Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93081 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Problems downloading Anti-virus [Closed]


  • This topic is locked This topic is locked
2 replies to this topic

#1 nickhigh91

nickhigh91

    New Member

  • New Member
  • Pip
  • 1 posts

Posted 06 April 2014 - 10:19 AM

I've been having problems downloading anti-virus as well as other programs possible malware

 

OTL logfile created on: 4/6/2014 11:03:11 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\nicho_000\Downloads
64bit- An unknown product  (Version = 6.3.9600) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16384)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
7.91 Gb Total Physical Memory | 7.14 Gb Available Physical Memory | 90.21% Memory free
9.79 Gb Paging File | 9.08 Gb Available in Paging File | 92.75% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 921.47 Gb Total Space | 870.88 Gb Free Space | 94.51% Space Free | Partition Type: NTFS
Drive E: | 29.88 Gb Total Space | 1.75 Gb Free Space | 5.85% Space Free | Partition Type: FAT32
 
Computer Name: SCR | User Name: nicho_000 | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\nicho_000\Downloads\OTL.exe (OldTimer Tools)
 
 
========== Modules (No Company Name) ==========
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
SRV:64bit: - (WdNisSvc) -- C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (STacSV) -- C:\Program Files\IDT\WDM\stacsv64.exe (IDT, Inc.)
SRV:64bit: - (TOSHIBA eco Utility Service) -- C:\Program Files\TOSHIBA\Teco\TecoService.exe (Toshiba Corporation)
SRV:64bit: - (TMachInfo) -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe (TOSHIBA Corporation)
SRV:64bit: - (Intel® -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe (Intel® Corporation)
SRV:64bit: - (Intel® -- C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel® Corporation)
SRV:64bit: - (TODDSrv) -- C:\Windows\SysNative\TODDSrv.exe (TOSHIBA Corporation)
SRV - (Avira.OE.ServiceHost) -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirWebService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (dts_apo_service) -- C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe ()
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
SRV - (Intel® -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
SRV - (lfsvc) -- C:\Windows\SysWOW64\GeofenceMonitorService.dll (Microsoft Corporation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (PrintNotify) -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
SRV - (GamesAppIntegrationService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe (TODO: <Company name>)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (GFNEXSrv) -- C:\Program Files (x86)\Toshiba\PasswordUtility\GFNEXSrv.exe ()
SRV - (taisregispinger) -- C:\Program Files (x86)\Toshiba\ToshibaRegistration\TaisRegistPinger.exe (Toshiba America Information Systems.)
SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (RTWlanE) -- C:\Windows\SysNative\drivers\rtwlane.sys (Realtek Semiconductor Corporation                           )
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel® Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\TeeDriverx64.sys (Intel Corporation)
DRV:64bit: - (intaud_WaveExtensible) -- C:\Windows\SysNative\drivers\intelaud.sys (Intel Corporation)
DRV:64bit: - (iwdbus) -- C:\Windows\SysNative\drivers\iwdbus.sys (Intel Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (LSI_SAS3) -- C:\Windows\SysNative\drivers\lsi_sas3.sys (LSI Corporation)
DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (ReFS) -- C:\Windows\SysNative\drivers\refs.sys (Microsoft Corporation)
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc63.sys (Microsoft Corporation)
DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\drivers\BthLEEnum.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (SmbDrvI) -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys (Synaptics Incorporated)
DRV:64bit: - (Thotkey) -- C:\Windows\SysNative\drivers\Thotkey.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (TVALZ) -- C:\Windows\SysNative\drivers\TVALZ_O.SYS (TOSHIBA Corporation)
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (ccSet_NAT) -- C:\Windows\SysNative\drivers\NATx64\010A000.009\ccSetx64.sys (Symantec Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C63x64.sys (Qualcomm Atheros Co., Ltd.)
DRV:64bit: - (AmUStor) -- C:\Windows\SysNative\drivers\AmUStor.sys (Alcor Micro, Corp.)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (tdcmdpst) -- C:\Windows\SysNative\drivers\tdcmdpst.sys (TOSHIBA Corporation.)
DRV - (PEGAGFN) -- C:\Program Files (x86)\Toshiba\PasswordUtility\PEGAGFN.sys (PEGATRON)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com/?pc=TNJB
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://mystart.toshiba.com [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://mystart.toshiba.com [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://toshiba13.msn.com/?pc=TNJB
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {AC9AF6F2-8E48-4D93-9C24-2971E444582B}
IE:64bit: - HKLM\..\SearchScopes\{AC9AF6F2-8E48-4D93-9C24-2971E444582B}: "URL" = http://www.bing.com/...=IE11TR&pc=TNJB
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com/?pc=TNJB
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://mystart.toshiba.com [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://mystart.toshiba.com [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://toshiba13.msn.com/?pc=TNJB
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://www.bing.com/...q={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com/?pc=TNJB
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://mystart.toshiba.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com/...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://mystart.toshiba.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.bing.com/...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com/...q={searchTerms}
IE - HKCU\..\SearchScopes,DefaultScope = {E8576BED-7896-4BD8-883F-F07C25BE770A}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://www.bing.com/...q={searchTerms}
IE - HKCU\..\SearchScopes\{E8576BED-7896-4BD8-883F-F07C25BE770A}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = file://C:/Program%20Files%20(x86)/LPT/NewConfig.txt
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect_x86_64: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014/04/05 14:35:17 | 000,000,000 | ---D | M]
 
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = http://www.google.co...q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\nicho_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\nicho_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\nicho_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\nicho_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Adobe Acrobat - Create PDF = C:\Users\nicho_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\11.0.0.379_0\
CHR - Extension: Google Wallet = C:\Users\nicho_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\nicho_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2013/08/22 08:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Adobe Acrobat Create PDF Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Adobe Acrobat Create PDF from Selection) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: []  File not found
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [TCrdMain] C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TecoResident] C:\Program Files\TOSHIBA\Teco\TecoResident.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TSSSrv] C:\Program Files (x86)\Toshiba\System Setting\TssSrv.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.76.76 75.75.75.75
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7E059B74-55B8-4F01-BAF7-27395862F3D5}: DhcpNameServer = 75.75.76.76 75.75.75.75
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A6FD2862-8AAF-46B1-97C0-95680505BC0D}: DhcpNameServer = 75.75.76.76 75.75.75.75
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - userinit.exe (Bleeping Computer, LLC)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\blindman.exe: Debugger - nqij.exe File not found
O27:64bit: - HKLM IFEO\NAT.exe: Debugger - nqij.exe File not found
O27:64bit: - HKLM IFEO\SDFiles.exe: Debugger - nqij.exe File not found
O27:64bit: - HKLM IFEO\SDMain.exe: Debugger - nqij.exe File not found
O27:64bit: - HKLM IFEO\SDWinSec.exe: Debugger - nqij.exe File not found
O27 - HKLM IFEO\blindman.exe: Debugger - nqij.exe File not found
O27 - HKLM IFEO\NAT.exe: Debugger - nqij.exe File not found
O27 - HKLM IFEO\SDFiles.exe: Debugger - nqij.exe File not found
O27 - HKLM IFEO\SDMain.exe: Debugger - nqij.exe File not found
O27 - HKLM IFEO\SDWinSec.exe: Debugger - nqij.exe File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/07/23 19:08:08 | 001,675,268 | ---- | M] () - E:\autoexec.bin -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
NetSvcs:64bit: lfsvc - C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
 
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
 
CREATERESTOREPOINT
Unable to start System Restore Service. Error code 1084
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/04/06 10:52:55 | 005,192,353 | ---- | C] (Swearware) -- C:\Users\nicho_000\Desktop\ComboFix (3).exe
[2014/04/06 10:33:29 | 000,084,720 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2014/04/06 02:41:30 | 000,131,576 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2014/04/06 02:41:30 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2014/04/06 02:41:29 | 000,108,440 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2014/04/06 02:36:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2014/04/06 02:36:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2014/04/06 02:36:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2014/04/06 02:26:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2014/04/06 02:25:59 | 000,021,040 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe
[2014/04/06 02:25:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2014/04/06 02:25:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2014/04/06 02:15:20 | 000,000,000 | ---D | C] -- C:\Users\nicho_000\Desktop\Nik Software - Silver Efex Pro 2 v2.000 By Cool Release
[2014/04/05 22:25:58 | 000,000,000 | ---D | C] -- C:\Users\nicho_000\Desktop\premiere_pro_old_film_grain_by_rustystasiuk-d4yli66
[2014/04/05 19:06:53 | 000,000,000 | ---D | C] -- C:\Users\nicho_000\AppData\Roaming\Malwarebytes
[2014/04/05 19:06:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/04/05 19:06:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2014/04/05 18:59:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/04/05 18:59:15 | 000,063,192 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/04/05 18:59:15 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/04/05 18:59:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/04/05 18:55:58 | 000,000,000 | ---D | C] -- C:\Users\nicho_000\Desktop\rkill
[2014/04/05 18:42:52 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2014/04/05 18:14:44 | 000,000,000 | ---D | C] -- C:\Users\nicho_000\AppData\Local\ElevatedDiagnostics
[2014/04/05 18:13:54 | 000,000,000 | ---D | C] -- C:\Users\nicho_000\AppData\Local\Diagnostics
[2014/04/05 17:57:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/04/05 17:57:02 | 000,000,000 | ---D | C] -- C:\Users\nicho_000\AppData\Local\Programs
[2014/04/05 17:42:03 | 000,000,000 | ---D | C] -- C:\Users\nicho_000\AppData\Local\YappyzUninstall
[2014/04/05 17:36:00 | 000,000,000 | -HSD | C] -- C:\ProgramData\Windows Services
[2014/04/05 17:23:54 | 000,000,000 | ---D | C] -- C:\Users\nicho_000\AppData\Local\Microsoft Help
[2014/04/05 17:23:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2014/04/05 17:17:52 | 000,000,000 | ---D | C] -- C:\Users\nicho_000\AppData\Roaming\ Angry_Birds
[2014/04/05 16:49:38 | 000,000,000 | ---D | C] -- C:\Users\nicho_000\Desktop\VSCO.Film.01.02.03.04.LR5
[2014/04/05 16:26:47 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\Windows Services
[2014/04/05 16:10:38 | 000,000,000 | ---D | C] -- C:\Users\nicho_000\Desktop\Adobe
[2014/04/05 16:07:49 | 000,000,000 | ---D | C] -- C:\Users\nicho_000\Documents\Adobe
[2014/04/05 16:05:56 | 000,000,000 | ---D | C] -- C:\Users\nicho_000\AppData\Roaming\NVIDIA
[2014/04/05 16:02:24 | 000,000,000 | ---D | C] -- C:\Users\nicho_000\Desktop\Adobe Crack CC All
[2014/04/05 15:45:16 | 000,000,000 | ---D | C] -- C:\ProgramData\PCSettings
[2014/04/05 15:45:09 | 000,000,000 | ---D | C] -- C:\Users\nicho_000\Documents\Symantec
[2014/04/05 15:39:21 | 000,000,000 | ---D | C] -- C:\Users\nicho_000\AppData\Roaming\uTorrent
[2014/04/05 15:37:55 | 000,000,000 | ---D | C] -- C:\Users\nicho_000\Desktop\Torrent Files
[2014/04/05 15:35:36 | 000,000,000 | ---D | C] -- C:\Users\nicho_000\Desktop\DLL Files Here
[2014/04/05 15:35:29 | 000,000,000 | ---D | C] -- C:\Users\nicho_000\AppData\Roaming\WinRAR
[2014/04/05 15:30:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Anti-Theft
[2014/04/05 14:35:56 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2014/04/05 14:34:01 | 000,000,000 | ---D | C] -- C:\Users\nicho_000\AppData\Local\CrashDumps
[2014/04/05 12:54:56 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM
[2014/04/05 12:51:54 | 000,000,000 | ---D | C] -- C:\adobeTemp
[2014/04/05 11:44:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2014/04/05 11:44:36 | 000,000,000 | ---D | C] -- C:\Users\nicho_000\AppData\Roaming\Macromedia
[2014/04/05 08:47:01 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2014/04/05 08:36:54 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2014/04/05 08:36:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2014/04/05 07:56:35 | 000,000,000 | ---D | C] -- C:\Users\nicho_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014/04/05 07:56:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014/04/05 07:56:33 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2014/04/05 07:36:15 | 000,000,000 | ---D | C] -- C:\Users\nicho_000\AppData\Local\Adobe
[2014/04/05 07:27:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/04/05 07:26:26 | 000,000,000 | ---D | C] -- C:\Users\nicho_000\AppData\Local\Google
[2014/04/05 07:20:49 | 000,000,000 | R--D | C] -- C:\Users\nicho_000\SkyDrive
[2014/04/05 07:20:43 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014/04/05 07:18:46 | 000,000,000 | ---D | C] -- C:\Users\nicho_000\AppData\Local\TOSHIBA
[2014/04/05 07:18:29 | 000,000,000 | ---D | C] -- C:\Users\nicho_000\AppData\Local\PackageStaging
[2014/04/05 07:17:39 | 000,000,000 | R--D | C] -- C:\Users\nicho_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/04/05 07:17:39 | 000,000,000 | R--D | C] -- C:\Users\nicho_000\Searches
[2014/04/05 07:17:39 | 000,000,000 | R--D | C] -- C:\Users\nicho_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/04/05 07:17:38 | 000,000,000 | R--D | C] -- C:\Users\nicho_000\Contacts
[2014/04/05 07:17:38 | 000,000,000 | -H-D | C] -- C:\Users\nicho_000\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2014/04/05 07:17:15 | 000,000,000 | ---D | C] -- C:\Users\nicho_000\AppData\Roaming\Adobe
[2014/04/05 07:17:06 | 000,000,000 | ---D | C] -- C:\Users\nicho_000\AppData\Local\VirtualStore
[2014/04/05 07:16:22 | 000,000,000 | ---D | C] -- C:\Users\nicho_000\AppData\Roaming\WinBatch
[2014/04/05 07:16:13 | 000,000,000 | ---D | C] -- C:\Users\nicho_000\AppData\Local\Packages
[2014/04/05 07:15:43 | 000,000,000 | --SD | C] -- C:\Users\nicho_000\AppData\Roaming\Microsoft
[2014/04/05 07:15:43 | 000,000,000 | R--D | C] -- C:\Users\nicho_000\Videos
[2014/04/05 07:15:43 | 000,000,000 | R--D | C] -- C:\Users\nicho_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2014/04/05 07:15:43 | 000,000,000 | R--D | C] -- C:\Users\nicho_000\Saved Games
[2014/04/05 07:15:43 | 000,000,000 | R--D | C] -- C:\Users\nicho_000\Pictures
[2014/04/05 07:15:43 | 000,000,000 | R--D | C] -- C:\Users\nicho_000\Music
[2014/04/05 07:15:43 | 000,000,000 | R--D | C] -- C:\Users\nicho_000\Links
[2014/04/05 07:15:43 | 000,000,000 | R--D | C] -- C:\Users\nicho_000\Favorites
[2014/04/05 07:15:43 | 000,000,000 | R--D | C] -- C:\Users\nicho_000\Downloads
[2014/04/05 07:15:43 | 000,000,000 | R--D | C] -- C:\Users\nicho_000\Documents
[2014/04/05 07:15:43 | 000,000,000 | R--D | C] -- C:\Users\nicho_000\Desktop
[2014/04/05 07:15:43 | 000,000,000 | R--D | C] -- C:\Users\nicho_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/04/05 07:15:43 | 000,000,000 | R--D | C] -- C:\Users\nicho_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2014/04/05 07:15:43 | 000,000,000 | -HSD | C] -- C:\Users\nicho_000\AppData\Local\Temporary Internet Files
[2014/04/05 07:15:43 | 000,000,000 | -HSD | C] -- C:\Users\nicho_000\Templates
[2014/04/05 07:15:43 | 000,000,000 | -HSD | C] -- C:\Users\nicho_000\Start Menu
[2014/04/05 07:15:43 | 000,000,000 | -HSD | C] -- C:\Users\nicho_000\SendTo
[2014/04/05 07:15:43 | 000,000,000 | -HSD | C] -- C:\Users\nicho_000\Recent
[2014/04/05 07:15:43 | 000,000,000 | -HSD | C] -- C:\Users\nicho_000\PrintHood
[2014/04/05 07:15:43 | 000,000,000 | -HSD | C] -- C:\Users\nicho_000\NetHood
[2014/04/05 07:15:43 | 000,000,000 | -HSD | C] -- C:\Users\nicho_000\Documents\My Videos
[2014/04/05 07:15:43 | 000,000,000 | -HSD | C] -- C:\Users\nicho_000\Documents\My Pictures
[2014/04/05 07:15:43 | 000,000,000 | -HSD | C] -- C:\Users\nicho_000\Documents\My Music
[2014/04/05 07:15:43 | 000,000,000 | -HSD | C] -- C:\Users\nicho_000\My Documents
[2014/04/05 07:15:43 | 000,000,000 | -HSD | C] -- C:\Users\nicho_000\Local Settings
[2014/04/05 07:15:43 | 000,000,000 | -HSD | C] -- C:\Users\nicho_000\AppData\Local\History
[2014/04/05 07:15:43 | 000,000,000 | -HSD | C] -- C:\Users\nicho_000\Cookies
[2014/04/05 07:15:43 | 000,000,000 | -HSD | C] -- C:\Users\nicho_000\Application Data
[2014/04/05 07:15:43 | 000,000,000 | -HSD | C] -- C:\Users\nicho_000\AppData\Local\Application Data
[2014/04/05 07:15:43 | 000,000,000 | -H-D | C] -- C:\Users\nicho_000\AppData
[2014/04/05 07:15:43 | 000,000,000 | ---D | C] -- C:\Users\nicho_000\AppData\Local\Temp
[2014/04/05 07:15:43 | 000,000,000 | ---D | C] -- C:\Users\nicho_000\AppData\Local\Microsoft
[2014/04/05 07:15:43 | 000,000,000 | ---D | C] -- C:\Users\nicho_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
 
========== Files - Modified Within 30 Days ==========
 
[2014/04/06 10:52:52 | 005,192,353 | ---- | M] (Swearware) -- C:\Users\nicho_000\Desktop\ComboFix (3).exe
[2014/04/06 10:47:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/04/06 10:45:17 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/04/06 10:45:16 | 2503,110,655 | -HS- | M] () -- C:\hiberfil.sys
[2014/04/06 10:30:32 | 000,084,720 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2014/04/06 10:28:22 | 000,002,203 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/04/06 10:03:08 | 000,863,592 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/04/06 10:03:08 | 000,731,650 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/04/06 10:03:08 | 000,135,726 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/04/06 02:36:23 | 000,001,149 | ---- | M] () -- C:\Users\Public\Desktop\Avira.lnk
[2014/04/06 02:26:15 | 000,000,458 | ---- | M] () -- C:\Windows\tasks\Scan the system (Spybot - Search & Destroy).job
[2014/04/06 02:26:14 | 000,000,656 | ---- | M] () -- C:\Windows\tasks\Check for updates (Spybot - Search & Destroy).job
[2014/04/06 02:26:14 | 000,000,628 | ---- | M] () -- C:\Windows\tasks\Refresh immunization (Spybot - Search & Destroy).job
[2014/04/06 02:26:07 | 000,001,387 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2014/04/05 23:47:12 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2014/04/05 19:06:52 | 000,000,968 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/04/05 17:41:38 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2014/04/05 17:35:23 | 005,030,888 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/04/05 17:21:11 | 000,000,002 | ---- | M] () -- C:\END
[2014/04/05 17:20:12 | 000,000,944 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/04/05 16:18:38 | 000,002,071 | ---- | M] () -- C:\Users\Public\Desktop\Lightroom 5.3 64-bit.lnk
[2014/04/05 16:17:17 | 000,878,763 | ---- | M] () -- C:\Users\nicho_000\Desktop\#A.P.L.5.3#.rar
[2014/04/05 16:07:28 | 000,001,649 | ---- | M] () -- C:\Users\nicho_000\Desktop\SpeedGrade - Shortcut.lnk
[2014/04/05 16:06:58 | 000,001,413 | ---- | M] () -- C:\Users\nicho_000\Desktop\Adobe Illustrator CC (64 Bit).lnk
[2014/04/05 16:05:38 | 000,001,728 | ---- | M] () -- C:\Users\nicho_000\Desktop\Photoshop - Shortcut.lnk
[2014/04/05 16:05:04 | 000,001,743 | ---- | M] () -- C:\Users\nicho_000\Desktop\Adobe Premiere Pro - Shortcut.lnk
[2014/04/05 16:04:50 | 000,001,708 | ---- | M] () -- C:\Users\nicho_000\Desktop\InDesign - Shortcut.lnk
[2014/04/05 16:03:31 | 000,001,666 | ---- | M] () -- C:\Users\nicho_000\Desktop\Bridge - Shortcut.lnk
[2014/04/05 15:56:25 | 001,390,327 | ---- | M] () -- C:\Users\nicho_000\Desktop\Adobe Crack CC All.rar
[2014/04/05 15:40:15 | 000,000,896 | ---- | M] () -- C:\Users\nicho_000\Desktop\µTorrent.lnk
[2014/04/05 15:34:19 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/04/05 15:32:46 | 000,001,279 | ---- | M] () -- C:\Users\nicho_000\Desktop\Norton Installation Files.lnk
[2014/04/05 14:35:24 | 000,002,046 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Acrobat XI Pro.lnk
[2014/04/05 14:35:19 | 000,002,160 | ---- | M] () -- C:\Users\Public\Desktop\Adobe FormsCentral.lnk
[2014/04/05 08:11:15 | 000,000,013 | RHS- | M] () -- C:\Windows\SysNative\drivers\fbd.sys
[2014/04/05 07:56:18 | 001,915,512 | ---- | M] () -- C:\Users\nicho_000\Desktop\winrar-x64-51b2.exe
[2014/04/05 07:55:44 | 001,808,665 | ---- | M] () -- C:\Users\nicho_000\Desktop\Adobe  CC Crack Files.zip
[2014/04/05 07:48:13 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2014/04/05 07:43:18 | 000,002,295 | ---- | M] () -- C:\Users\nicho_000\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/04/05 07:42:59 | 000,001,313 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
[2014/04/05 07:24:12 | 000,001,432 | ---- | M] () -- C:\Users\nicho_000\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/04/04 23:20:54 | 002,352,734 | ---- | M] () -- C:\Users\nicho_000\Desktop\premiere_pro_old_film_grain_by_rustystasiuk-d4yli66.zip
[2014/04/04 00:35:10 | 002,445,852 | ---- | M] () -- C:\Users\nicho_000\Desktop\Copy of skinny.prproj
 
========== Files Created - No Company Name ==========
 
[2014/04/06 02:36:23 | 000,001,149 | ---- | C] () -- C:\Users\Public\Desktop\Avira.lnk
[2014/04/06 02:26:15 | 000,000,458 | ---- | C] () -- C:\Windows\tasks\Scan the system (Spybot - Search & Destroy).job
[2014/04/06 02:26:14 | 000,000,656 | ---- | C] () -- C:\Windows\tasks\Check for updates (Spybot - Search & Destroy).job
[2014/04/06 02:26:14 | 000,000,628 | ---- | C] () -- C:\Windows\tasks\Refresh immunization (Spybot - Search & Destroy).job
[2014/04/06 02:26:07 | 000,001,399 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2014/04/06 02:26:07 | 000,001,387 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2014/04/06 02:15:38 | 021,506,812 | ---- | C] () -- C:\Users\nicho_000\Desktop\VSCO.Film.01.02.03.04.LR5.7z
[2014/04/06 02:15:30 | 681,252,066 | ---- | C] () -- C:\Users\nicho_000\Desktop\MS Office 2010 Professional Plus.zip
[2014/04/05 23:47:12 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2014/04/05 22:26:02 | 002,445,852 | ---- | C] () -- C:\Users\nicho_000\Desktop\Copy of skinny.prproj
[2014/04/05 18:59:17 | 000,000,968 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/04/05 17:41:38 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2014/04/05 17:18:22 | 000,000,002 | ---- | C] () -- C:\END
[2014/04/05 16:48:44 | 002,352,734 | ---- | C] () -- C:\Users\nicho_000\Desktop\premiere_pro_old_film_grain_by_rustystasiuk-d4yli66.zip
[2014/04/05 16:18:38 | 000,002,091 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 5.3 64-bit.lnk
[2014/04/05 16:18:38 | 000,002,071 | ---- | C] () -- C:\Users\Public\Desktop\Lightroom 5.3 64-bit.lnk
[2014/04/05 16:17:35 | 000,878,763 | ---- | C] () -- C:\Users\nicho_000\Desktop\#A.P.L.5.3#.rar
[2014/04/05 16:07:28 | 000,001,649 | ---- | C] () -- C:\Users\nicho_000\Desktop\SpeedGrade - Shortcut.lnk
[2014/04/05 16:06:58 | 000,001,413 | ---- | C] () -- C:\Users\nicho_000\Desktop\Adobe Illustrator CC (64 Bit).lnk
[2014/04/05 16:05:38 | 000,001,728 | ---- | C] () -- C:\Users\nicho_000\Desktop\Photoshop - Shortcut.lnk
[2014/04/05 16:05:04 | 000,001,743 | ---- | C] () -- C:\Users\nicho_000\Desktop\Adobe Premiere Pro - Shortcut.lnk
[2014/04/05 16:04:50 | 000,001,708 | ---- | C] () -- C:\Users\nicho_000\Desktop\InDesign - Shortcut.lnk
[2014/04/05 16:03:31 | 000,001,666 | ---- | C] () -- C:\Users\nicho_000\Desktop\Bridge - Shortcut.lnk
[2014/04/05 15:56:41 | 001,390,327 | ---- | C] () -- C:\Users\nicho_000\Desktop\Adobe Crack CC All.rar
[2014/04/05 15:40:15 | 000,000,896 | ---- | C] () -- C:\Users\nicho_000\Desktop\µTorrent.lnk
[2014/04/05 15:22:48 | 000,001,219 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Fireworks CS6.lnk
[2014/04/05 15:21:55 | 000,001,365 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
[2014/04/05 15:21:24 | 000,001,013 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
[2014/04/05 15:02:47 | 000,001,236 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Dreamweaver CC.lnk
[2014/04/05 14:48:28 | 000,001,046 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CC (64bit).lnk
[2014/04/05 14:35:21 | 000,002,046 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Acrobat XI Pro.lnk
[2014/04/05 14:35:19 | 000,002,230 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
[2014/04/05 14:35:19 | 000,002,160 | ---- | C] () -- C:\Users\Public\Desktop\Adobe FormsCentral.lnk
[2014/04/05 14:35:19 | 000,002,069 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
[2014/04/05 14:35:18 | 000,002,469 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
[2014/04/05 13:58:26 | 000,001,207 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CC.lnk
[2014/04/05 13:42:48 | 000,001,279 | ---- | C] () -- C:\Users\nicho_000\Desktop\Norton Installation Files.lnk
[2014/04/05 12:57:20 | 000,001,667 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CC.lnk
[2014/04/05 12:55:02 | 000,001,539 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CC (64 Bit).lnk
[2014/04/05 11:45:07 | 000,001,113 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Content Viewer.lnk
[2014/04/05 11:35:10 | 000,001,072 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign CC (64 Bit).lnk
[2014/04/05 11:33:19 | 000,001,200 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign CC.lnk
[2014/04/05 10:22:54 | 000,001,033 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe SpeedGrade CC.lnk
[2014/04/05 09:58:24 | 000,001,084 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC (64 Bit).lnk
[2014/04/05 09:57:04 | 000,001,212 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC.lnk
[2014/04/05 08:47:02 | 268,435,456 | -HS- | C] () -- C:\swapfile.sys
[2014/04/05 08:47:01 | 2503,110,655 | -HS- | C] () -- C:\hiberfil.sys
[2014/04/05 08:43:34 | 000,001,087 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC.lnk
[2014/04/05 08:37:45 | 000,001,099 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CC.lnk
[2014/04/05 08:11:15 | 000,000,013 | RHS- | C] () -- C:\Windows\SysNative\drivers\fbd.sys
[2014/04/05 07:56:20 | 001,915,512 | ---- | C] () -- C:\Users\nicho_000\Desktop\winrar-x64-51b2.exe
[2014/04/05 07:56:16 | 001,808,665 | ---- | C] () -- C:\Users\nicho_000\Desktop\Adobe  CC Crack Files.zip
[2014/04/05 07:48:13 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2014/04/05 07:42:59 | 000,001,325 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
[2014/04/05 07:42:59 | 000,001,313 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
[2014/04/05 07:27:52 | 000,002,295 | ---- | C] () -- C:\Users\nicho_000\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/04/05 07:27:51 | 000,002,203 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/04/05 07:24:12 | 000,001,432 | ---- | C] () -- C:\Users\nicho_000\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/04/05 07:17:15 | 000,001,438 | ---- | C] () -- C:\Users\nicho_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/04/05 07:15:43 | 000,000,352 | ---- | C] () -- C:\Users\nicho_000\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/04/05 07:15:43 | 000,000,334 | ---- | C] () -- C:\Users\nicho_000\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2013/11/05 05:10:58 | 000,303,104 | ---- | C] () -- C:\Windows\SysWow64\igdmd32.dll
[2013/11/05 05:10:57 | 000,180,736 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2013/11/05 05:10:57 | 000,142,848 | ---- | C] () -- C:\Windows\SysWow64\igdail32.dll
[2013/08/22 10:36:43 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2013/08/22 10:36:42 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2013/08/22 09:46:23 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2013/08/22 02:01:23 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2013/08/21 22:32:36 | 000,046,080 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2013/08/21 22:17:46 | 000,103,936 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2013/08/21 18:55:20 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2013/08/21 18:52:39 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2013/05/11 20:17:52 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
 
========== ZeroAccess Check ==========
 
[2014/04/05 16:27:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/09/23 02:58:32 | 021,195,128 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/09/23 01:13:37 | 018,640,456 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 04:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/21 21:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 04:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/04/05 17:17:52 | 000,000,000 | ---D | M] -- C:\Users\nicho_000\AppData\Roaming\ Angry_Birds
[2014/04/05 17:34:21 | 000,000,000 | ---D | M] -- C:\Users\nicho_000\AppData\Roaming\uTorrent
[2014/04/05 07:16:22 | 000,000,000 | ---D | M] -- C:\Users\nicho_000\AppData\Roaming\WinBatch
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %USERPROFILE%\..|smtmp;true;true;true /FP >
 
< %temp%\smtmp\*.* /s > >
 
< MD5 for: EXPLORER.ADML  >
[2013/08/22 14:09:58 | 000,003,671 | ---- | M] () MD5=007B16AEF3E958080573CDB80648167D -- C:\Windows\WinSxS\amd64_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.3.9600.16384_en-us_13bedf9d3e4c78d1\Explorer.adml
 
< MD5 for: EXPLORER.ADMX  >
[2013/06/18 09:57:40 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\WinSxS\amd64_microsoft-windows-shell-grouppolicy_31bf3856ad364e35_6.3.9600.16384_none_067909bec4cce684\Explorer.admx
 
< MD5 for: EXPLORER.EXE  >
[2013/08/22 00:25:34 | 002,063,408 | ---- | M] (Microsoft Corporation) MD5=2CA8E3C9335C3C8BAEB335345E48364D -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16384_none_4cc7b16f8214372e\explorer.exe
[2013/09/21 04:37:39 | 002,065,960 | ---- | M] (Microsoft Corporation) MD5=712B0D2ADE5297563168C997DDC2DD13 -- C:\Windows\SysWOW64\explorer.exe
[2013/09/21 04:37:39 | 002,065,960 | ---- | M] (Microsoft Corporation) MD5=712B0D2ADE5297563168C997DDC2DD13 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16408_none_4d2233dd81cfba29\explorer.exe
[2013/08/22 07:39:51 | 002,328,880 | ---- | M] (Microsoft Corporation) MD5=8479DC46E9A09015C0777A16BC22A15D -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16384_none_4273071d4db37533\explorer.exe
[2013/09/21 05:54:20 | 002,328,328 | ---- | M] (Microsoft Corporation) MD5=C1400519D76A364E974E47BBA62B95B0 -- C:\Windows\explorer.exe
[2013/09/21 05:54:20 | 002,328,328 | ---- | M] (Microsoft Corporation) MD5=C1400519D76A364E974E47BBA62B95B0 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16408_none_42cd898b4d6ef82e\explorer.exe
[2013/09/20 10:51:08 | 003,885,120 | ---- | M] (Safer-Networking Ltd.) MD5=CDEB46FE688F062D3033209B29755203 -- C:\Program Files (x86)\Spybot - Search & Destroy 2\explorer.exe
 
< MD5 for: EXPLORER.EXE.MUI  >
[2013/08/22 14:09:43 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=6B943F9892499269B3C4886C1F0BD843 -- C:\Windows\en-US\explorer.exe.mui
[2013/08/22 14:09:43 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=6B943F9892499269B3C4886C1F0BD843 -- C:\Windows\SysWOW64\en-US\explorer.exe.mui
[2013/08/22 14:09:43 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=6B943F9892499269B3C4886C1F0BD843 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.3.9600.16384_en-us_f6b0e7284798d168\explorer.exe.mui
[2013/08/22 14:09:43 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=6B943F9892499269B3C4886C1F0BD843 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.3.9600.16384_en-us_0105917a7bf99363\explorer.exe.mui
 
< MD5 for: EXPLORER.EXE-03C49D11.PF  >
[2014/04/06 10:27:20 | 000,362,878 | ---- | M] () MD5=059DC68E9D5DD7D953893598F1C1A217 -- C:\Windows\Prefetch\EXPLORER.EXE-03C49D11.pf
 
< MD5 for: IEXPLORE.EXE  >
[2013/08/22 07:34:04 | 000,804,464 | ---- | M] (Microsoft Corporation) MD5=1C39C41D50FF7113748D825F4327D406 -- C:\Program Files\Internet Explorer\iexplore.exe
[2013/08/22 07:34:04 | 000,804,464 | ---- | M] (Microsoft Corporation) MD5=1C39C41D50FF7113748D825F4327D406 -- C:\Windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.0.9600.16384_none_9c7bbe6690ba5bc1\iexplore.exe
[2014/03/05 09:24:36 | 000,742,200 | ---- | M] (MalwareBytes) MD5=87829A6F3529D772FA8BF0C2C238D1C6 -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\iexplore.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\iexplore.exe
[2012/08/15 08:48:46 | 000,218,184 | ---- | M] () MD5=B6381489F9C8612AFFD4A2765ABD341C -- C:\Users\nicho_000\Downloads\mbam-chameleon-1.62.1.1000\iexplore.exe
[2014/04/05 19:00:58 | 001,933,048 | ---- | M] (Bleeping Computer, LLC) MD5=C038AC0153BFFE7F8778D404C0872317 -- C:\Users\nicho_000\Downloads\iExplore.exe
[2013/08/22 00:20:05 | 000,805,992 | ---- | M] (Microsoft Corporation) MD5=EE889775E0F9755C90FAEBFB93FBD781 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
[2013/08/22 00:20:05 | 000,805,992 | ---- | M] (Microsoft Corporation) MD5=EE889775E0F9755C90FAEBFB93FBD781 -- C:\Windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.0.9600.16384_none_a6d068b8c51b1dbc\iexplore.exe
 
< MD5 for: IEXPLORE.EXE.MUI  >
[2013/08/22 14:10:00 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=25B70D28D1CE87B67EEC2BA899126244 -- C:\Program Files (x86)\Internet Explorer\en-US\iexplore.exe.mui
[2013/08/22 14:10:00 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=25B70D28D1CE87B67EEC2BA899126244 -- C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui
[2013/08/22 14:10:00 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=25B70D28D1CE87B67EEC2BA899126244 -- C:\Windows\WinSxS\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.0.9600.16384_en-us_962853ddc8679ca8\iexplore.exe.mui
[2013/08/22 14:10:00 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=25B70D28D1CE87B67EEC2BA899126244 -- C:\Windows\WinSxS\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.0.9600.16384_en-us_a07cfe2ffcc85ea3\iexplore.exe.mui
 
< MD5 for: IEXPLORE.EXE-7A9337F2.PF  >
[2014/04/05 07:24:22 | 000,104,368 | ---- | M] () MD5=6EA44A3D00FA6ABFC0C27293BFD2DAB1 -- C:\Windows\Prefetch\IEXPLORE.EXE-7A9337F2.pf
 
< MD5 for: IEXPLORE.EXE-F4FB5D2F.PF  >
[2014/04/05 07:26:04 | 000,189,324 | ---- | M] () MD5=0792BA47205044EDDFE17B51F4276397 -- C:\Windows\Prefetch\IEXPLORE.EXE-F4FB5D2F.pf
 
< MD5 for: IEXPLORE.VISUALELEMENTSMANIFEST.XML  >
[2013/06/18 09:48:46 | 000,000,340 | ---- | M] () MD5=2C776DCD91132FCC6A8C066DD529B307 -- C:\Program Files\Internet Explorer\iexplore.VisualElementsManifest.xml
[2013/06/18 09:48:46 | 000,000,340 | ---- | M] () MD5=2C776DCD91132FCC6A8C066DD529B307 -- C:\Windows\WinSxS\amd64_microsoft-windows-immersivebrowser_31bf3856ad364e35_11.0.9600.16384_none_c673d0d2f4ca87f4\iexplore.VisualElementsManifest.xml
 
< MD5 for: SERVICES  >
[2013/08/22 10:04:54 | 000,003,777 | ---- | M] () MD5=5EE2D65841D1985E8C1BC68B2EB4357B -- C:\Windows\WinSxS\amd64_microsoft-windows-w..ucture-other-minwin_31bf3856ad364e35_6.3.9600.16384_none_25fdfd813908f8a6\services
 
< MD5 for: SERVICES.AIP  >
[2013/12/20 04:38:34 | 000,423,824 | ---- | M] (Adobe Systems Incorporated) MD5=0A6AFB775AE7C2D38B3ED7ECAC3434CD -- C:\Program Files (x86)\Adobe\Adobe Illustrator CC\Plug-ins\Extensions\Services.aip
[2013/12/20 03:28:38 | 000,527,760 | ---- | M] (Adobe Systems Incorporated) MD5=1F997FC956C2F4B8F3D476ACA19BB7BD -- C:\Program Files\Adobe\Adobe Illustrator CC (64 Bit)\Plug-ins\Extensions\Services.aip
 
< MD5 for: SERVICES.ASFX  >
[2012/09/23 23:44:02 | 000,002,648 | ---- | M] () MD5=0865ABFC40AE2C730EF33F0E29C2C780 -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Locale\ro_RO\Services\Services.asfx
[2012/09/23 23:43:52 | 000,002,588 | ---- | M] () MD5=0D18AE3100D7B9D49DCB1CE1EABA21F7 -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Locale\pt_BR\Services\Services.asfx
[2012/09/23 23:43:44 | 000,002,677 | ---- | M] () MD5=22FEEF662B7E813F8547E1446EBC706B -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Locale\de_DE\Services\Services.asfx
[2012/09/23 23:43:54 | 000,002,619 | ---- | M] () MD5=2468CEF75419234DCA72F892392DFB6C -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Locale\cs_CZ\Services\Services.asfx
[2012/09/23 23:43:50 | 000,002,525 | ---- | M] () MD5=34EB1E120DAE2C8346BA3747D562355B -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Locale\da_DK\Services\Services.asfx
[2012/09/23 23:43:44 | 000,002,851 | ---- | M] () MD5=364469E5C8724EB95F2E142438C8CECF -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Locale\ja_JP\Services\Services.asfx
[2012/09/23 23:43:48 | 000,002,556 | ---- | M] () MD5=3BE849A0D8DEEF6E14BEC19D565A965D -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Locale\sv_SE\Services\Services.asfx
[2012/09/23 23:43:50 | 000,002,577 | ---- | M] () MD5=4160D76537EB300F681419BEA7589192 -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Locale\fi_FI\Services\Services.asfx
[2012/09/23 23:43:58 | 000,002,601 | ---- | M] () MD5=4E7A75C5564D7E08200E3B7F656BF227 -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Locale\tr_TR\Services\Services.asfx
[2012/09/23 23:43:56 | 000,002,760 | ---- | M] () MD5=69BCCC8BA799AD320C723B14DAE327EB -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Locale\hu_HU\Services\Services.asfx
[2012/09/23 23:44:02 | 000,003,264 | ---- | M] () MD5=6A3669AC3D692776A76DB4C513B73718 -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Locale\uk_UA\Services\Services.asfx
[2012/09/23 23:44:06 | 000,002,497 | ---- | M] () MD5=6ECF361623A3B738642C61790DF3BF73 -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Locale\eu_ES\Services\Services.asfx
[2012/09/23 23:43:46 | 000,002,533 | ---- | M] () MD5=72E505C96C0A40BE1DFD0F5FB982F527 -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Locale\it_IT\Services\Services.asfx
[2012/09/23 23:43:58 | 000,003,374 | ---- | M] () MD5=7DE29C93BAEEB470EE77CF5C1B1C03A1 -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Locale\ru_RU\Services\Services.asfx
[2012/09/23 23:43:52 | 000,002,653 | ---- | M] () MD5=881E2DDB014FD5D09B84AA45F2E86077 -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Locale\ko_KR\Services\Services.asfx
[2012/09/23 23:43:48 | 000,002,628 | ---- | M] () MD5=8A84C89E1D2A0916D4464D5AD46FB8AC -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Locale\nl_NL\Services\Services.asfx
[2012/09/23 23:44:02 | 000,002,539 | ---- | M] () MD5=8DEA878E25C893461D45C8974160B559 -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Locale\sl_SI\Services\Services.asfx
[2012/09/23 23:43:42 | 000,002,616 | ---- | M] () MD5=939A97CCEC5E78C7D41262B21158D749 -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Locale\fr_FR\Services\Services.asfx
[2012/09/23 23:44:00 | 000,002,516 | ---- | M] () MD5=9B850C525959D9F53CD576DEF11F6ED4 -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Locale\hr_HR\Services\Services.asfx
[2012/09/23 23:44:04 | 000,002,640 | ---- | M] () MD5=A86B5BD2B198C0870542D6478C3CC6BC -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Locale\sk_SK\Services\Services.asfx
[2012/09/23 23:43:50 | 000,002,493 | ---- | M] () MD5=A8C9725DBFAA9DB585F9691060B1FFA3 -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Locale\nb_NO\Services\Services.asfx
[2012/09/23 23:43:54 | 000,002,488 | ---- | M] () MD5=B1468F053A250799FCE421BEC8AA9A57 -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Locale\zh_TW\Services\Services.asfx
[2012/09/23 23:43:54 | 000,002,457 | ---- | M] () MD5=BE0958E015FED942FAD670540F2BCEC1 -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Locale\zh_CN\Services\Services.asfx
[2012/09/23 23:44:04 | 000,002,543 | ---- | M] () MD5=C2EDC3B5BB19B6F41226433A889EFE48 -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Locale\ca_ES\Services\Services.asfx
[2012/09/23 23:43:56 | 000,002,543 | ---- | M] () MD5=C66A95C06294259E63522BBB0E8B3ED8 -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Locale\pl_PL\Services\Services.asfx
[2012/09/23 23:43:46 | 000,002,546 | ---- | M] () MD5=DE20C36CDD3208B4E8544397E551C40B -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Locale\es_ES\Services\Services.asfx
 
< MD5 for: SERVICES.CFG  >
[2012/09/23 20:43:52 | 000,603,848 | ---- | M] () MD5=81B120EAEE296F0E54F66C16C5A21367 -- C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Services\Services.cfg
[2012/09/23 23:43:36 | 000,603,848 | R--- | M] () MD5=81B120EAEE296F0E54F66C16C5A21367 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744BA0000000010\11.0.0\services.cfg
[2013/05/11 05:37:26 | 000,558,990 | ---- | M] () MD5=FE8FB005031C2574E990DAC1F9F5ACF8 -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Services\Services.cfg
 
< MD5 for: SERVICES.EXE  >
[2013/08/22 08:25:40 | 000,405,488 | ---- | M] (Microsoft Corporation) MD5=B4B610BBCB002EC478C6FD80CF915697 -- C:\Windows\SysNative\services.exe
[2013/08/22 08:25:40 | 000,405,488 | ---- | M] (Microsoft Corporation) MD5=B4B610BBCB002EC478C6FD80CF915697 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.3.9600.16384_none_2fd72579d09a45e9\services.exe
 
< MD5 for: SERVICES.EXE.MUI  >
[2013/08/22 14:09:32 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=0626E9CF9F010A5E5D5A8E200A59DDDC -- C:\Windows\SysNative\en-US\services.exe.mui
[2013/08/22 14:09:32 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=0626E9CF9F010A5E5D5A8E200A59DDDC -- C:\Windows\WinSxS\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.3.9600.16384_en-us_5abba721f9ec3435\services.exe.mui
 
< MD5 for: SERVICES.JS  >
[2013/08/22 14:13:49 | 000,089,002 | ---- | M] () MD5=BCF4AD208163A961EEAF9F67C7DDA943 -- C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.1.174_x64__8wekyb3d8bbwe\common\js\services.js
[2013/08/22 14:14:04 | 000,089,002 | ---- | M] () MD5=BCF4AD208163A961EEAF9F67C7DDA943 -- C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.1.177_x64__8wekyb3d8bbwe\common\js\services.js
[2013/08/22 14:14:12 | 000,089,002 | ---- | M] () MD5=BCF4AD208163A961EEAF9F67C7DDA943 -- C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.1.176_x64__8wekyb3d8bbwe\common\js\services.js
[2013/08/22 14:13:32 | 000,089,002 | ---- | M] () MD5=BCF4AD208163A961EEAF9F67C7DDA943 -- C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.1.174_x64__8wekyb3d8bbwe\common\js\services.js
[2013/08/22 14:13:24 | 000,089,002 | ---- | M] () MD5=BCF4AD208163A961EEAF9F67C7DDA943 -- C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.1.174_x64__8wekyb3d8bbwe\common\js\services.js
[2013/08/22 14:14:40 | 000,089,002 | ---- | M] () MD5=BCF4AD208163A961EEAF9F67C7DDA943 -- C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.1.174_x64__8wekyb3d8bbwe\common\js\services.js
[2013/08/22 14:13:41 | 000,089,002 | ---- | M] () MD5=BCF4AD208163A961EEAF9F67C7DDA943 -- C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.1.174_x64__8wekyb3d8bbwe\common\js\services.js
 
< MD5 for: SERVICES.LNK  >
[2013/08/22 01:54:57 | 000,001,158 | ---- | M] () MD5=5C11B0E362D426FD6E99B07705BA4A48 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2013/08/22 01:54:57 | 000,001,158 | ---- | M] () MD5=5C11B0E362D426FD6E99B07705BA4A48 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2013/08/22 01:54:57 | 000,001,158 | ---- | M] () MD5=5C11B0E362D426FD6E99B07705BA4A48 -- C:\Windows\WinSxS\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.3.9600.16384_none_c02242af19b1eb57\services.lnk
 
< MD5 for: SERVICES.MOF  >
[2013/06/18 09:51:33 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\SysNative\wbem\services.mof
[2013/06/18 09:51:33 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.3.9600.16384_none_c01e2072a140077e\services.mof
 
< MD5 for: SERVICES.MSC  >
[2013/08/22 14:09:36 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\SysNative\en-US\services.msc
[2013/06/18 09:47:53 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\SysNative\services.msc
[2013/08/22 14:09:36 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\SysWOW64\en-US\services.msc
[2013/06/18 07:23:54 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\SysWOW64\services.msc
[2013/08/22 14:09:36 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.3.9600.16384_en-us_94fd770dd055ce28\services.msc
[2013/06/18 09:47:53 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\WinSxS\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.3.9600.16384_none_c02242af19b1eb57\services.msc
[2013/06/18 07:23:54 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\WinSxS\wow64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.3.9600.16384_none_ca76ed014e12ad52\services.msc
[2013/08/22 14:09:36 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\WinSxS\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.3.9600.16384_en-us_38dedb8a17f85cf2\services.msc
 
< MD5 for: SERVICES.PTXML  >
[2013/08/22 01:45:36 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\SysNative\wdi\perftrack\Services.ptxml
[2013/08/22 01:45:36 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.3.9600.16384_none_c01e2072a140077e\Services.ptxml
 
< MD5 for: SERVICES.SBS  >
[2011/03/01 00:00:00 | 000,034,818 | ---- | M] () MD5=62AFD4B2025CE6D4706B36F4C4808F9B -- C:\Program Files (x86)\Spybot - Search & Destroy 2\Includes\Services.sbs
[2011/03/01 02:58:46 | 000,034,818 | ---- | M] () MD5=62AFD4B2025CE6D4706B36F4C4808F9B -- C:\Program Files (x86)\Spybot - Search & Destroy 2\Updates\Extracts\Services.sbs
 
< MD5 for: SERVICES.SBS-20110301.CAB  >
[2014/04/06 10:40:48 | 000,041,248 | ---- | M] () MD5=149FF3413EED31253183D6E65E383138 -- C:\Program Files (x86)\Spybot - Search & Destroy 2\Updates\Downloads\Services.sbs-20110301.cab
 
< MD5 for: WINLOGON.ADML  >
[2013/08/22 14:09:57 | 000,008,978 | ---- | M] () MD5=AD266AC436809BBDC0A19A05E80904A8 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon-adm.resources_31bf3856ad364e35_6.3.9600.16384_en-us_85c27192b0d9003d\WinLogon.adml
 
< MD5 for: WINLOGON.ADMX  >
[2013/08/22 09:57:15 | 000,001,101 | ---- | M] () MD5=513B8C31BC439F0A37EA44D540F98916 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon-adm_31bf3856ad364e35_6.3.9600.16384_none_6bcbbccd4d39421a\WinLogon.admx
 
< MD5 for: WINLOGON.EXE  >
[2013/08/22 04:55:08 | 000,564,736 | ---- | M] (Microsoft Corporation) MD5=7C94FDA3809015B8F2208D2E1C221F17 -- C:\Windows\SysNative\winlogon.exe
[2013/08/22 04:55:08 | 000,564,736 | ---- | M] (Microsoft Corporation) MD5=7C94FDA3809015B8F2208D2E1C221F17 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.16384_none_60816121a8e88269\winlogon.exe
[2014/03/05 09:24:36 | 000,742,200 | ---- | M] (MalwareBytes) MD5=87829A6F3529D772FA8BF0C2C238D1C6 -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2012/08/15 08:48:46 | 000,218,184 | ---- | M] () MD5=B6381489F9C8612AFFD4A2765ABD341C -- C:\Users\nicho_000\Downloads\mbam-chameleon-1.62.1.1000\winlogon.exe
[2014/04/05 19:03:04 | 001,933,048 | ---- | M] (Bleeping Computer, LLC) MD5=C038AC0153BFFE7F8778D404C0872317 -- C:\Users\nicho_000\Downloads\WiNlOgOn.exe
 
< MD5 for: WINLOGON.EXE.MUI  >
[2013/08/22 14:09:50 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=E1EA8FA8EDA1C8E5BFF41FCECE119841 -- C:\Windows\SysNative\en-US\winlogon.exe.mui
[2013/08/22 14:09:50 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=E1EA8FA8EDA1C8E5BFF41FCECE119841 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.3.9600.16384_en-us_bbb6f195d80d78ae\winlogon.exe.mui
 
< MD5 for: WINLOGON.EXE-0D9AB72B.PF  >
[2014/04/06 02:53:46 | 000,029,054 | ---- | M] () MD5=2FF2B2976B761EA6D39D03AB8EC78509 -- C:\Windows\Prefetch\WINLOGON.EXE-0D9AB72B.pf
 
< MD5 for: WINLOGON.EXE-E1919B47.PF  >
[2014/04/05 19:03:20 | 000,025,332 | ---- | M] () MD5=7EF93CC40FD1607E1D85064289B5034C -- C:\Windows\Prefetch\WINLOGON.EXE-E1919B47.pf
 
< MD5 for: WINLOGON.MFL  >
[2013/08/22 14:09:50 | 000,001,080 | ---- | M] () MD5=2783ED50691284F7EAE6BE9729337E1A -- C:\Windows\SysNative\wbem\en-US\winlogon.mfl
[2013/08/22 14:09:50 | 000,001,080 | ---- | M] () MD5=2783ED50691284F7EAE6BE9729337E1A -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon-mof.resources_31bf3856ad364e35_6.3.9600.16384_en-us_19794360f345d243\winlogon.mfl
 
< MD5 for: WINLOGON.MOF  >
[2013/08/22 01:45:12 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\Windows\SysNative\wbem\winlogon.mof
[2013/08/22 01:45:12 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon-mof_31bf3856ad364e35_6.3.9600.16384_none_70f729db49dee3dc\winlogon.mof
 
< %SYSTEMDRIVE%\*.* >
[2013/08/22 00:31:45 | 000,427,680 | RHS- | M] () -- C:\bootmgr
[2013/06/18 07:18:29 | 000,000,001 | -HS- | M] () -- C:\BOOTNXT
[2014/04/05 17:21:11 | 000,000,002 | ---- | M] () -- C:\END
[2014/04/06 10:45:16 | 2503,110,655 | -HS- | M] () -- C:\hiberfil.sys
[2014/04/06 10:45:16 | 2013,265,920 | -HS- | M] () -- C:\pagefile.sys
[2014/04/05 08:46:41 | 000,000,000 | ---- | M] () -- C:\Recovery.txt
[2014/04/06 10:45:17 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
 
< %systemroot%\Fonts\*.com >
[2013/08/28 18:54:10 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2013/08/28 18:54:10 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2013/08/28 18:54:10 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2013/08/28 18:54:10 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
 
< %systemroot%\Fonts\*.dll >
 
< %systemroot%\Fonts\*.ini >
[2013/08/22 10:35:03 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini
 
< %systemroot%\Fonts\*.ini2 >
 
< %systemroot%\Fonts\*.exe >
 
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
 
< %systemroot%\REPAIR\*.bak1 >
 
< %systemroot%\REPAIR\*.ini >
 
< %systemroot%\system32\*.jpg >
 
< %systemroot%\*.jpg >
 
< %systemroot%\*.png >
 
< %systemroot%\*.scr >
 
< %systemroot%\*._sy >
 
< %APPDATA%\Adobe\Update\*.* >
 
< %ALLUSERSPROFILE%\Favorites\*.* >
 
< %APPDATA%\Microsoft\*.* >
 
< %PROGRAMFILES%\*.* >
[2013/08/22 10:34:52 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini
 
< %APPDATA%\Update\*.* >
 
< %systemroot%\*. /mp /s >
 
< dir "%systemdrive%\*" /S /A:L /C >
 Volume in drive C has no label.
 Volume Serial Number is BC90-18B5
 Directory of C:\
08/22/2013  09:45 AM    <JUNCTION>     Documents and Settings [C:\Users]
               0 File(s)              0 bytes
 Directory of C:\ProgramData
08/22/2013  09:45 AM    <JUNCTION>     Application Data [C:\ProgramData]
08/22/2013  09:45 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
08/22/2013  09:45 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
08/22/2013  09:45 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
08/22/2013  09:45 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users
08/22/2013  09:45 AM    <SYMLINKD>     All Users [C:\ProgramData]
08/22/2013  09:45 AM    <JUNCTION>     Default User [C:\Users\Default]
               0 File(s)              0 bytes
 Directory of C:\Users\All Users
08/22/2013  09:45 AM    <JUNCTION>     Application Data [C:\ProgramData]
08/22/2013  09:45 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
08/22/2013  09:45 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
08/22/2013  09:45 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
08/22/2013  09:45 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\Default
08/22/2013  09:45 AM    <JUNCTION>     Application Data [C:\Users\Default\AppData\Roaming]
08/22/2013  09:45 AM    <JUNCTION>     Cookies [C:\Users\Default\AppData\Local\Microsoft\Windows\INetCookies]
08/22/2013  09:45 AM    <JUNCTION>     Local Settings [C:\Users\Default\AppData\Local]
08/22/2013  09:45 AM    <JUNCTION>     My Documents [C:\Users\Default\Documents]
08/22/2013  09:45 AM    <JUNCTION>     NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
08/22/2013  09:45 AM    <JUNCTION>     PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
08/22/2013  09:45 AM    <JUNCTION>     Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
08/22/2013  09:45 AM    <JUNCTION>     SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
08/22/2013  09:45 AM    <JUNCTION>     Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
08/22/2013  09:45 AM    <JUNCTION>     Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\Default\AppData\Local
08/22/2013  09:45 AM    <JUNCTION>     Application Data [C:\Users\Default\AppData\Local]
08/22/2013  09:45 AM    <JUNCTION>     History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
08/22/2013  09:45 AM    <JUNCTION>     Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache]
               0 File(s)              0 bytes
 Directory of C:\Users\Default\AppData\Local\Microsoft\Windows
08/22/2013  09:45 AM    <JUNCTION>     Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache]
               0 File(s)              0 bytes
 Directory of C:\Users\Default\Documents
08/22/2013  09:45 AM    <JUNCTION>     My Music [C:\Users\Default\Music]
08/22/2013  09:45 AM    <JUNCTION>     My Pictures [C:\Users\Default\Pictures]
08/22/2013  09:45 AM    <JUNCTION>     My Videos [C:\Users\Default\Videos]
               0 File(s)              0 bytes
 Directory of C:\Users\nicho_000
04/05/2014  07:15 AM    <JUNCTION>     Application Data [C:\Users\nicho_000\AppData\Roaming]
04/05/2014  07:15 AM    <JUNCTION>     Cookies [C:\Users\nicho_000\AppData\Local\Microsoft\Windows\INetCookies]
04/05/2014  07:15 AM    <JUNCTION>     Local Settings [C:\Users\nicho_000\AppData\Local]
04/05/2014  07:15 AM    <JUNCTION>     My Documents [C:\Users\nicho_000\Documents]
04/05/2014  07:15 AM    <JUNCTION>     NetHood [C:\Users\nicho_000\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
04/05/2014  07:15 AM    <JUNCTION>     PrintHood [C:\Users\nicho_000\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
04/05/2014  07:15 AM    <JUNCTION>     Recent [C:\Users\nicho_000\AppData\Roaming\Microsoft\Windows\Recent]
04/05/2014  07:15 AM    <JUNCTION>     SendTo [C:\Users\nicho_000\AppData\Roaming\Microsoft\Windows\SendTo]
04/05/2014  07:15 AM    <JUNCTION>     Start Menu [C:\Users\nicho_000\AppData\Roaming\Microsoft\Windows\Start Menu]
04/05/2014  07:15 AM    <JUNCTION>     Templates [C:\Users\nicho_000\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\nicho_000\AppData\Local
04/05/2014  07:15 AM    <JUNCTION>     Application Data [C:\Users\nicho_000\AppData\Local]
04/05/2014  07:15 AM    <JUNCTION>     History [C:\Users\nicho_000\AppData\Local\Microsoft\Windows\History]
04/05/2014  07:15 AM    <JUNCTION>     Temporary Internet Files [C:\Users\nicho_000\AppData\Local\Microsoft\Windows\INetCache]
               0 File(s)              0 bytes
 Directory of C:\Users\nicho_000\AppData\Local\Microsoft\Windows
04/05/2014  07:15 AM    <JUNCTION>     Temporary Internet Files [C:\Users\nicho_000\AppData\Local\Microsoft\Windows\INetCache]
               0 File(s)              0 bytes
 Directory of C:\Users\nicho_000\AppData\Local\Microsoft\Windows\INetCache
04/05/2014  07:17 AM    <JUNCTION>     Content.IE5 [C:\Users\nicho_000\AppData\Local\Microsoft\Windows\INetCache\IE\]
               0 File(s)              0 bytes
 Directory of C:\Users\nicho_000\AppData\Local\Microsoft\Windows\INetCache\Low
04/05/2014  07:25 AM    <JUNCTION>     Content.IE5 [C:\Users\nicho_000\AppData\Local\Microsoft\Windows\INetCache\Low\IE\]
               0 File(s)              0 bytes
 Directory of C:\Users\nicho_000\Documents
04/05/2014  07:15 AM    <JUNCTION>     My Music [C:\Users\nicho_000\Music]
04/05/2014  07:15 AM    <JUNCTION>     My Pictures [C:\Users\nicho_000\Pictures]
04/05/2014  07:15 AM    <JUNCTION>     My Videos [C:\Users\nicho_000\Videos]
               0 File(s)              0 bytes
 Directory of C:\Users\Public\Documents
08/22/2013  09:45 AM    <JUNCTION>     My Music [C:\Users\Public\Music]
08/22/2013  09:45 AM    <JUNCTION>     My Pictures [C:\Users\Public\Pictures]
08/22/2013  09:45 AM    <JUNCTION>     My Videos [C:\Users\Public\Videos]
               0 File(s)              0 bytes
 Directory of C:\Users\UpdatusUser
01/12/2014  11:02 AM    <JUNCTION>     Application Data [C:\Users\UpdatusUser\AppData\Roaming]
01/12/2014  11:02 AM    <JUNCTION>     Cookies [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\INetCookies]
01/12/2014  11:02 AM    <JUNCTION>     Local Settings [C:\Users\UpdatusUser\AppData\Local]
01/12/2014  11:02 AM    <JUNCTION>     My Documents [C:\Users\UpdatusUser\Documents]
01/12/2014  11:02 AM    <JUNCTION>     NetHood [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
01/12/2014  11:02 AM    <JUNCTION>     PrintHood [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
01/12/2014  11:02 AM    <JUNCTION>     Recent [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Recent]
01/12/2014  11:02 AM    <JUNCTION>     SendTo [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\SendTo]
01/12/2014  11:02 AM    <JUNCTION>     Start Menu [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu]
01/12/2014  11:02 AM    <JUNCTION>     Templates [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\UpdatusUser\AppData\Local
01/12/2014  11:02 AM    <JUNCTION>     Application Data [C:\Users\UpdatusUser\AppData\Local]
01/12/2014  11:02 AM    <JUNCTION>     History [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\History]
01/12/2014  11:02 AM    <JUNCTION>     Temporary Internet Files [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\INetCache]
               0 File(s)              0 bytes
 Directory of C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows
01/12/2014  11:02 AM    <JUNCTION>     Temporary Internet Files [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\INetCache]
               0 File(s)              0 bytes
 Directory of C:\Users\UpdatusUser\Documents
01/12/2014  11:02 AM    <JUNCTION>     My Music [C:\Users\UpdatusUser\Music]
01/12/2014  11:02 AM    <JUNCTION>     My Pictures [C:\Users\UpdatusUser\Pictures]
01/12/2014  11:02 AM    <JUNCTION>     My Videos [C:\Users\UpdatusUser\Videos]
               0 File(s)              0 bytes
 Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache
11/05/2013  04:42 AM    <JUNCTION>     Content.IE5 [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\]
               0 File(s)              0 bytes
 Directory of C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache
11/05/2013  04:42 AM    <JUNCTION>     Content.IE5 [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\]
               0 File(s)              0 bytes
     Total Files Listed:
               0 File(s)              0 bytes
              71 Dir(s)  935,086,850,048 bytes free
 
< %systemroot%\System32\config\*.sav >
 
< %PROGRAMFILES%\bak. /s >
 
< %systemroot%\system32\bak. /s >
 
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
 
< %systemroot%\system32\config\systemprofile\*.dat /x >
 
< %systemroot%\*.config >
 
< %systemroot%\system32\*.db >
 
< %PROGRAMFILES%\Internet Explorer\*.dat >
 
< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2014/04/05 07:24:12 | 000,000,223 | -HS- | M] () -- C:\Users\nicho_000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
 
< %USERPROFILE%\Desktop\*.exe >
[2014/04/06 10:52:52 | 005,192,353 | ---- | M] (Swearware) -- C:\Users\nicho_000\Desktop\ComboFix (3).exe
[2014/04/05 07:56:18 | 001,915,512 | ---- | M] () -- C:\Users\nicho_000\Desktop\winrar-x64-51b2.exe
 
< %PROGRAMFILES%\Common Files\*.* >
 
< %systemroot%\*.src >
 
< %systemroot%\install\*.* >
 
< %systemroot%\system32\DLL\*.* >
 
< %systemroot%\system32\HelpFiles\*.* >
 
< %systemroot%\system32\rundll\*.* >
 
< %systemroot%\winn32\*.* >
 
< %systemroot%\Java\*.* >
 
< %systemroot%\system32\test\*.* >
 
< %systemroot%\system32\Rundll32\*.* >
 
< %systemroot%\AppPatch\Custom\*.* >
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 199 bytes -> C:\Users\nicho_000\SkyDrive:ms-properties
 
< End of report >
 
 
 
 

OTL Extras logfile created on: 4/6/2014 11:03:11 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\nicho_000\Downloads
64bit- An unknown product  (Version = 6.3.9600) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16384)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
7.91 Gb Total Physical Memory | 7.14 Gb Available Physical Memory | 90.21% Memory free
9.79 Gb Paging File | 9.08 Gb Available in Paging File | 92.75% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 921.47 Gb Total Space | 870.88 Gb Free Space | 94.51% Space Free | Partition Type: NTFS
Drive E: | 29.88 Gb Total Space | 1.75 Gb Free Space | 5.85% Space Free | Partition Type: FAT32
 
Computer Name: SCR | User Name: nicho_000 | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\SysWow64\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CC (64 Bit)\Bridge.exe "%L" (Adobe Systems Incorporated)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\SysWow64\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CC (64 Bit)\Bridge.exe "%L" (Adobe Systems Incorporated)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" =  [binary data]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{17BC85C0-3DDE-422D-844C-6CEE5C1AD8D1}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{1DB17BC6-9B94-4A72-AD9E-69D6EB9A989C}" = lport=445 | protocol=6 | dir=in | app=system | 
"{28DF3108-CEB1-4DEC-8562-79A272DFC2B1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{4F452357-5147-4EB4-9AFE-C55988C33868}" = rport=137 | protocol=17 | dir=out | app=system | 
"{5DC440A8-9593-4A76-A3F8-5015667EF622}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{60FFD3F3-12D2-4111-A7CB-1D38CF2F519F}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{68FECF73-D050-4AE3-AA70-D8BB967DCF5E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{6F643AA1-81D3-4611-A71F-62AE2B7A825E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{71E9CACD-208A-427E-B023-E9B73431903D}" = rport=445 | protocol=6 | dir=out | app=system | 
"{7F831209-0A41-41AC-B876-B2FAB56E39D8}" = lport=139 | protocol=6 | dir=in | app=system | 
"{83EB48D6-8EFA-4D77-AE63-3D7AD9A3D226}" = lport=137 | protocol=17 | dir=in | app=system | 
"{91D3157F-D633-400E-B4A5-C7E3C1608C2A}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{94E2355D-CF26-412B-8065-99AA772EB9B2}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{97F707B6-050E-408C-9C62-539FAB2D5D72}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{9CD18CE1-CA9D-4FA3-8972-9C018438A1DA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{B3A89900-CD52-4D7F-84C0-F980541FA077}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{B92D04E6-63D2-4AC1-93BE-98EE37202D96}" = rport=139 | protocol=6 | dir=out | app=system | 
"{D550F7AE-38D8-435B-8AB4-493D679B0F94}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{E1845874-EEFB-4D7D-BA08-4C0D33952839}" = rport=138 | protocol=17 | dir=out | app=system | 
"{E2CA1814-5DBB-4FC7-8416-E03E7F048B08}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{F670CF3A-CCC5-4C07-A2EF-EBFF9FAC5EC1}" = lport=138 | protocol=17 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09224D9C-E5A0-461D-8C97-9A62F271630C}" = dir=out | name=windows_ie_ac_001 | 
"{0E9FA364-494E-4302-BF8E-38FD2C9C6D91}" = dir=out | name=iheartradio | 
"{11D621AC-50DC-4E47-B771-A351C7429E95}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{15E68E28-784D-43A1-99A7-5203399AE09A}" = dir=out | name=@{microsoft.xboxlivegames_2.0.100.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | 
"{161F1908-5047-47E6-BE07-0439A11D4624}" = dir=out | name=@{microsoft.bingweather_3.0.1.174_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | 
"{1BC314C8-0323-43ED-9B8C-962C73816459}" = dir=out | name=@{microsoft.zunemusic_2.2.41.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} | 
"{1DF792A4-5F06-4945-B8B1-60890B746114}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.1.177_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} | 
"{280EA1BE-DAE1-4556-B8BB-DAA9BA0CD87C}" = dir=out | name=toshiba media player by smedio truelink+ | 
"{2B29E9D6-3CF6-4D14-ABF6-6F44B2095E91}" = dir=out | name=@{microsoft.xboxcompanion_1.2.160.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxcompanion/resources/33279} | 
"{2B467065-7B6A-4380-A823-3B022FB7538E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{2EF1974F-8B6A-4985-90CF-717EAA303AC1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{31648A32-E9A7-4F53-A8B1-0E0FB8A19325}" = dir=out | name=toshiba media player by smedio truelink+ | 
"{32793424-C1DA-4795-8C85-C4CACD3080F5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{3BA846B8-6CBA-45D3-B27C-9ED01A0B7883}" = protocol=6 | dir=in | app=c:\users\nicho_000\appdata\roaming\utorrent\utorrent.exe | 
"{3CE6B4F4-C9ED-4324-A4B2-D2074CA66D37}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{405B2820-150A-4912-BE90-DF80C0C17562}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.1.176_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} | 
"{4264B8FA-2DCB-402C-916D-40728A374540}" = dir=in | name=toshiba media player by smedio truelink+ | 
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn | 
"{49913672-36C2-4302-A748-EAE2396B1CA2}" = dir=out | name=@{microsoft.zunevideo_2.2.41.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | 
"{4F0329F9-AAC7-43DF-9B5C-D10F2F34B5B9}" = protocol=6 | dir=out | app=system | 
"{5474A6F1-9B08-443F-BB81-8448BC7B5488}" = dir=out | name=evernote touch | 
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect | 
"{57F57306-85BD-4A67-AF72-39E7331A432A}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{58872DEF-E78D-4D25-9D5A-6C7F3EEAF175}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{5AE9FE20-BFDC-44E0-8732-4A50D1316729}" = dir=out | name=@{microsoft.bingtravel_3.0.1.174_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} | 
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect | 
"{606B8881-9CF6-4B99-8AB4-766F5E24F7A2}" = dir=in | name=evernote touch | 
"{67EFB8FC-16D1-4C04-A61C-D67008E15EB4}" = dir=out | name=toshiba central | 
"{69B7C090-0C5C-4877-9D8D-D84CBFD58CD4}" = dir=out | name=kindle | 
"{6A975060-9063-41A5-9D8A-E2D95CF14271}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{74D2EB40-17A1-4062-BDF3-70A0A995F66C}" = protocol=6 | dir=in | app=c:\users\nicho_000\appdata\local\temp\7zs7e0b.tmp\symnrt.exe | 
"{7B1C9B40-87F2-4FAF-82F4-20A7567CF2AE}" = dir=out | name=norton studio | 
"{7C4C5AC7-6EA4-495F-9425-1D5152B3DB67}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{7C531C5D-1338-4CD1-8E07-4BE7AF676888}" = protocol=17 | dir=in | app=c:\users\nicho_000\appdata\local\temp\7zs7e0b.tmp\symnrt.exe | 
"{7E99BAD9-213E-4015-9CD5-A7E804E604D9}" = dir=out | name=zinio | 
"{80D35898-DB96-4725-9DA6-F87D18099032}" = dir=out | name=- games app - | 
"{84FD0AE8-21F2-4B56-92DD-49783AACB728}" = dir=out | name=amazon | 
"{85ADEAD9-574E-4981-83DF-8479CFB37A14}" = dir=in | name=toshiba media player by smedio truelink+ | 
"{8F212B9F-F9CD-4A78-A99D-5D3DCEE3DB3A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{8FE04F7B-29DD-46AD-B531-7234F842796C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{A2F784D7-4D9B-4DBD-A73E-5CF524C4BE23}" = dir=out | name=@{microsoft.bingnews_3.0.1.174_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} | 
"{A40828E0-A2FB-4B7C-955E-CA85D0D24B5F}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{ACB500A1-57C4-475D-BD79-8C408A3E0074}" = protocol=17 | dir=in | app=c:\users\nicho_000\appdata\roaming\utorrent\utorrent.exe | 
"{AF76BD3A-263E-4DE8-9F8E-2090602E55CA}" = dir=out | name=hulu plus | 
"{B3259EC2-10EC-431F-B27F-C3E4762FB131}" = dir=out | name=deals & offers | 
"{B8C18168-D47B-4D35-AE90-62D530776AA5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{BB2178A4-48A2-4DEB-8957-CD7101DC54FB}" = dir=out | name=ebay | 
"{BE010E61-BAE7-4D29-A4F1-01EC0EA9EEF2}" = dir=out | name=netflix | 
"{BEBDC046-3BE1-404F-A56B-9A85AA2D118C}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9600.16384_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | 
"{BF997EA2-560F-4DAC-909F-769BECA0B91F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{C64F6B90-A132-4DA5-9C87-E41CDE6AF8FD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{CB438020-956C-4F65-8B2E-505D8BC56EA3}" = dir=out | name=@{microsoft.bingfinance_3.0.1.174_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} | 
"{CB8A965E-4347-408B-9C59-D7141AC69FB7}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn | 
"{D9F05EC8-5280-4236-B268-EBF50CB1C1CD}" = dir=out | name=@{microsoft.bingsports_3.0.1.174_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} | 
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn | 
"{E3AF2586-A2E7-4F6F-B610-7C4E30263B7A}" = dir=in | name=@{microsoft.xboxcompanion_1.2.160.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxcompanion/resources/33279} | 
"{E705A8C5-7607-4986-B0F9-AF8F39B4FA87}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{E72FBD9A-0160-409F-AA21-868394DC5C13}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{EAAC7E0C-DECB-440E-89BB-F5F880CF242F}" = dir=in | name=skype | 
"{EC746BD6-33C9-42CC-8697-6A309FBD04DE}" = dir=out | name=skype | 
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn | 
"{EEFCB81A-8FA6-4275-A63C-7032A23259CE}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9600.16384_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | 
"{F2102D4B-94AA-41B9-BAD7-E44975DA0786}" = dir=out | name=@{microsoft.bingmaps_2.0.2009.2356_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | 
"{F4EA5CB2-475E-4E5E-980C-9E87B7187E83}" = dir=out | name=book place | 
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client | 
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client | 
"{F85517BB-142B-4F32-9025-FC298AF05DC7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{F8996A21-4B25-4774-936D-6A8B76987D6C}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{11955FE2-CAC6-4C3B-AA68-F787D7405400}" = TOSHIBA Display Utility
"{1515F5E3-29EA-4CD1-A981-032D88880F09}" = TOSHIBA Audio Enhancement
"{16562A90-71BC-41A0-B890-D91B0C267120}" = TOSHIBA Function Key
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{21A63CA3-75C0-4E56-B602-B7CD2EF6B621}" = TOSHIBA Application Installer
"{2DD71ACB-552D-402C-9529-7906ACB95C30}" = Adobe Photoshop Lightroom 5.3 64-bit
"{34FE5428-54F4-3883-9372-AD81FFD14F69}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.20617
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{409CB30E-E457-4008-9B1A-ED1B9EA21140}" = Intel® Rapid Storage Technology
"{588A747E-CFF6-46B3-9207-CD754F9473AF}" = IDT Audio Driver
"{5944B9D4-3C2A-48DE-931E-26B31714A2F7}" = TOSHIBA eco Utility
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{89AFB053-A343-46EF-97E4-D593AD7184E6}" = Intel® Trusted Connect Service Client
"{8DCF8C8F-4ADA-3395-BF10-A3437F9929D4}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.20617
"{93F692D4-0C4D-4EED-9BFE-657C1D5959FE}" = Intel® Rapid Storage Technology
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 326.60
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 326.60
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.6.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 8.3.14
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.13.0725
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 8.3.14
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{FBFCEEA5-96EA-4C8E-9262-43CBBEBAE413}" = TOSHIBA Service Station
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 5.10 beta 2 (64-bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00E094E1-A852-11E2-803D-ACEA632352B4}" = Adobe Dreamweaver CC
"{05A55927-DB9B-4E26-BA44-828EBFF829F0}" = TOSHIBA System Settings
"{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}" = Cisco PEAP Module
"{11244D6B-9842-440F-8579-6A4D771A0D9B}" = Toshiba Book Place
"{1DFE7F53-BF57-B75D-BA28-5586357C2A51}" = Adobe® Content Viewer
"{1E6A96A1-2BAB-43EF-8087-30437593C66C}" = TOSHIBA System Driver
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F2DC3EA-9682-3AAA-BB63-D9BC1AC17960}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.20617
"{1f407217-9aec-4146-8504-e64ac959c534}" = Microsoft Visual C++ 2013 Preview Redistributable (x86) - 12.0.20617
"{1FBAE18D-4DE4-47AA-83EC-D1B046F262DC}" = PDF Settings CC
"{23D3F585-AE29-4670-8E3E-64A0EFB29240}" = Adobe Acrobat XI Pro
"{29AA12E9-934C-485E-A9A1-D823FEB29880}" = Adobe SpeedGrade CC
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}" = Adobe Photoshop CC
"{2DFA9084-CEB3-4A48-B9F7-9038FEF1B8F4}" = DTS Studio Sound
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Qualcomm Atheros Inc.® AR81Family Gigabit/Fast Ethernet Driver
"{317243C1-6580-4F43-AED7-37D4438C3DD5}" = Adobe After Effects CC
"{3384E1D9-3F18-4A98-8655-180FEF0DFC02}" = TOSHIBA User's Guide
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{359F8007-6486-429C-A8C5-D67F6897C88C}" = Adobe Bridge CC (64 Bit)
"{420ED767-62A5-462F-9DDA-AE3A95D4BF32}" = Alcor Micro USB Card Reader
"{448652c1-f5f3-4230-98c6-68c10c88b1fb}" = Microsoft Visual C++ 2013 Preview Redistributable (x64) - 12.0.20617
"{505FF1AC-E7F5-4462-BBA7-08900E7E9EEF}" = Adobe Premiere Pro CC
"{5AF550B4-BB67-4E7E-82F1-2C4300279050}" = TOSHIBARegistration
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-toshiba" = WildTangent Games App (Toshiba Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74D52476-2E1E-3F1B-8460-E4ECF2FB6491}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.20617
"{78931270-BC9E-441A-A52B-73ECD4ACFAB5}" = TOSHIBA Password Utility
"{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX
"{8f29d204-f85e-4d8d-87b0-7ba66bffc1aa}" = Avira
"{90150000-0138-0409-0000-0000000FF1CE}" = Microsoft Office
"{95F38874-065A-40AB-AFC1-B764B192FFE7}" = REALTEK Wireless LAN Driver
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A74C9CC1-2211-4A75-A688-6F7CFE2C2B12}" = TOSHIBA Start
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-1033-FFFF-7760-000000000006}" = Adobe Acrobat XI Pro
"{AC76BA86-7AD7-FFFF-7B44-AB0000000001}" = Adobe Reader XI (11.0.03)  MUI
"{AF312B06-5C5C-468E-89B3-BE6DE2645722}" = Cisco LEAP Module
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = CyberLink PowerDVD 12
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{B92C2C6C-F70E-497B-88A7-1FEF9888272B}" = Adobe AIR
"{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}" = LPT System Updater Service
"{BC448016-6F11-1014-B0EA-97CEE6E26CB6}" = Adobe InDesign CC
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{CA7C485C-7A89-11E1-B2C8-CD54B377BC52}" = Adobe Fireworks CS6
"{E69992ED-A7F6-406C-9280-1C156417BC49}" = TOSHIBA Quality Application
"{E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}" = Google Drive
"{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}" = Toshiba App Place
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F2321021-08A2-44D6-B1DF-BDB415F23EC3}" = Adobe Illustrator CC
"{F52985D7-E765-457F-9C00-83D463690F73}" = Avira
"Adobe AIR" = Adobe AIR
"Adobe Creative Cloud" = Adobe Creative Cloud
"AmUStor" = Alcor Micro USB Card Reader
"Avira AntiVir Desktop" = Avira Free Antivirus
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"com.adobe.dmp.contentviewer" = Adobe® Content Viewer
"Google Chrome" = Google Chrome
"InstallShield_{78931270-BC9E-441A-A52B-73ECD4ACFAB5}" = TOSHIBA Password Utility
"InstallShield_{95F38874-065A-40AB-AFC1-B764B192FFE7}" = REALTEK Wireless LAN Driver
"InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = CyberLink PowerDVD 12
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.00.0.1000
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"NAT" = Norton Anti-Theft
"WildTangent wildgames Master Uninstall" = WildTangent Games
"WTA-2f5dd651-cd30-45dc-87d1-a1ad17c7a914" = King Oddball
"WTA-4c14caba-8c04-45f7-8c00-ef265aea6f60" = Bejeweled 3
"WTA-637adc53-20f5-41ce-8cc0-89ab505f3eaf" = Plants vs. Zombies - Game of the Year
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 4/5/2014 8:10:39 PM | Computer Name = SCR | Source = Software Protection Platform Service | ID = 16385
Description = Failed to schedule Software Protection service for re-start at 2114-03-13T00:10:39Z.
 Error Code: 0x80040154.
 
Error - 4/5/2014 8:11:09 PM | Computer Name = SCR | Source = Software Protection Platform Service | ID = 16385
Description = Failed to schedule Software Protection service for re-start at 2114-03-13T00:11:09Z.
 Error Code: 0x80040154.
 
Error - 4/5/2014 8:11:39 PM | Computer Name = SCR | Source = Software Protection Platform Service | ID = 16385
Description = Failed to schedule Software Protection service for re-start at 2114-03-13T00:11:39Z.
 Error Code: 0x80040154.
 
Error - 4/5/2014 8:12:09 PM | Computer Name = SCR | Source = Software Protection Platform Service | ID = 16385
Description = Failed to schedule Software Protection service for re-start at 2114-03-13T00:12:09Z.
 Error Code: 0x80040154.
 
Error - 4/5/2014 8:12:39 PM | Computer Name = SCR | Source = Software Protection Platform Service | ID = 16385
Description = Failed to schedule Software Protection service for re-start at 2114-03-13T00:12:39Z.
 Error Code: 0x80040154.
 
Error - 4/5/2014 8:13:09 PM | Computer Name = SCR | Source = Software Protection Platform Service | ID = 16385
Description = Failed to schedule Software Protection service for re-start at 2114-03-13T00:13:09Z.
 Error Code: 0x80040154.
 
Error - 4/5/2014 8:13:39 PM | Computer Name = SCR | Source = Software Protection Platform Service | ID = 16385
Description = Failed to schedule Software Protection service for re-start at 2114-03-13T00:13:39Z.
 Error Code: 0x80040154.
 
Error - 4/5/2014 8:14:09 PM | Computer Name = SCR | Source = Software Protection Platform Service | ID = 16385
Description = Failed to schedule Software Protection service for re-start at 2114-03-13T00:14:09Z.
 Error Code: 0x80040154.
 
Error - 4/5/2014 8:14:39 PM | Computer Name = SCR | Source = Software Protection Platform Service | ID = 16385
Description = Failed to schedule Software Protection service for re-start at 2114-03-13T00:14:39Z.
 Error Code: 0x80040154.
 
Error - 4/5/2014 8:15:09 PM | Computer Name = SCR | Source = Software Protection Platform Service | ID = 16385
Description = Failed to schedule Software Protection service for re-start at 2114-03-13T00:15:09Z.
 Error Code: 0x80040154.
 
[ System Events ]
Error - 4/6/2014 12:05:29 AM | Computer Name = SCR | Source = Service Control Manager | ID = 7000
Description = The Norton Anti-Theft service failed to start due to the following
 error:   %%5
 
Error - 4/6/2014 1:36:45 AM | Computer Name = SCR | Source = Microsoft-Windows-BitLocker-Driver | ID = 24620
Description = Encrypted volume check: Volume information on E: cannot be read.
 
Error - 4/6/2014 3:08:15 AM | Computer Name = SCR | Source = Service Control Manager | ID = 7000
Description = The Norton Anti-Theft service failed to start due to the following
 error:   %%5
 
Error - 4/6/2014 3:47:42 AM | Computer Name = SCR | Source = Service Control Manager | ID = 7000
Description = The Norton Anti-Theft service failed to start due to the following
 error:   %%5
 
Error - 4/6/2014 3:49:01 AM | Computer Name = SCR | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
 response from the iphlpsvc service.
 
Error - 4/6/2014 3:50:33 AM | Computer Name = SCR | Source = Service Control Manager | ID = 7000
Description = The Norton Anti-Theft service failed to start due to the following
 error:   %%5
 
Error - 4/6/2014 3:56:11 AM | Computer Name = SCR | Source = Service Control Manager | ID = 7000
Description = The Norton Anti-Theft service failed to start due to the following
 error:   %%5
 
Error - 4/6/2014 3:56:54 AM | Computer Name = SCR | Source = Service Control Manager | ID = 7043
Description = The Group Policy Client service did not shut down properly after receiving
 a preshutdown control.
 
Error - 4/6/2014 3:57:26 AM | Computer Name = SCR | Source = Service Control Manager | ID = 7000
Description = The Network List Service service failed to start due to the following
 error:   %%3
 
Error - 4/6/2014 3:57:26 AM | Computer Name = SCR | Source = Service Control Manager | ID = 7000
Description = The Diagnostic Service Host service failed to start due to the following
 error:   %%3
 
 
< End of report >
 

 


    Advertisements

Register to Remove


#2 ----------------

----------------

    SuperMember

  • Authentic Member
  • PipPipPipPipPip
  • 1,095 posts

Posted 07 April 2014 - 05:41 AM

Your logs show obvious signs of having cracked software on your system. This is the main reason your computer is infected. Visiting cracksites/warezsites - and other questionable/illegal sites is always a risk.

Even a single click on the site can drop multiple forms of very serious malware, many of which disable your onboard protection, and System Restore.

If you install the cracked software, you are running executable files from these dubious, unknown sources. You are in effect giving these sources access to information on your hard disk, and potential control over the operation of your computer.

Additionally, cracked programs are illegal. Referring to the Forum Rules which you should have read at the time of Registering at this forum, this forum does not support illegal activity. As such, be advised that any request for assistance in removing malware may go unanswered, or may be discontinued, if the cracked (illegal) software is still present on the machine

Having said that we can help you clean your machine this time BUT this would be a ONCE ONLY offer on the understanding that all cracks are removed. This would apply not only here but at many other Malware Support forums if you were to appear again with cracks onboard, as many of us analysts work at multiple support sites. Please remove all cracked software and illegally obtained copyrighted material you have on the system so we may continue with the clean up.


Proud Member of UNITE & TB
 

#3 ----------------

----------------

    SuperMember

  • Authentic Member
  • PipPipPipPipPip
  • 1,095 posts

Posted 22 April 2014 - 06:38 AM

Due to inactivity this topic will be closed.
If you need help please start a new thread.

New members follow the instructions here http://forums.whatth...ed_t106388.html and start a new topic
Proud Member of UNITE & TB
 

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users