}: "URL" = http://www.bing.com/...10TR&pc=MAMIJS;
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://msi13.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.search.as...v=a9397-147&t=4
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKCU\..\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8473}: "URL" = http://dts.search.as...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.1.2\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.3.0: C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.40.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.40.2: D:\bin\plugin2\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - Extension: Ask Toolbar = C:\Users\COLIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaajpkhjdkhhnkmgfjodbkfpbmibkkk\25.60699_0\
CHR - Extension: Google Translate = C:\Users\COLIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\1.2.5_0\
CHR - Extension: Google Docs = C:\Users\COLIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\COLIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\COLIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\COLIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: AVG Secure Search = C:\Users\COLIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\17.1.2.1_0\
CHR - Extension: Advanced SystemCare Surfing Protection = C:\Users\COLIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_1\
CHR - Extension: Google Wallet = C:\Users\COLIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
CHR - Extension: Gmail = C:\Users\COLIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2013/08/22 21:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\bin\ssv.dll File not found
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O2 - BHO: (Advanced SystemCare Browser Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - D:\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll (IObit)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\bin\jp2ssv.dll File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MBCfg64] C:\WINDOWS\SysNative\MBCfg64.DLL (Creative Technology Ltd.)
O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Radio Manager] C:\Program Files (x86)\SCM\Radio Manager.exe (MSI)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SCM] C:\Program Files (x86)\SCM\SCM.exe (MSI)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\WINDOWS\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnTBMon] C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (APN)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BlueStacks Agent] c:\Program Files (x86)\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.)
O4 - HKLM..\Run: [Gaming Mouse Driver] C:\Program Files (x86)\Gaming Mouse\Monitor.EXE ()
O4 - HKLM..\Run: [KLM] C:\Program Files (x86)\MSI\KLM\KLM.exe (Micro-Star International Co., Ltd.)
O4 - HKLM..\Run: [Razer Synapse] C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer Inc.)
O4 - HKLM..\Run: [Sound Blaster Cinema] C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe (MSI)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [Advanced SystemCare 6] D:\Advanced SystemCare 6\ASCTray.exe (IObit)
O4 - HKCU..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKCU..\Run: [EADM] D:\Origin\Origin.exe (Electronic Arts)
O4 - HKCU..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" (Qualcomm Atheros Commnucations)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{105FE3EB-FC4A-41A8-B8A8-C81F44FAA953}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.1.2\ViProtocol.dll (AVG Secure Search)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\MOVIES~1\SAFETY~1\x64\SAFETY~2.DLL) - File not found
O20:64bit: - AppInit_DLLs: (C:\WINDOWS\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (c:\progra~2\movies~1\safety~1\safety~2.dll) - File not found
O20 - AppInit_DLLs: (C:\WINDOWS\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\bitguard.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\bprotect.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\browserdefender.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\browserprotect.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\bitguard.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\bprotect.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browserdefender.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browserprotect.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/12/07 22:41:24 | 000,033,726 | ---- | M] () - C:\autoupdate.log -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
NetSvcs:64bit: lfsvc - C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\WINDOWS\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2013/12/07 22:48:33 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\COLIN\Desktop\TDSSKiller.exe
[2013/12/07 15:48:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013/12/07 15:48:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013/11/19 19:18:39 | 000,114,608 | ---- | C] (Avira GmbH) -- C:\WINDOWS\SysNative\drivers\avfwim.sys
[2013/11/17 11:47:25 | 002,801,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2013/11/17 11:47:25 | 001,085,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.appcore.dll
[2013/11/17 11:47:25 | 000,869,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.appcore.dll
[2013/11/17 11:47:14 | 018,577,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2013/11/17 11:47:13 | 013,925,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2013/11/17 11:47:12 | 013,176,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2013/11/17 11:47:12 | 011,674,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2013/11/17 11:47:06 | 003,395,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSService.dll
[2013/11/17 11:47:03 | 006,639,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2013/11/17 11:47:01 | 007,399,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2013/11/17 11:47:01 | 005,769,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2013/11/17 11:47:00 | 004,104,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncEngine.dll
[2013/11/17 11:47:00 | 002,570,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers.dll
[2013/11/17 11:47:00 | 002,143,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2013/11/17 11:46:59 | 002,617,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2013/11/17 11:46:59 | 002,328,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2013/11/17 11:46:59 | 002,295,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2013/11/17 11:46:59 | 001,302,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2013/11/17 11:46:59 | 001,231,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll
[2013/11/17 11:46:59 | 001,147,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIAutomationCore.dll
[2013/11/17 11:46:58 | 002,065,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2013/11/17 11:46:58 | 001,765,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2013/11/17 11:46:58 | 001,584,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\workfolderssvc.dll
[2013/11/17 11:46:58 | 001,067,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfasfsrcsnk.dll
[2013/11/17 11:46:58 | 000,920,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UIAutomationCore.dll
[2013/11/17 11:46:58 | 000,888,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll
[2013/11/17 11:46:58 | 000,883,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll
[2013/11/17 11:46:57 | 002,134,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d9.dll
[2013/11/17 11:46:57 | 001,287,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel32.dll
[2013/11/17 11:46:57 | 000,839,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSShared.dll
[2013/11/17 11:46:57 | 000,700,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSShared.dll
[2013/11/17 11:46:57 | 000,578,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.BackgroundTransfer.dll
[2013/11/17 11:46:57 | 000,481,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsvr.dll
[2013/11/17 11:46:57 | 000,380,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsvr.dll
[2013/11/17 11:46:56 | 004,599,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d2d1.dll
[2013/11/17 11:46:56 | 001,399,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winmde.dll
[2013/11/17 11:46:56 | 001,160,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Web.Http.dll
[2013/11/17 11:46:56 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Web.Http.dll
[2013/11/17 11:46:56 | 000,699,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d10level9.dll
[2013/11/17 11:46:56 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.BackgroundTransfer.dll
[2013/11/17 11:46:55 | 001,373,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmpmde.dll
[2013/11/17 11:46:55 | 001,011,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TSWorkspace.dll
[2013/11/17 11:46:55 | 000,761,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkfoldersControl.dll
[2013/11/17 11:46:55 | 000,708,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iuilp.dll
[2013/11/17 11:46:55 | 000,656,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dnsapi.dll
[2013/11/17 11:46:55 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppReadiness.dll
[2013/11/17 11:46:54 | 001,204,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winmde.dll
[2013/11/17 11:46:54 | 000,631,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WWAHost.exe
[2013/11/17 11:46:54 | 000,518,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WWAHost.exe
[2013/11/17 11:46:54 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\eapphost.dll
[2013/11/17 11:46:53 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comdlg32.dll
[2013/11/17 11:46:53 | 000,558,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\apphelp.dll
[2013/11/17 11:46:53 | 000,465,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll
[2013/11/17 11:46:53 | 000,391,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tsmf.dll
[2013/11/17 11:46:53 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\eapp3hst.dll
[2013/11/17 11:46:53 | 000,171,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kd_02_8086.dll
[2013/11/17 11:46:53 | 000,031,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ploptin.dll
[2013/11/17 11:46:52 | 000,795,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TSWorkspace.dll
[2013/11/17 11:46:52 | 000,345,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tsmf.dll
[2013/11/17 11:46:52 | 000,317,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wintrust.dll
[2013/11/17 11:46:52 | 000,286,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pcsvDevice.dll
[2013/11/17 11:46:52 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\psmsrv.dll
[2013/11/17 11:46:52 | 000,104,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncryptsslp.dll
[2013/11/17 11:46:52 | 000,088,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncryptsslp.dll
[2013/11/17 11:46:51 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samsrv.dll
[2013/11/17 11:46:51 | 000,371,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2013/11/17 11:46:51 | 000,262,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\eapphost.dll
[2013/11/17 11:46:51 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msched.dll
[2013/11/17 11:46:50 | 001,843,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Display.dll
[2013/11/17 11:46:50 | 000,325,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBXHCI.SYS
[2013/11/17 11:46:50 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dafWfdProvider.dll
[2013/11/17 11:46:50 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shsetup.dll
[2013/11/17 11:46:50 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dafBth.dll
[2013/11/17 11:46:50 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TSWbPrxy.exe
[2013/11/17 11:46:50 | 000,057,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\stornvme.sys
[2013/11/17 11:46:50 | 000,054,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2013/11/17 11:46:50 | 000,044,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wldp.dll
[2013/11/17 11:46:50 | 000,039,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\intelpep.sys
[2013/11/17 11:46:49 | 001,816,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Display.dll
[2013/11/17 11:46:49 | 000,922,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.dll
[2013/11/17 11:46:49 | 000,381,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll
[2013/11/17 11:46:49 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\eappcfg.dll
[2013/11/17 11:46:49 | 000,272,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\eappcfg.dll
[2013/11/17 11:46:49 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\eapp3hst.dll
[2013/11/17 11:46:49 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WiFiDisplay.dll
[2013/11/17 11:46:49 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\eappgnui.dll
[2013/11/17 11:46:49 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\shsetup.dll
[2013/11/17 11:46:49 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\eappgnui.dll
[2013/11/17 11:46:48 | 001,704,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll
[2013/11/17 11:46:48 | 000,909,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmCoreR.dll
[2013/11/17 11:46:48 | 000,621,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MrmCoreR.dll
[2013/11/17 11:46:48 | 000,338,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpclip.exe
[2013/11/17 11:46:48 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2013/11/17 11:46:48 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\miutils.dll
[2013/11/17 11:46:48 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2013/11/17 11:46:48 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkFoldersShell.dll
[2013/11/17 11:46:48 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ftp.exe
[2013/11/17 11:46:48 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ftp.exe
[2013/11/17 11:46:47 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\miutils.dll
[2013/11/17 11:46:47 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxAllUserStore.dll
[2013/11/17 11:46:47 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxAllUserStore.dll
[2013/11/13 15:25:04 | 001,341,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32.dll
[2013/11/13 15:25:03 | 000,136,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wfplwfs.sys
[2013/11/13 15:24:59 | 005,765,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2013/11/13 15:24:59 | 001,993,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2013/11/13 15:24:59 | 001,926,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2013/11/13 15:24:59 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2013/11/13 15:24:59 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollector.exe
[2013/11/13 15:24:26 | 001,943,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\crypt32.dll
[2013/11/12 19:41:55 | 000,000,000 | ---D | C] -- C:\Users\COLIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IAHGames
[2013/11/12 19:41:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IAHGames
[2013/11/12 19:41:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IAHGames
[2013/11/10 16:13:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DFIGames
[2013/11/10 16:12:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DFIGames
[2013/11/10 15:40:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/11/10 15:40:25 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/11/10 15:40:25 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/11/10 15:40:25 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
========== Files - Modified Within 30 Days ==========
[2013/12/07 23:17:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/12/07 22:41:22 | 000,002,213 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/12/07 22:41:22 | 000,000,910 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/12/07 22:41:05 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/12/07 18:37:35 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/11/22 15:08:12 | 000,865,408 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2013/11/22 15:08:12 | 000,736,970 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2013/11/22 15:08:12 | 000,140,352 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2013/11/22 15:01:50 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013/11/22 15:01:50 | 1650,687,998 | -HS- | M] () -- C:\hiberfil.sys
[2013/11/19 19:18:42 | 000,000,040 | ---- | M] () -- C:\WINDOWS\SysNative\InstallationInfs
[2013/11/19 19:18:26 | 000,132,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\SysNative\drivers\avipbb.sys
[2013/11/19 19:18:26 | 000,114,608 | ---- | M] (Avira GmbH) -- C:\WINDOWS\SysNative\drivers\avfwim.sys
[2013/11/19 19:18:26 | 000,106,904 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\SysNative\drivers\avgntflt.sys
[2013/11/17 21:21:08 | 000,002,313 | ---- | M] () -- C:\Users\COLIN\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/11/17 21:20:36 | 000,388,768 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2013/11/11 14:49:50 | 000,046,368 | ---- | M] (AVG Technologies) -- C:\WINDOWS\SysNative\drivers\avgtpx64.sys
[2013/11/11 14:07:14 | 000,000,648 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/11/10 16:13:40 | 000,002,293 | ---- | M] () -- C:\Users\Public\Desktop\SpecialForce.lnk
[2013/11/10 15:40:38 | 000,001,805 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
========== Files Created - No Company Name ==========
[2013/11/19 19:18:42 | 000,000,040 | ---- | C] () -- C:\WINDOWS\SysNative\InstallationInfs
[2013/11/17 11:46:50 | 000,385,528 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2013/11/10 16:13:40 | 000,002,293 | ---- | C] () -- C:\Users\Public\Desktop\SpecialForce.lnk
[2013/11/10 15:40:38 | 000,001,805 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/10/03 23:42:46 | 000,343,040 | ---- | C] () -- C:\WINDOWS\SysWow64\igdmd32.dll
[2013/10/03 23:42:40 | 000,180,736 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2013/10/03 23:42:38 | 000,142,848 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll
[2013/09/10 01:40:01 | 000,215,416 | ---- | C] () -- C:\WINDOWS\SysWow64\PnkBstrB.exe
[2013/09/10 01:39:57 | 002,434,856 | ---- | C] () -- C:\WINDOWS\SysWow64\pbsvc.exe
[2013/09/10 01:39:57 | 000,076,888 | ---- | C] () -- C:\WINDOWS\SysWow64\PnkBstrA.exe
[2013/08/22 23:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 23:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 22:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 15:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/22 11:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/22 11:17:46 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2013/08/22 07:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/22 07:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013/06/27 02:44:30 | 000,008,570 | ---- | C] () -- C:\WINDOWS\SysWow64\MBCfg32.ini
[2013/06/27 02:44:30 | 000,005,856 | ---- | C] () -- C:\WINDOWS\SysWow64\MBCfgUninstall32.ini
[2013/06/27 02:44:30 | 000,002,835 | ---- | C] () -- C:\WINDOWS\MBCfg_SP_APOIM.ini
[2013/06/27 02:44:30 | 000,002,783 | ---- | C] () -- C:\WINDOWS\MBCfg_APOIM.ini
[2013/06/27 02:44:30 | 000,002,747 | ---- | C] () -- C:\WINDOWS\MBCfg_HP_APOIM.ini
[2013/06/27 02:44:29 | 000,246,272 | ---- | C] () -- C:\WINDOWS\SysWow64\APOMngr.DLL
[2013/06/27 02:44:29 | 000,074,240 | ---- | C] () -- C:\WINDOWS\SysWow64\CmdRtr.DLL
[2013/06/27 02:25:30 | 000,880,342 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2013/05/14 01:47:10 | 000,255,392 | ---- | C] () -- C:\WINDOWS\SysWow64\DeviceCount.exe
[2013/02/14 03:27:54 | 000,001,536 | ---- | C] () -- C:\WINDOWS\SysWow64\IusEventLog.dll
[2012/07/26 04:22:56 | 000,733,840 | ---- | C] () -- C:\WINDOWS\SysWow64\igcodeckrng700.bin
[2012/07/26 04:22:56 | 000,492,340 | ---- | C] () -- C:\WINDOWS\SysWow64\igvpkrng700.bin
========== ZeroAccess Check ==========
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/11/06 04:21:27 | 021,196,664 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/11/06 02:51:37 | 018,642,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 17:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/22 10:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 17:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013/09/10 00:37:12 | 000,000,000 | ---D | M] -- C:\Users\COLIN\AppData\Roaming\IObit
[2013/09/10 00:43:54 | 000,000,000 | ---D | M] -- C:\Users\COLIN\AppData\Roaming\Origin
[2013/09/23 12:45:31 | 000,000,000 | ---D | M] -- C:\Users\COLIN\AppData\Roaming\Ubisoft
========== Purity Check ==========
========== Custom Scans ==========
< %USERPROFILE%\..|smtmp;true;true;true /FP >
< %temp%\smtmp\*.* /s > >
< MD5 for: EXPLORER.ADML >
[2013/09/30 11:48:10 | 000,003,671 | ---- | M] () MD5=007B16AEF3E958080573CDB80648167D -- C:\Windows\WinSxS\amd64_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.3.9600.16384_en-us_13bedf9d3e4c78d1\Explorer.adml
< MD5 for: EXPLORER.ADMX >
[2013/06/18 22:57:40 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\WinSxS\amd64_microsoft-windows-shell-grouppolicy_31bf3856ad364e35_6.3.9600.16384_none_067909bec4cce684\Explorer.admx
< MD5 for: EXPLORER.EXE >
[2013/10/22 14:03:47 | 002,065,448 | ---- | M] (Microsoft Corporation) MD5=1A0BC9598E4A58FC84570FFF5A108E58 -- C:\Windows\SysWOW64\explorer.exe
[2013/10/22 14:03:47 | 002,065,448 | ---- | M] (Microsoft Corporation) MD5=1A0BC9598E4A58FC84570FFF5A108E58 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16441_none_4ceff22781f6788c\explorer.exe
[2013/11/17 22:06:37 | 000,133,444 | ---- | M] () MD5=3DDF61E1B538A1205612192A61CC2376 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16408_none_42cd898b4d6ef82e\explorer.exe
[2013/10/22 15:55:27 | 002,328,872 | ---- | M] (Microsoft Corporation) MD5=63DC38C3E4564B2405D562855643ABA2 -- C:\Windows\explorer.exe
[2013/10/22 15:55:27 | 002,328,872 | ---- | M] (Microsoft Corporation) MD5=63DC38C3E4564B2405D562855643ABA2 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16441_none_429b47d54d95b691\explorer.exe
[2013/11/17 22:12:17 | 000,127,825 | ---- | M] () MD5=983D8A3EB94B05A199D3744C0F0C475F -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16408_none_4d2233dd81cfba29\explorer.exe
< MD5 for: EXPLORER.EXE.MUI >
[2013/09/30 11:47:55 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=6B943F9892499269B3C4886C1F0BD843 -- C:\Windows\en-US\explorer.exe.mui
[2013/09/30 11:47:55 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=6B943F9892499269B3C4886C1F0BD843 -- C:\Windows\SysWOW64\en-US\explorer.exe.mui
[2013/09/30 11:47:55 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=6B943F9892499269B3C4886C1F0BD843 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.3.9600.16384_en-us_f6b0e7284798d168\explorer.exe.mui
[2013/09/30 11:47:55 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=6B943F9892499269B3C4886C1F0BD843 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.3.9600.16384_en-us_0105917a7bf99363\explorer.exe.mui
< MD5 for: EXPLORER.EXE-03C49D11.PF >
[2013/12/07 22:41:22 | 000,288,540 | ---- | M] () MD5=11C2881A4B68112D2296E79503542C19 -- C:\Windows\Prefetch\EXPLORER.EXE-03C49D11.pf
< MD5 for: IEXPLORE.EXE >
[2013/08/22 20:34:04 | 000,804,464 | ---- | M] (Microsoft Corporation) MD5=1C39C41D50FF7113748D825F4327D406 -- C:\Program Files\Internet Explorer\iexplore.exe
[2013/08/22 20:34:04 | 000,804,464 | ---- | M] (Microsoft Corporation) MD5=1C39C41D50FF7113748D825F4327D406 -- C:\Windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.0.9600.16384_none_9c7bbe6690ba5bc1\iexplore.exe
[2013/08/22 13:20:05 | 000,805,992 | ---- | M] (Microsoft Corporation) MD5=EE889775E0F9755C90FAEBFB93FBD781 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
[2013/08/22 13:20:05 | 000,805,992 | ---- | M] (Microsoft Corporation) MD5=EE889775E0F9755C90FAEBFB93FBD781 -- C:\Windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.0.9600.16384_none_a6d068b8c51b1dbc\iexplore.exe
< MD5 for: IEXPLORE.EXE.MUI >
[2013/09/30 11:48:12 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=25B70D28D1CE87B67EEC2BA899126244 -- C:\Program Files (x86)\Internet Explorer\en-US\iexplore.exe.mui
[2013/09/30 11:48:12 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=25B70D28D1CE87B67EEC2BA899126244 -- C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui
[2013/09/30 11:48:12 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=25B70D28D1CE87B67EEC2BA899126244 -- C:\Windows\WinSxS\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.0.9600.16384_en-us_962853ddc8679ca8\iexplore.exe.mui
[2013/09/30 11:48:12 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=25B70D28D1CE87B67EEC2BA899126244 -- C:\Windows\WinSxS\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.0.9600.16384_en-us_a07cfe2ffcc85ea3\iexplore.exe.mui
< MD5 for: IEXPLORE.EXE-7A9337F2.PF >
[2013/11/12 12:21:12 | 000,151,870 | ---- | M] () MD5=0D63AB9D224E156ED46624CD69BA7554 -- C:\Windows\Prefetch\IEXPLORE.EXE-7A9337F2.pf
< MD5 for: IEXPLORE.EXE-F4FB5D2F.PF >
[2013/11/12 12:21:13 | 000,234,916 | ---- | M] () MD5=7E31A1E6DB23A7FA5867992CAA21D9A5 -- C:\Windows\Prefetch\IEXPLORE.EXE-F4FB5D2F.pf
< MD5 for: IEXPLORE.VISUALELEMENTSMANIFEST.XML >
[2013/06/18 22:48:46 | 000,000,340 | ---- | M] () MD5=2C776DCD91132FCC6A8C066DD529B307 -- C:\Program Files\Internet Explorer\iexplore.VisualElementsManifest.xml
[2013/06/18 22:48:46 | 000,000,340 | ---- | M] () MD5=2C776DCD91132FCC6A8C066DD529B307 -- C:\Windows\WinSxS\amd64_microsoft-windows-immersivebrowser_31bf3856ad364e35_11.0.9600.16384_none_c673d0d2f4ca87f4\iexplore.VisualElementsManifest.xml
< MD5 for: SERVICES >
[2013/08/22 23:04:54 | 000,003,777 | ---- | M] () MD5=5EE2D65841D1985E8C1BC68B2EB4357B -- C:\Windows\WinSxS\amd64_microsoft-windows-w..ucture-other-minwin_31bf3856ad364e35_6.3.9600.16384_none_25fdfd813908f8a6\services
< MD5 for: SERVICES.CFG >
[2012/09/23 20:43:36 | 000,603,848 | R--- | M] () MD5=81B120EAEE296F0E54F66C16C5A21367 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744BA0000000010\11.0.0\services.cfg
[2013/09/05 22:04:00 | 000,559,090 | ---- | M] () MD5=8ADD48E413D05BF2E7AEC00173DDFABC -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Services\Services.cfg
< MD5 for: SERVICES.EXE >
[2013/08/22 21:25:40 | 000,405,488 | ---- | M] (Microsoft Corporation) MD5=B4B610BBCB002EC478C6FD80CF915697 -- C:\WINDOWS\SysNative\services.exe
[2013/08/22 21:25:40 | 000,405,488 | ---- | M] (Microsoft Corporation) MD5=B4B610BBCB002EC478C6FD80CF915697 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.3.9600.16384_none_2fd72579d09a45e9\services.exe
< MD5 for: SERVICES.EXE.MUI >
[2013/09/30 11:47:46 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=0626E9CF9F010A5E5D5A8E200A59DDDC -- C:\WINDOWS\SysNative\en-US\services.exe.mui
[2013/09/30 11:47:46 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=0626E9CF9F010A5E5D5A8E200A59DDDC -- C:\Windows\WinSxS\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.3.9600.16384_en-us_5abba721f9ec3435\services.exe.mui
< MD5 for: SERVICES.JS >
[2013/11/21 19:43:50 | 000,095,613 | ---- | M] () MD5=7453C7FF6D8422AB7B0D6000AA8885C9 -- C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.1.299_x64__8wekyb3d8bbwe\common\js\services.js
[2013/11/21 19:43:50 | 000,095,613 | ---- | M] () MD5=7453C7FF6D8422AB7B0D6000AA8885C9 -- C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.1.321_x64__8wekyb3d8bbwe\common\js\services.js
[2013/10/20 20:28:16 | 000,095,331 | ---- | M] () MD5=FAA0FC80FCDDF0B163707F352BEA3C36 -- C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.1.201_x64__8wekyb3d8bbwe\common\js\services.js
[2013/10/20 20:28:16 | 000,095,331 | ---- | M] () MD5=FAA0FC80FCDDF0B163707F352BEA3C36 -- C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.1.203_x64__8wekyb3d8bbwe\common\js\services.js
[2013/10/20 20:28:16 | 000,095,331 | ---- | M] () MD5=FAA0FC80FCDDF0B163707F352BEA3C36 -- C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.1.203_x64__8wekyb3d8bbwe\common\js\services.js
[2013/10/20 20:28:16 | 000,095,331 | ---- | M] () MD5=FAA0FC80FCDDF0B163707F352BEA3C36 -- C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.1.202_x64__8wekyb3d8bbwe\common\js\services.js
[2013/10/20 20:29:10 | 000,095,331 | ---- | M] () MD5=FAA0FC80FCDDF0B163707F352BEA3C36 -- C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.1.203_x64__8wekyb3d8bbwe\common\js\services.js
< MD5 for: SERVICES.LNK >
[2013/08/22 14:54:57 | 000,001,158 | ---- | M] () MD5=5C11B0E362D426FD6E99B07705BA4A48 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2013/08/22 14:54:57 | 000,001,158 | ---- | M] () MD5=5C11B0E362D426FD6E99B07705BA4A48 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2013/08/22 14:54:57 | 000,001,158 | ---- | M] () MD5=5C11B0E362D426FD6E99B07705BA4A48 -- C:\Windows\WinSxS\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.3.9600.16384_none_c02242af19b1eb57\services.lnk
< MD5 for: SERVICES.MOF >
[2013/06/18 22:51:33 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\WINDOWS\SysNative\wbem\services.mof
[2013/06/18 22:51:33 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.3.9600.16384_none_c01e2072a140077e\services.mof
< MD5 for: SERVICES.MSC >
[2013/09/30 11:47:49 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\WINDOWS\SysNative\en-US\services.msc
[2013/06/18 22:47:53 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\WINDOWS\SysNative\services.msc
[2013/09/30 11:47:49 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\SysWOW64\en-US\services.msc
[2013/06/18 20:23:54 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\SysWOW64\services.msc
[2013/09/30 11:47:49 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.3.9600.16384_en-us_94fd770dd055ce28\services.msc
[2013/06/18 22:47:53 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\WinSxS\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.3.9600.16384_none_c02242af19b1eb57\services.msc
[2013/06/18 20:23:54 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\WinSxS\wow64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.3.9600.16384_none_ca76ed014e12ad52\services.msc
[2013/09/30 11:47:49 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\WinSxS\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.3.9600.16384_en-us_38dedb8a17f85cf2\services.msc
< MD5 for: SERVICES.PTXML >
[2013/08/22 14:45:36 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\WINDOWS\SysNative\wdi\perftrack\Services.ptxml
[2013/08/22 14:45:36 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.3.9600.16384_none_c01e2072a140077e\Services.ptxml
< MD5 for: WINLOGON.ADML >
[2013/09/30 12:18:27 | 000,002,631 | ---- | M] () MD5=3FC16D999444A213C04297050F42DA07 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon-adm.resources_31bf3856ad364e35_6.3.9600.16384_en-us_85c27192b0d9003d\WinLogon.adml
< MD5 for: WINLOGON.ADMX >
[2013/08/22 22:57:15 | 000,001,101 | ---- | M] () MD5=513B8C31BC439F0A37EA44D540F98916 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon-adm_31bf3856ad364e35_6.3.9600.16384_none_6bcbbccd4d39421a\WinLogon.admx
< MD5 for: WINLOGON.EXE >
[2013/08/22 17:55:08 | 000,564,736 | ---- | M] (Microsoft Corporation) MD5=7C94FDA3809015B8F2208D2E1C221F17 -- C:\WINDOWS\SysNative\winlogon.exe
[2013/08/22 17:55:08 | 000,564,736 | ---- | M] (Microsoft Corporation) MD5=7C94FDA3809015B8F2208D2E1C221F17 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.16384_none_60816121a8e88269\winlogon.exe
< MD5 for: WINLOGON.EXE.MUI >
[2013/09/30 11:48:02 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=E1EA8FA8EDA1C8E5BFF41FCECE119841 -- C:\WINDOWS\SysNative\en-US\winlogon.exe.mui
[2013/09/30 11:48:02 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=E1EA8FA8EDA1C8E5BFF41FCECE119841 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.3.9600.16384_en-us_bbb6f195d80d78ae\winlogon.exe.mui
< MD5 for: WINLOGON.EXE-0D9AB72B.PF >
[2013/12/07 22:41:05 | 000,030,382 | ---- | M] () MD5=4CC8C908DC8F8F29E94262C9C947105B -- C:\Windows\Prefetch\WINLOGON.EXE-0D9AB72B.pf
< MD5 for: WINLOGON.MFL >
[2013/09/30 11:48:02 | 000,001,080 | ---- | M] () MD5=2783ED50691284F7EAE6BE9729337E1A -- C:\WINDOWS\SysNative\wbem\en-US\winlogon.mfl
[2013/09/30 11:48:02 | 000,001,080 | ---- | M] () MD5=2783ED50691284F7EAE6BE9729337E1A -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon-mof.resources_31bf3856ad364e35_6.3.9600.16384_en-us_19794360f345d243\winlogon.mfl
< MD5 for: WINLOGON.MOF >
[2013/08/22 14:45:12 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\WINDOWS\SysNative\wbem\winlogon.mof
[2013/08/22 14:45:12 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon-mof_31bf3856ad364e35_6.3.9600.16384_none_70f729db49dee3dc\winlogon.mof
< %SYSTEMDRIVE%\*.* >
[2013/12/07 22:41:24 | 000,033,726 | ---- | M] () -- C:\autoupdate.log
[2012/07/26 11:44:30 | 000,398,156 | RHS- | M] () -- C:\bootmgr
[2013/06/18 20:18:29 | 000,000,001 | -HS- | M] () -- C:\BOOTNXT
[2013/11/22 15:01:50 | 1650,687,998 | -HS- | M] () -- C:\hiberfil.sys
[2011/09/09 13:29:20 | 000,000,000 | ---- | M] () -- C:\LICENSE.txt
[2013/12/07 19:03:27 | 2558,504,960 | -HS- | M] () -- C:\pagefile.sys
[2013/09/13 14:33:50 | 000,002,520 | ---- | M] () -- C:\RHDSetup.log
[2013/05/08 10:30:49 | 000,000,000 | ---- | M] () -- C:\setup.exe
[2013/11/22 15:01:50 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013/12/07 22:50:39 | 000,160,866 | ---- | M] () -- C:\TDSSKiller.2.8.16.0_07.12.2013_22.48.44_log.txt
[2013/12/07 23:07:46 | 000,160,862 | ---- | M] () -- C:\TDSSKiller.2.8.16.0_07.12.2013_23.07.32_log.txt
[2013/12/07 23:11:43 | 000,160,862 | ---- | M] () -- C:\TDSSKiller.2.8.16.0_07.12.2013_23.10.29_log.txt
< %systemroot%\Fonts\*.com >
[2013/10/20 11:33:32 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2013/10/20 11:33:32 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2013/10/20 11:33:32 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2013/10/20 11:33:32 | 000,043,318 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll >
< %systemroot%\Fonts\*.ini >
[2013/08/22 23:35:03 | 000,000,065 | ---- | M] () -- C:\WINDOWS\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 >
< %systemroot%\Fonts\*.exe >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
< %systemroot%\REPAIR\*.bak1 >
< %systemroot%\REPAIR\*.ini >
< %systemroot%\system32\*.jpg >
< %systemroot%\*.jpg >
< %systemroot%\*.png >
< %systemroot%\*.scr >
[2012/09/13 07:57:44 | 000,322,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WLXPGSS.SCR
< %systemroot%\*._sy >
< %APPDATA%\Adobe\Update\*.* >
< %ALLUSERSPROFILE%\Favorites\*.* >
< %APPDATA%\Microsoft\*.* >
< %PROGRAMFILES%\*.* >
[2013/08/22 23:34:52 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini
< %APPDATA%\Update\*.* >
< %systemroot%\*. /mp /s >
< dir "%systemdrive%\*" /S /A:L /C >
Volume in drive C is OS_Install
Volume Serial Number is 6E05-3850
Directory of C:\
22/08/2013 10:45 PM <JUNCTION> Documents and Settings [C:\Users]
0 File(s) 0 bytes
Directory of C:\ProgramData
22/08/2013 10:45 PM <JUNCTION> Application Data [C:\ProgramData]
22/08/2013 10:45 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
22/08/2013 10:45 PM <JUNCTION> Documents [C:\Users\Public\Documents]
22/08/2013 10:45 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
22/08/2013 10:45 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users
22/08/2013 10:45 PM <SYMLINKD> All Users [C:\ProgramData]
22/08/2013 10:45 PM <JUNCTION> Default User [C:\Users\Default]
0 File(s) 0 bytes
Directory of C:\Users\All Users
22/08/2013 10:45 PM <JUNCTION> Application Data [C:\ProgramData]
22/08/2013 10:45 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
22/08/2013 10:45 PM <JUNCTION> Documents [C:\Users\Public\Documents]
22/08/2013 10:45 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
22/08/2013 10:45 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\COLIN
19/10/2013 07:38 PM <JUNCTION> Application Data [C:\Users\COLIN\AppData\Roaming]
19/10/2013 07:38 PM <JUNCTION> Cookies [C:\Users\COLIN\AppData\Local\Microsoft\Windows\INetCookies]
19/10/2013 07:38 PM <JUNCTION> Local Settings [C:\Users\COLIN\AppData\Local]
19/10/2013 07:38 PM <JUNCTION> My Documents [C:\Users\COLIN\Documents]
19/10/2013 07:38 PM <JUNCTION> NetHood [C:\Users\COLIN\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
19/10/2013 07:38 PM <JUNCTION> PrintHood [C:\Users\COLIN\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
19/10/2013 07:38 PM <JUNCTION> Recent [C:\Users\COLIN\AppData\Roaming\Microsoft\Windows\Recent]
19/10/2013 07:38 PM <JUNCTION> SendTo [C:\Users\COLIN\AppData\Roaming\Microsoft\Windows\SendTo]
19/10/2013 07:38 PM <JUNCTION> Start Menu [C:\Users\COLIN\AppData\Roaming\Microsoft\Windows\Start Menu]
19/10/2013 07:38 PM <JUNCTION> Templates [C:\Users\COLIN\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\COLIN\AppData\Local
19/10/2013 07:38 PM <JUNCTION> Application Data [C:\Users\COLIN\AppData\Local]
19/10/2013 07:38 PM <JUNCTION> History [C:\Users\COLIN\AppData\Local\Microsoft\Windows\History]
19/10/2013 07:38 PM <JUNCTION> Temporary Internet Files [C:\Users\COLIN\AppData\Local\Microsoft\Windows\INetCache]
0 File(s) 0 bytes
Directory of C:\Users\COLIN\AppData\Local\Microsoft\Windows
19/10/2013 07:38 PM <JUNCTION> Temporary Internet Files [C:\Users\COLIN\AppData\Local\Microsoft\Windows\INetCache]
0 File(s) 0 bytes
Directory of C:\Users\COLIN\AppData\Local\Microsoft\Windows\INetCache
19/10/2013 07:45 PM <JUNCTION> Content.IE5 [C:\Users\COLIN\AppData\Local\Microsoft\Windows\INetCache\IE\]
0 File(s) 0 bytes
Directory of C:\Users\COLIN\Documents
19/10/2013 07:38 PM <JUNCTION> My Music [C:\Users\COLIN\Music]
19/10/2013 07:38 PM <JUNCTION> My Pictures [C:\Users\COLIN\Pictures]
19/10/2013 07:38 PM <JUNCTION> My Videos [C:\Users\COLIN\Videos]
0 File(s) 0 bytes
Directory of C:\Users\COLIN\SkyDrive\Documents
21/04/2012 05:29 PM (840,096) _2012April21165308.rpl
1 File(s) 840,096 bytes
Directory of C:\Users\Default
22/08/2013 10:45 PM <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming]
22/08/2013 10:45 PM <JUNCTION> Cookies [C:\Users\Default\AppData\Local\Microsoft\Windows\INetCookies]
22/08/2013 10:45 PM <JUNCTION> Local Settings [C:\Users\Default\AppData\Local]
22/08/2013 10:45 PM <JUNCTION> My Documents [C:\Users\Default\Documents]
22/08/2013 10:45 PM <JUNCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
22/08/2013 10:45 PM <JUNCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
22/08/2013 10:45 PM <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
22/08/2013 10:45 PM <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
22/08/2013 10:45 PM <JUNCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
22/08/2013 10:45 PM <JUNCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default\AppData\Local
22/08/2013 10:45 PM <JUNCTION> Application Data [C:\Users\Default\AppData\Local]
22/08/2013 10:45 PM <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
22/08/2013 10:45 PM <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache]
0 File(s) 0 bytes
Directory of C:\Users\Default\AppData\Local\Microsoft\Windows
22/08/2013 10:45 PM <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache]
0 File(s) 0 bytes
Directory of C:\Users\Default\Documents
22/08/2013 10:45 PM <JUNCTION> My Music [C:\Users\Default\Music]
22/08/2013 10:45 PM <JUNCTION> My Pictures [C:\Users\Default\Pictures]
22/08/2013 10:45 PM <JUNCTION> My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Default.migrated\Documents
26/07/2012 03:22 PM <JUNCTION> My Music [C:\Users\Default\Music]
26/07/2012 03:22 PM <JUNCTION> My Pictures [C:\Users\Default\Pictures]
26/07/2012 03:22 PM <JUNCTION> My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Public\Documents
22/08/2013 10:45 PM <JUNCTION> My Music [C:\Users\Public\Music]
22/08/2013 10:45 PM <JUNCTION> My Pictures [C:\Users\Public\Pictures]
22/08/2013 10:45 PM <JUNCTION> My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\Users\UpdatusUser
19/10/2013 07:38 PM <JUNCTION> Application Data [C:\Users\UpdatusUser\AppData\Roaming]
19/10/2013 07:38 PM <JUNCTION> Cookies [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\INetCookies]
19/10/2013 07:38 PM <JUNCTION> Local Settings [C:\Users\UpdatusUser\AppData\Local]
19/10/2013 07:38 PM <JUNCTION> My Documents [C:\Users\UpdatusUser\Documents]
19/10/2013 07:38 PM <JUNCTION> NetHood [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
19/10/2013 07:38 PM <JUNCTION> PrintHood [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
19/10/2013 07:38 PM <JUNCTION> Recent [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Recent]
19/10/2013 07:38 PM <JUNCTION> SendTo [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\SendTo]
19/10/2013 07:38 PM <JUNCTION> Start Menu [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu]
19/10/2013 07:38 PM <JUNCTION> Templates [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\UpdatusUser\AppData\Local
19/10/2013 07:38 PM <JUNCTION> Application Data [C:\Users\UpdatusUser\AppData\Local]
19/10/2013 07:38 PM <JUNCTION> History [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\History]
19/10/2013 07:38 PM <JUNCTION> Temporary Internet Files [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\INetCache]
0 File(s) 0 bytes
Directory of C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows
19/10/2013 07:38 PM <JUNCTION> Temporary Internet Files [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\INetCache]
0 File(s) 0 bytes
Directory of C:\Users\UpdatusUser\Documents
19/10/2013 07:38 PM <JUNCTION> My Music [C:\Users\UpdatusUser\Music]
19/10/2013 07:38 PM <JUNCTION> My Pictures [C:\Users\UpdatusUser\Pictures]
19/10/2013 07:38 PM <JUNCTION> My Videos [C:\Users\UpdatusUser\Videos]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache
19/10/2013 07:48 PM <JUNCTION> Content.IE5 [C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\]
0 File(s) 0 bytes
Directory of C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache
19/10/2013 07:48 PM <JUNCTION> Content.IE5 [C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\]
0 File(s) 0 bytes
Total Files Listed:
1 File(s) 840,096 bytes
73 Dir(s) 10,253,029,376 bytes free
< %systemroot%\System32\config\*.sav >
< %PROGRAMFILES%\bak. /s >
< %systemroot%\system32\bak. /s >
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
< %systemroot%\system32\config\systemprofile\*.dat /x >
< %systemroot%\*.config >
< %systemroot%\system32\*.db >
< %PROGRAMFILES%\Internet Explorer\*.dat >
< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2013/09/08 17:27:31 | 000,000,223 | -HS- | M] () -- C:\Users\COLIN\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop (1).ini
[2013/08/22 23:35:52 | 000,000,148 | -HS- | M] () -- C:\Users\COLIN\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
< %USERPROFILE%\Desktop\*.exe >
[2013/02/11 18:51:50 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\COLIN\Desktop\TDSSKiller.exe
< %PROGRAMFILES%\Common Files\*.* >
< %systemroot%\*.src >
< %systemroot%\install\*.* >
< %systemroot%\system32\DLL\*.* >
< %systemroot%\system32\HelpFiles\*.* >
< %systemroot%\system32\rundll\*.* >
< %systemroot%\winn32\*.* >
< %systemroot%\Java\*.* >
< %systemroot%\system32\test\*.* >
< %systemroot%\system32\Rundll32\*.* >
< %systemroot%\AppPatch\Custom\*.* >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
========== Files - Unicode (All) ==========
[2013/09/26 09:27:58 | 097,892,804 | ---- | M] ()(C:\WINDOWS\SysWow64\??LG) -- C:\WINDOWS\SysWow64\졖從LĠ
[2013/09/26 09:27:58 | 097,892,804 | ---- | C] ()(C:\WINDOWS\SysWow64\??LG) -- C:\WINDOWS\SysWow64\졖從LĠ
[2013/09/20 10:26:33 | 098,443,620 | ---- | M] ()(C:\WINDOWS\SysWow64\???******;?) -- C:\WINDOWS\SysWow64\᯾矉嵸******;߿
[2013/09/19 20:19:13 | 098,443,620 | ---- | C] ()(C:\WINDOWS\SysWow64\???******;?) -- C:\WINDOWS\SysWow64\᯾矉嵸******;߿
[2013/09/19 16:53:49 | 098,343,078 | ---- | M] ()(C:\WINDOWS\SysWow64\??Lû) -- C:\WINDOWS\SysWow64\烰驀Lû
[2013/09/19 14:53:43 | 098,343,078 | ---- | C] ()(C:\WINDOWS\SysWow64\??Lû) -- C:\WINDOWS\SysWow64\烰驀Lû
[2013/09/18 12:07:54 | 098,106,403 | ---- | M] ()(C:\WINDOWS\SysWow64\???-?) -- C:\WINDOWS\SysWow64\᯾瞸鰐-߿
[2013/09/16 11:08:15 | 098,106,403 | ---- | C] ()(C:\WINDOWS\SysWow64\???-?) -- C:\WINDOWS\SysWow64\᯾瞸鰐-߿
========== Alternate Data Streams ==========
@Alternate Data Stream - 216 bytes -> C:\Users\COLIN\SkyDrive:ms-properties
< End of report >
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:27:21 PM, on 7/12/2013
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.16384)
Boot mode: Normal
Running processes:
D:\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\syswow64\wwahost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
D:\Advanced SystemCare 6\ASCTray.exe
D:\Origin\Origin.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\MSI\KLM\KLM.exe
C:\Program Files\WinZip\WZQKPICK32.EXE
C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe
C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
C:\Program Files (x86)\BlueStacks\HD-Agent.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\updrgui.exe
C:\Program Files (x86)\Gaming Mouse\Monitor.EXE
C:\Program Files (x86)\Gaming Mouse\OSD.exe
C:\Program Files (x86)\Gaming Mouse\Applets\CpuRam.exe
C:\Program Files (x86)\Gaming Mouse\Applets\EmailPOP3.EXE
C:\Program Files (x86)\Gaming Mouse\Applets\OSDSkype.exe
C:\Program Files (x86)\Gaming Mouse\Applets\OSDMSN.EXE
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\program files (x86)\avira\antivir desktop\ipmGui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\COLIN\Downloads\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://msi13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.search.as...v=a9397-147&t=4
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft..../?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft..../?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\bin\ssv.dll (file missing)
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - D:\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\bin\jp2ssv.dll (file missing)
O3 - Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O4 - HKLM\..\Run: [KLM] C:\Program Files (x86)\MSI\KLM\KLM.exe
O4 - HKLM\..\Run: [Sound Blaster Cinema] "C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe" /r
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [Super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
O4 - HKLM\..\Run: [BlueStacks Agent] c:\Program Files (x86)\BlueStacks\HD-Agent.exe
O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Gaming Mouse Driver] "C:\Program Files (x86)\Gaming Mouse\Monitor.EXE"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Advanced SystemCare 6] "D:\Advanced SystemCare 6\ASCTray.exe" /AutoStart
O4 - HKCU\..\Run: [EADM] "D:\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O4 - Global Startup: Qualcomm Atheros Killer Network Manager.lnk = C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK32.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.1.2\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~2\movies~1\safety~1\safety~2.dll, C:\WINDOWS\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avira FireWall (AntiVirFirewallService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - c:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - c:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel® Capability Licensing Service TCP IP Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel® ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - D:\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - D:\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - C:\Program Files (x86)\SCM\MSIService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: MSI_SuperCharger - MSI - C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
O23 - Service: Norton Anti-Theft (NAT) - Symantec Corporation - C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: Norton PC Checkup Application Launcher - Symantec Corporation - C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\SymcPCCULaunchSvc.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Common Client Job Manager Service (PCCUJobMgr) - Symantec Corporation - C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\ccSvcHst.exe
O23 - Service: Qualcomm Atheros Killer Service - Unknown owner - C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Razer Surround Audio Service (RzMaelstromVADStreamingService) - Unknown owner - C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater17.1.2 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
--
End of file - 15421 bytes
Edited by ContouredSaber, 07 December 2013 - 09:32 AM.
