Questions, questions - Page 2 - Computer Technical Help

So what would you suggest me do now? Do a clean install of windows to see if my issue will be fixed? Thus delete the existing partition first and then install it the same way with my asus windows 7 reinstallation cd? I also have a asus utility cd as well that i use after installation to add drivers and everything. So you want me to do that as well?

Yes i was told defragging ssds made it worst. So i stopped doing this. The thing is my laptop has always been pretty slow after a while.

Also another thing i want to mention is i dont do anything to my holdem manager 2 like vacuuming or stuff like that. Do you think that could be an issue as well? The reason i dont do that is b/c i dont know how to do it and dont want to mess hem2 up in the process.

Quote

10-03-2014 , 05:13 AM

#27

thunderbolts

Pooh-Bah

Join Date: Aug 2008 Posts: 3,596

You should definitely keep your HEM2 database in check. If you don't know how to ask the guys in the support threads (part of the software forum here) or on the HEM website itself. They'll steer you in the right direction.

Quote

10-07-2014 , 06:55 AM

#28

PaulyJames200x

Pooh-Bah

Join Date: Aug 2014 Posts: 4,027

Do you think it could be because i have ibuster and gbuster popup that starts everytime my laptop starts? I see this every single time and i'm not sure how to fix it.

Quote

10-07-2014 , 06:57 AM

#29

PaulyJames200x

Pooh-Bah

Join Date: Aug 2014 Posts: 4,027

Have this popup every single time i start up windows 7 64 bit. Has been for quite a while. One of the boxes shows up then goes away. The other i would always to close it myself.

Could this be one of the reasons i have such lag on my laptop?

Quote

10-07-2014 , 10:09 AM

#30

Gabethebabe

Malware Jedi

Join Date: Oct 2007 Posts: 27,387

Can you show me an OTL log, as instructed in the malware sticky.

Quote

10-09-2014 , 08:07 PM

#31

PaulyJames200x

Pooh-Bah

Join Date: Aug 2014 Posts: 4,027

OTL logfile created on: 10/9/2014 8:09:27 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Danny\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17280)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.79 Gb Total Physical Memory | 3.51 Gb Available Physical Memory | 45.03% Memory free
15.59 Gb Paging File | 11.11 Gb Available in Paging File | 71.31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232.88 Gb Total Space | 90.39 Gb Free Space | 38.81% Space Free | Partition Type: NTFS

Computer Name: DANNY-PC | User Name: Danny | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/10/09 20:07:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Danny\Downloads\OTL.exe
PRC - [2014/09/23 00:07:06 | 000,852,808 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/09/12 05:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/06/27 11:52:26 | 002,088,408 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2014/06/24 10:42:12 | 004,101,576 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2014/06/24 10:41:42 | 001,738,168 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2014/04/25 14:12:20 | 000,171,928 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2014/04/25 05:56:12 | 005,024,576 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
PRC - [2013/08/30 22:35:54 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2012/05/25 05:25:02 | 006,595,928 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
PRC - [2012/01/18 06:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
PRC - [2011/01/28 01:15:33 | 000,066,048 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files (x86)\PostgreSQL\8.4\bin\pg_ctl.exe
PRC - [2011/01/28 01:13:43 | 004,538,368 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
PRC - [2010/05/03 14:45:50 | 000,182,912 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2010/05/03 14:41:46 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2010/04/26 09:37:54 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2010/03/27 08:34:00 | 001,800,808 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2010/02/04 14:05:32 | 007,350,912 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2009/12/15 10:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009/10/14 13:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
PRC - [2009/10/14 13:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\logishrd\LQCVFX\COCIManager.exe
PRC - [2009/10/07 01:47:22 | 000,125,464 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\LVPrS64H.exe
PRC - [2009/07/16 15:35:42 | 005,458,704 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe
PRC - [2009/06/19 10:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009/06/19 10:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009/06/15 17:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2008/12/22 17:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2007/08/03 12:24:54 | 000,125,496 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe

========== Modules (No Company Name) ==========

MOD - [2014/09/23 00:07:05 | 000,331,592 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppgo oglenaclpluginchrome.dll
MOD - [2014/09/23 00:07:04 | 014,891,848 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\Pepp erFlash\pepflashplayer.dll
MOD - [2014/09/23 00:07:02 | 008,577,864 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf. dll
MOD - [2014/09/23 00:06:58 | 001,098,056 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libg lesv2.dll
MOD - [2014/09/23 00:06:56 | 000,174,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libe gl.dll
MOD - [2014/09/23 00:06:55 | 001,660,232 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ffmp egsumo.dll
MOD - [2014/05/13 12:04:48 | 000,167,768 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
MOD - [2014/05/13 12:04:46 | 000,109,400 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2014/05/13 12:04:42 | 000,416,600 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
MOD - [2014/02/12 21:58:32 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/02/12 21:58:10 | 001,044,808 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/05/25 05:25:00 | 000,921,600 | ---- | M] () -- C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
MOD - [2012/05/25 05:25:00 | 000,078,336 | ---- | M] () -- C:\Program Files (x86)\Yahoo!\Messenger\pcre.dll
MOD - [2010/04/26 09:37:54 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2009/10/14 13:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
MOD - [2009/10/14 13:36:34 | 000,181,592 | ---- | M] () -- C:\Program Files (x86)\Common Files\logishrd\LvApi11\LvApi11.dll
MOD - [2009/10/14 13:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\logishrd\LQCVFX\COCIManager.exe
MOD - [2009/09/23 11:07:14 | 000,204,800 | ---- | M] () -- C:\Program Files (x86)\ASUS\VirtualCamera\virtualCamera.ax
MOD - [2009/07/16 15:36:20 | 000,138,000 | ---- | M] () -- C:\Program Files (x86)\Logitech\Logitech Vid\plugins\imageformats\qjpeg4.dll
MOD - [2009/07/16 15:36:16 | 000,035,088 | ---- | M] () -- C:\Program Files (x86)\Logitech\Logitech Vid\plugins\imageformats\qico4.dll
MOD - [2009/07/16 15:36:16 | 000,028,944 | ---- | M] () -- C:\Program Files (x86)\Logitech\Logitech Vid\plugins\imageformats\qgif4.dll
MOD - [2009/07/16 15:35:30 | 000,027,408 | ---- | M] () -- C:\Program Files (x86)\Logitech\Logitech Vid\SDL.dll
MOD - [2009/07/16 15:35:20 | 000,363,792 | ---- | M] () -- C:\Program Files (x86)\Logitech\Logitech Vid\qtxml4.dll
MOD - [2009/07/16 15:35:08 | 011,311,888 | ---- | M] () -- C:\Program Files (x86)\Logitech\Logitech Vid\QtWebKit4.dll
MOD - [2009/07/16 15:34:56 | 000,199,952 | ---- | M] () -- C:\Program Files (x86)\Logitech\Logitech Vid\qtsql4.dll
MOD - [2009/07/16 15:34:46 | 000,475,408 | ---- | M] () -- C:\Program Files (x86)\Logitech\Logitech Vid\QtOpenGL4.dll
MOD - [2009/07/16 15:34:34 | 000,968,976 | ---- | M] () -- C:\Program Files (x86)\Logitech\Logitech Vid\QtNetwork4.dll
MOD - [2009/07/16 15:34:22 | 007,704,336 | ---- | M] () -- C:\Program Files (x86)\Logitech\Logitech Vid\QtGui4.dll
MOD - [2009/07/16 15:34:22 | 002,140,944 | ---- | M] () -- C:\Program Files (x86)\Logitech\Logitech Vid\QtCore4.dll
MOD - [2009/07/16 15:34:12 | 000,291,600 | ---- | M] () -- C:\Program Files (x86)\Logitech\Logitech Vid\phonon4.dll

========== Services (SafeList) ==========

SRV:64bit: - [2014/08/22 15:14:34 | 000,368,624 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2014/08/22 15:14:34 | 000,023,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2014/08/18 18:03:37 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/10/07 01:47:10 | 000,191,000 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcS64)
SRV:64bit: - [2007/08/03 12:24:54 | 000,125,496 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr)
SRV - [2014/09/24 00:56:50 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/09/19 16:41:18 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/09/12 05:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/04/25 05:56:12 | 005,024,576 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
SRV - [2014/03/20 18:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\msco rsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012/01/18 06:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011/01/28 01:15:33 | 000,066,048 | ---- | M] (PostgreSQL Global Development Group) [Auto | Running] -- C:\Program Files (x86)\PostgreSQL\8.4\bin\pg_ctl.exe -- (postgresql-8.4)
SRV - [2010/03/27 08:34:00 | 001,800,808 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2009/12/15 10:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009/06/15 17:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/07/28 14:52:00 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2014/07/17 18:05:06 | 000,125,584 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2013/07/20 12:12:40 | 000,041,976 | ---- | M] (NetFilterSDK.com) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\networx.sys -- (networx)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/06/27 02:37:00 | 002,753,536 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/08/25 19:36:04 | 010,611,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/04/13 06:15:04 | 000,135,560 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2010/03/04 05:53:02 | 000,075,816 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010/02/26 04:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010/02/02 18:38:30 | 000,271,872 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2009/12/16 22:42:08 | 000,538,136 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/10/07 04:49:27 | 006,379,288 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2009/10/07 04:47:44 | 000,327,704 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2009/10/07 01:45:50 | 000,030,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2009/10/07 01:45:50 | 000,030,232 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2009/09/17 19:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/07/20 05:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/05 06:15:56 | 001,806,400 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC)
DRV:64bit: - [2009/05/13 09:07:20 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2008/05/23 17:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2007/08/03 00:26:48 | 000,017,464 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/02 17:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {ED5B04AA-AAF7-4CB8-AB62-0735CAA70B7A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/?rd=1&ucc=CA&dcc=CA&opt=0
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKCU\..\SearchScopes\{ABB4E0A8-EA91-4DC0-B470-26DD4ED030E2}: "URL" = https://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
IE - HKCU\..\SearchScopes\{ED5B04AA-AAF7-4CB8-AB62-0735CAA70B7A}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&cti d=CT3306061&CUI=UN15894092063093090&UM=2
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.trovi.com/?gd=&ctid=CT3326235&octid=EB_ORIGINAL_CTID&ISID=M3 066F0DE-1454-4718-A9E5-E02B5FF43957&SearchSource=55&CUI=&UM=6&UP=SP1B5636 5B-CC5B-4BAF-9A07-52BF2164A1B6&SSPV="
FF - prefs.js..extensions.enabledAddons: %7B58d2a791-6199-482f-a9aa-9b725ec61362%7D:2.3
FF - prefs.js..extensions.enabledAddons: saebay%40mybrowserbar.com:1.7
FF - prefs.js..extensions.enabledAddons: saamazon%40mybrowserbar.com:1.7
FF - prefs.js..extensions.enabledAddons: c1b9d306-75ba-4390-8a8b-76b504015572%40gmail.com:0.95.49
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:31.0
FF - prefs.js..keyword.URL: "https://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p="

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_ 152.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_ 152.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Danny\AppData\Roaming\Mozilla\plugins\npg oogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Danny\AppData\Roaming\Mozilla\plugins\npo 1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Danny\AppData\Local\Google\Update\1.3.24. 15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Danny\AppData\Local\Google\Update\1.3.24. 15\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extens ions\\ISAllmytube@iSkysoft.com: C:\ProgramData\iSkysoft\iTube Studio\ISAllmytube@iSkysoft.com\ [2014/08/22 22:18:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2013/09/16 16:20:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Danny\AppData\Roaming\Mozilla\Extensions
[2014/09/21 11:16:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Pro files\wl324c8p.default\extensions
[2014/06/11 13:29:31 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Pro files\wl324c8p.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2014/09/21 11:16:02 | 000,000,000 | ---D | M] ("Plus-HD-V1.4c") -- C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Pro files\wl324c8p.default\extensions\c1b9d306-75ba-4390-8a8b-76b504015572@gmail.com
[2014/10/02 14:51:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Pro files\wl324c8p.default\extensions\c1b9d306-75ba-4390-8a8b-76b504015572@gmail.com\extensionData
[2014/10/02 14:51:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Pro files\wl324c8p.default\extensions\c1b9d306-75ba-4390-8a8b-76b504015572@gmail.com\extensionData\plugins
[2014/10/02 14:51:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Pro files\wl324c8p.default\extensions\c1b9d306-75ba-4390-8a8b-76b504015572@gmail.com\extensionData\userCode
[2014/06/26 23:46:25 | 000,007,980 | ---- | M] () (No name found) -- C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Pro files\wl324c8p.default\extensions\saamazon@mybrows erbar.com.xpi
[2014/06/26 23:46:25 | 000,007,203 | ---- | M] () (No name found) -- C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Pro files\wl324c8p.default\extensions\saebay@mybrowser bar.com.xpi
[2014/06/26 23:46:25 | 000,008,833 | ---- | M] () (No name found) -- C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Pro files\wl324c8p.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}.xpi
[2014/08/22 22:27:17 | 000,000,643 | ---- | M] () -- C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Pro files\wl324c8p.default\searchplugins\trovi-search.xml
[2014/06/23 22:52:12 | 000,008,074 | ---- | M] () -- C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Pro files\wl324c8p.default\searchplugins\yahoo_ff.xml
[2014/09/19 16:40:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/09/19 16:41:19 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url = http://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms},
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\Pepp erFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGo ogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf. dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - Extension: No name found = C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigk jlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmn hjmhfn\0.1.1.5023_0\
CHR - Extension: No name found = C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljnie djpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia\7_1\

O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [NetWorx] C:\Program Files\NetWorx\networx.exe (SoftPerfect Research)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [Calculator] C:\Windows\winfaith1.exe (IBuster)
O4 - HKLM..\Run: [Calculator2] C:\Windows\winfaith1.exe (IBuster)
O4 - HKLM..\Run: [DelaypluginInstall] C:\ProgramData\iSkysoft\iTube Studio\DelayPluginI.exe ()
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [iSkysoft Helper Compact.exe] C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe File not found
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [Notepad] C:\Windows\winfaith3.exe ()
O4 - HKLM..\Run: [Notepad2] C:\Windows\winfaith3.exe ()
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
O4 - HKCU..\Run: [CPN Notifier] C:\Program Files (x86)\Intertops Poker\PokerNotifier.exe File not found
O4 - HKCU..\Run: [Logitech Vid] C:\Program Files (x86)\Logitech\Logitech Vid\vid.exe (Logitech Inc.)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [Spybot-S&D Cleaning] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: aol.com ([free] http in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{AC7B748B-F756-4795-B847-49A4E82DBC55}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{BAFBB10B-DFA6-4FEF-B14F-0337882A9835}: NameServer = 192.168.1.1,218.248.240.23
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{E1DA939D-0673-41D8-B188-418EC852E528}: DhcpNameServer = 192.168.1.1 23.233.128.16 24.225.128.17
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\WSISAllmytubechrome - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\WSISAllmytubechrome - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{70fb3a3e-11cc-11e3-bac0-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{70fb3a3e-11cc-11e3-bac0-806e6f6e6963}\Shell\AutoRun\command - "" = D:\InstAll.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

MsConfig:64bit - StartUpReg: Setwallpaper - hkey= - key= - File not found
MsConfig:64bit - State: "startup" - Reg Error: Key error.
MsConfig:64bit - State: "services" - Reg Error: Key error.

SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: MsMpSvc - c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: MsMpSvc - c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {7DEBE4EB-6B40-3766-BB35-5CBBC385DA37} - .NET Framework
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {7DEBE4EB-6B40-3766-BB35-5CBBC385DA37} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\Inst aller\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: vidc.i420 - lvcod64.dll (Logitech Inc.)
Drivers32:64bit: vidc.tsc2 - C:\Windows\SysWOW64\tsc2_codec64.dll (TechSmith Corporation)
Drivers32:64bit: vidc.tscc - C:\Windows\SysWOW64\tsccvid64.dll (TechSmith Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - C:\Windows\SysWow64\lvcodec2.dll (Logitech Inc.)
Drivers32: vidc.tsc2 - C:\Windows\SysWOW64\tsc2_codec32.dll (TechSmith Corporation)
Drivers32: vidc.tscc - C:\Windows\SysWOW64\tsccvid.dll (TechSmith Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2014/10/01 08:33:12 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2014/10/01 08:33:12 | 000,371,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2014/09/30 12:02:50 | 000,000,000 | ---D | C] -- C:\Users\Danny\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Intertops Poker
[2014/09/30 12:02:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intertops Poker
[2014/09/22 23:03:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014/09/22 23:03:30 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014/09/22 23:03:29 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014/09/22 23:03:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2014/09/22 23:03:29 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2014/09/22 20:23:08 | 000,000,000 | ---D | C] -- C:\Users\Danny\AppData\Roaming\5dimes
[2014/09/22 19:44:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\5Dimes Open Waters 8.2
[2014/09/22 19:44:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\5Dimes Open Waters 8.2
[2014/09/19 16:40:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/09/18 11:28:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2014/09/18 11:28:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2014/09/18 11:28:15 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2014/09/12 08:43:00 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\%LOCALAPPDATA%
[2014/09/12 01:43:18 | 000,596,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/09/12 01:43:18 | 000,440,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/09/12 01:43:17 | 000,758,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/09/12 01:43:17 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014/09/12 01:43:17 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014/09/12 01:43:17 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014/09/12 01:43:17 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/09/12 01:43:16 | 000,547,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/09/12 01:43:16 | 000,446,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/09/12 01:43:16 | 000,289,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/09/12 01:43:16 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/09/12 01:43:16 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/09/12 01:43:16 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/09/12 01:43:16 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/09/12 01:43:15 | 000,727,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/09/12 01:43:15 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/09/12 01:43:15 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/09/12 01:43:15 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/09/12 01:43:15 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/09/12 01:43:15 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/09/12 01:43:15 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/09/12 01:43:14 | 000,707,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/09/12 01:43:14 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/09/12 01:43:14 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/09/12 01:43:13 | 001,249,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014/09/12 01:43:13 | 000,775,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/09/12 01:43:13 | 000,678,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/09/12 01:43:13 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/09/12 01:43:13 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/09/12 01:43:12 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014/09/12 01:43:12 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014/09/12 01:43:12 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/09/12 01:43:09 | 005,833,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/09/12 01:43:09 | 002,014,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/09/12 01:43:08 | 002,104,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/09/12 01:29:12 | 002,777,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2014/09/12 01:29:12 | 002,285,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2014/09/11 11:40:11 | 001,031,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWorkspace.dll
[2014/09/11 11:40:11 | 000,793,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TSWorkspace.dll
[2014/09/11 11:34:25 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2014/09/11 11:34:03 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014/09/11 11:33:56 | 000,578,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/09/11 11:33:56 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll

========== Files - Modified Within 30 Days ==========

[2014/10/09 20:09:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1114655744-1173224406-940418700-1000UA.job
[2014/10/09 20:09:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1114655744-1173224406-940418700-1000Core.job
[2014/10/09 19:56:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/10/09 19:35:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/10/09 13:55:45 | 000,018,736 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/10/09 13:55:45 | 000,018,736 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/10/09 13:48:14 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/10/09 13:48:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/10/09 13:48:02 | 1981,128,703 | -HS- | M] () -- C:\hiberfil.sys
[2014/10/07 00:14:38 | 000,782,470 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/10/07 00:14:38 | 000,662,634 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/10/07 00:14:38 | 000,122,470 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/10/07 00:11:07 | 000,012,425 | ---- | M] () -- C:\Users\Danny\Documents\starsss.odt
[2014/10/06 23:53:52 | 000,013,505 | ---- | M] () -- C:\Users\Danny\Documents\Accounts.ods
[2014/10/06 23:41:56 | 211,182,530 | ---- | M] () -- C:\Users\Danny\Documents\Seinfeld Season 4 Episode 10 Full HD.mp4
[2014/10/06 23:40:30 | 206,899,843 | ---- | M] () -- C:\Users\Danny\Documents\Seinfeld Season 4 Episode 9 Full HD.mp4
[2014/10/06 23:35:53 | 346,876,955 | ---- | M] () -- C:\Users\Danny\Documents\Silver Linings Playbook.mp4
[2014/10/06 23:35:53 | 214,003,147 | ---- | M] () -- C:\Users\Danny\Documents\Seinfeld Season 4 Episode 8 Full HD.mp4
[2014/10/06 23:34:12 | 265,077,675 | ---- | M] () -- C:\Users\Danny\Documents\Seinfeld Season 4 Episode 6 Full HD.mp4
[2014/10/06 23:27:25 | 210,681,981 | ---- | M] () -- C:\Users\Danny\Documents\Seinfeld Season 4 Episode 7 Full HD.mp4
[2014/10/06 23:26:38 | 425,755,034 | ---- | M] () -- C:\Users\Danny\Documents\Seinfeld Season 4 Episode 3 4 Full HD.mp4
[2014/10/06 23:20:51 | 210,363,552 | ---- | M] () -- C:\Users\Danny\Documents\Seinfeld Season 4 Episode 5 Full HD.mp4
[2014/10/06 22:48:30 | 211,776,602 | ---- | M] () -- C:\Users\Danny\Documents\Seinfeld Season 4 Episode 1 Full HD.mp4
[2014/10/06 22:47:46 | 209,765,810 | ---- | M] () -- C:\Users\Danny\Documents\Seinfeld Season 4 Episode 2 Full HD.mp4
[2014/10/05 12:09:32 | 000,001,090 | ---- | M] () -- C:\Users\Public\Desktop\HoldemManager2.lnk
[2014/09/30 16:15:33 | 000,008,987 | ---- | M] () -- C:\Users\Danny\Documents\stars document.odt
[2014/09/30 12:02:50 | 000,001,112 | ---- | M] () -- C:\Users\Danny\Application Data\Microsoft\Internet Explorer\Quick Launch\Intertops Poker.lnk
[2014/09/30 12:02:50 | 000,001,088 | ---- | M] () -- C:\Users\Danny\Desktop\Intertops Poker.lnk
[2014/09/24 22:08:38 | 000,371,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2014/09/24 21:40:50 | 000,519,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2014/09/24 19:38:22 | 000,002,185 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/09/24 00:56:46 | 000,701,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/09/24 00:56:46 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/09/22 23:03:58 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/09/22 20:29:56 | 000,002,059 | ---- | M] () -- C:\Users\Public\Desktop\5Dimes Open Waters 8.2.lnk
[2014/09/21 02:51:21 | 000,030,512 | ---- | M] () -- C:\Users\Danny\Documents\matcchbook.odt
[2014/09/18 11:28:17 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2014/09/12 01:42:23 | 000,775,084 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/09/12 01:32:41 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2014/09/11 23:01:42 | 000,171,998 | ---- | M] () -- C:\Users\Danny\Documents\boa transfer.png
[2014/09/11 11:28:49 | 000,023,015 | ---- | M] () -- C:\Users\Danny\Documents\wetones.odt
[2014/09/10 09:04:09 | 000,018,135 | ---- | M] () -- C:\Windows\wininit.ini

========== Files Created - No Company Name ==========

[2014/10/06 23:41:54 | 211,182,530 | ---- | C] () -- C:\Users\Danny\Documents\Seinfeld Season 4 Episode 10 Full HD.mp4
[2014/10/06 23:40:28 | 206,899,843 | ---- | C] () -- C:\Users\Danny\Documents\Seinfeld Season 4 Episode 9 Full HD.mp4
[2014/10/06 23:35:51 | 214,003,147 | ---- | C] () -- C:\Users\Danny\Documents\Seinfeld Season 4 Episode 8 Full HD.mp4
[2014/10/06 23:35:47 | 346,876,955 | ---- | C] () -- C:\Users\Danny\Documents\Silver Linings Playbook.mp4
[2014/10/06 23:34:10 | 265,077,675 | ---- | C] () -- C:\Users\Danny\Documents\Seinfeld Season 4 Episode 6 Full HD.mp4
[2014/10/06 23:27:24 | 210,681,981 | ---- | C] () -- C:\Users\Danny\Documents\Seinfeld Season 4 Episode 7 Full HD.mp4
[2014/10/06 23:26:34 | 425,755,034 | ---- | C] () -- C:\Users\Danny\Documents\Seinfeld Season 4 Episode 3 4 Full HD.mp4
[2014/10/06 23:20:49 | 210,363,552 | ---- | C] () -- C:\Users\Danny\Documents\Seinfeld Season 4 Episode 5 Full HD.mp4
[2014/10/06 22:48:28 | 211,776,602 | ---- | C] () -- C:\Users\Danny\Documents\Seinfeld Season 4 Episode 1 Full HD.mp4
[2014/10/06 22:47:45 | 209,765,810 | ---- | C] () -- C:\Users\Danny\Documents\Seinfeld Season 4 Episode 2 Full HD.mp4
[2014/09/30 12:02:16 | 000,001,112 | ---- | C] () -- C:\Users\Danny\Application Data\Microsoft\Internet Explorer\Quick Launch\Intertops Poker.lnk
[2014/09/30 12:02:16 | 000,001,088 | ---- | C] () -- C:\Users\Danny\Desktop\Intertops Poker.lnk
[2014/09/22 23:03:58 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/09/22 19:44:16 | 000,002,059 | ---- | C] () -- C:\Users\Public\Desktop\5Dimes Open Waters 8.2.lnk
[2014/09/21 01:33:40 | 000,030,512 | ---- | C] () -- C:\Users\Danny\Documents\matcchbook.odt
[2014/09/11 23:01:42 | 000,171,998 | ---- | C] () -- C:\Users\Danny\Documents\boa transfer.png
[2014/09/11 11:28:47 | 000,023,015 | ---- | C] () -- C:\Users\Danny\Documents\wetones.odt
[2014/08/31 10:27:31 | 011,791,216 | ---- | C] () -- C:\Windows\SysWow64\GbPlugin-Módulo de Segurança.com
[2014/07/16 16:46:45 | 000,199,336 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2014/07/14 01:07:40 | 000,018,135 | ---- | C] () -- C:\Windows\wininit.ini
[2014/03/11 23:33:41 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
[2014/03/11 23:33:41 | 000,002,411 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2014/02/24 18:41:53 | 011,791,216 | ---- | C] () -- C:\Windows\winfaith3.exe
[2014/01/18 00:33:16 | 000,775,084 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/10/14 14:41:43 | 000,000,017 | ---- | C] () -- C:\Users\Danny\AppData\Local\resmon.resmoncfg
[2013/09/16 16:26:00 | 000,000,000 | ---- | C] () -- C:\Users\Danny\AppData\Local\{6FFF9D47-C439-4D55-9D31-057A2905A6EC}
[2013/09/12 14:05:23 | 000,000,000 | ---- | C] () -- C:\Windows\HMHud.INI
[2013/09/02 22:33:21 | 000,000,045 | ---- | C] () -- C:\Users\Danny\AppData\Local\machpro.dat
[2013/09/02 19:08:17 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2013/09/01 17:51:20 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2013/08/30 22:33:21 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\LogonStart.dll
[2013/08/30 22:23:34 | 000,870,560 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2013/08/30 22:23:34 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2013/08/30 22:23:34 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll

========== ZeroAccess Check ==========

[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\cls id\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\cls id\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc8 7-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/06/24 22:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\cl sid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/06/24 21:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA 9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\cl sid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CD B-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\cl sid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Custom Scans ==========

< %APPDATA%\Microsoft\*.* >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %USERPROFILE%\Desktop\*.exe >

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\winn32\*.* >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.exe >
[2014/09/19 16:41:19 | 000,117,360 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\crashreporter.exe
[2014/09/19 16:41:19 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
[2014/09/19 16:41:18 | 000,119,408 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice.exe
[2014/09/19 16:41:18 | 000,198,224 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice_installer.exe
[2014/09/19 16:41:04 | 000,018,544 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
[2014/09/19 16:41:04 | 000,028,272 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-hang-ui.exe
[2014/09/19 16:41:04 | 000,277,616 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\updater.exe
[2014/09/19 16:41:04 | 000,091,032 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\webapp-uninstaller.exe
[2014/09/19 16:41:03 | 000,093,808 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\webapprt-stub.exe

< %ProgramFiles%\TinyProxy. >

< %systemroot%\system32\*.* /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.* /lockedfiles >

< %PROGRAMFILES%\*. >
[2014/09/22 19:44:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\5Dimes Open Waters 8.2
[2014/07/28 22:18:22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\888pokerNJ
[2013/08/30 23:23:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
[2014/08/17 19:47:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AGEIA Technologies
[2013/08/30 22:31:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AmIcoSingLun
[2013/08/31 18:55:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Apple Software Update
[2013/08/30 22:33:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ASUS
[2013/09/27 14:34:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Auslogics
[2013/08/31 18:54:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bonjour
[2014/09/18 11:28:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2013/11/23 19:47:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Conduit
[2013/08/30 22:38:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Downloaded Installations
[2014/10/07 00:22:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Full Tilt Poker
[2014/07/14 11:34:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\globalUpdate
[2014/08/25 08:49:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Google
[2014/03/09 20:38:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\GreenTree Applications
[2014/10/05 12:09:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Holdem Manager 2
[2014/03/11 23:55:50 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2013/08/30 22:24:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Intel
[2014/09/12 08:32:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2014/09/30 12:02:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Intertops Poker
[2014/08/22 22:18:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\iSkysoft
[2014/09/22 23:03:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\iTunes
[2014/08/18 03:43:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Java
[2014/05/20 01:23:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Lock Poker
[2013/09/01 17:49:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Logitech
[2014/05/16 03:33:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/09/03 11:56:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
[2014/09/12 01:32:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Security Client
[2013/09/03 12:04:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2014/09/19 16:41:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox
[2014/09/22 09:51:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013/09/03 12:03:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2014/03/14 03:00:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSXML 4.0
[2013/08/30 22:27:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NVIDIA Corporation
[2013/09/03 13:08:22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\OpenOffice 4
[2014/07/06 17:27:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Opera
[2014/07/14 11:37:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\P-HD-V1.4
[2014/10/06 10:07:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PacificPoker
[2014/08/13 15:21:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Poker - Espacejeux
[2014/09/11 13:19:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PokerStars
[2013/09/01 18:35:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PostgreSQL
[2014/01/18 00:34:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PSQLINSTALL
[2014/07/14 12:23:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\QuickTime
[2013/08/30 22:29:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Realtek
[2009/07/14 01:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2013/09/01 18:56:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\RVG Software
[2014/07/14 13:10:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Safari
[2014/09/18 11:28:17 | 000,000,000 | R--D | M] -- C:\Program Files (x86)\Skype
[2014/07/14 00:15:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2014/10/05 12:13:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\TableNinja
[2014/06/03 21:57:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\TeamViewer
[2014/07/14 12:23:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\TechSmith
[2013/08/30 22:30:35 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Temp
[2009/07/14 00:57:06 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information
[2013/08/30 23:03:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\VideoLAN
[2013/10/23 02:25:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Winamp
[2013/10/23 02:24:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Winamp Detect
[2014/01/04 02:23:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
[2014/01/04 02:23:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2014/01/04 02:23:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2009/07/14 01:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
[2014/01/04 02:23:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer
[2013/09/10 15:06:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
[2014/01/04 02:23:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar
[2014/03/11 23:55:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Yahoo!

< MD5 for: EXPLORER.EXE >
[2011/02/26 01:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87 e574ddfe652d\explorer.exe
[2014/06/24 10:42:02 | 004,818,848 | ---- | M] (Safer-Networking Ltd.) MD5=280C014187E24860A7C860329513208F -- C:\Program Files (x86)\Spybot - Search & Destroy 2\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa7 9dc39081d0ba\explorer.exe
[2011/02/26 02:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b033 3b22a99da332\explorer.exe
[2010/11/20 08:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f 56d3c4bcbafb\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc 4815c4e292b5\explorer.exe
[2010/11/20 09:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afda ac81905bf900\explorer.exe

< MD5 for: NETLOGON.DLL >
[2010/11/20 09:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010/11/20 09:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bdd bcb24e997298\netlogon.dll
[2010/11/20 08:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010/11/20 08:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632 670482fa3493\netlogon.dll

< MD5 for: SERVICES.EXE >
[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_ none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591a fc466a15356\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04 b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de30 24012ff21116\userinit.exe
[2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4e bf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde9 0685eb910636\winlogon.exe
[2014/03/04 07:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce74 8d1d04acf24f\winlogon.exe
[2014/03/04 05:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\SysNative\winlogon.exe
[2014/03/04 05:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8 bf35eb848572\winlogon.exe

< hklm\SOFTWARE\Microsoft\Windows\CurrentVersion\Win dowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2014/09/19 16:41:04 | 000,897,648 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2014/09/19 16:41:04 | 000,897,648 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2014/09/19 16:41:04 | 000,897,648 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\FIREFOX.EXE\shell\open\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [2014/09/19 16:41:19 | 000,275,568 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -preferences [2014/09/19 16:41:19 | 000,275,568 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -safe-mode [2014/09/19 16:41:19 | 000,275,568 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [2014/09/23 00:07:06 | 000,852,808 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --hide-icons [2014/09/23 00:07:06 | 000,852,808 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --show-icons [2014/09/23 00:07:06 | 000,852,808 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\Google Chrome\shell\open\command\\: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [2014/09/23 00:07:06 | 000,852,808 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2014/08/19 14:05:24 | 000,810,168 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2014/08/19 14:05:24 | 000,810,168 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Safari\Safari.exe" /reinstall [2012/04/25 10:36:36 | 002,388,336 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Safari\Safari.exe" /hideicons [2012/04/25 10:36:36 | 002,388,336 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Safari\Safari.exe" /showicons [2012/04/25 10:36:36 | 002,388,336 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\Safari.exe\shell\open\command\\: "C:\Program Files (x86)\Safari\Safari.exe" [2012/04/25 10:36:36 | 002,388,336 | ---- | M] (Apple Inc.)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /HIDESHORTCUTS [2014/09/19 16:41:04 | 000,897,648 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SHOWSHORTCUTS [2014/09/19 16:41:04 | 000,897,648 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SETASDEFAULTAPPGLOBAL [2014/09/19 16:41:04 | 000,897,648 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\FIREFOX.EXE\shell\open\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" [2014/09/19 16:41:19 | 000,275,568 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\FIREFOX.EXE\shell\properties\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -PREFERENCES [2014/09/19 16:41:19 | 000,275,568 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\FIREFOX.EXE\shell\safemode\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -SAFE-MODE [2014/09/19 16:41:19 | 000,275,568 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\Google Chrome\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2014/09/23 00:07:06 | 000,852,808 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\Google Chrome\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2014/09/23 00:07:06 | 000,852,808 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2014/09/23 00:07:06 | 000,852,808 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\Google Chrome\shell\open\command\\: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2014/09/23 00:07:06 | 000,852,808 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2014/08/18 17:25:16 | 000,707,072 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2014/08/18 17:25:16 | 000,707,072 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2014/08/18 17:25:16 | 000,707,072 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2014/08/19 14:05:24 | 000,810,168 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE [2014/08/19 14:05:24 | 000,810,168 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\Safari.exe\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" /REINSTALL [2012/04/25 10:36:36 | 002,388,336 | ---- | M] (Apple Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\Safari.exe\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" /HIDEICONS [2012/04/25 10:36:36 | 002,388,336 | ---- | M] (Apple Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" /SHOWICONS [2012/04/25 10:36:36 | 002,388,336 | ---- | M] (Apple Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\Safari.exe\shell\open\command\\: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" [2012/04/25 10:36:36 | 002,388,336 | ---- | M] (Apple Inc.)

< hkcu\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} /s >

< hklm\SOFTWARE\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1} /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 81 bytes -> C:\Program Files (x86)\Intertops Poker:MID

< End of report >

Quote

10-09-2014 , 08:36 PM

#32

PaulyJames200x

Pooh-Bah

Join Date: Aug 2014 Posts: 4,027

OTL Extras logfile created on: 10/9/2014 8:27:33 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Danny\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17280)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.79 Gb Total Physical Memory | 3.64 Gb Available Physical Memory | 46.70% Memory free
15.59 Gb Paging File | 11.54 Gb Available in Paging File | 74.03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232.88 Gb Total Space | 93.04 Gb Free Space | 39.95% Space Free | Partition Type: NTFS

Computer Name: DANNY-PC | User Name: Danny | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\PublicPr ofile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Firewall Rules]
"{083EC3E6-49AB-4294-B086-3A8DE9E25CED}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{18A8961B-9576-454B-BB4A-ADE95BB04D40}" = lport=445 | protocol=6 | dir=in | app=system |
"{1C5DCE00-8BF3-4A0F-9397-68673F07FDCF}" = rport=10243 | protocol=6 | dir=out | app=system |
"{2196F340-1CC2-4DD9-83DC-C381D309E4A2}" = lport=137 | protocol=17 | dir=in | app=system |
"{29E802EF-73D5-4A22-B9EA-D15D5FDA93D3}" = rport=138 | protocol=17 | dir=out | app=system |
"{34879E4B-9AAD-4469-868A-35BB35F9046D}" = lport=139 | protocol=6 | dir=in | app=system |
"{4E5EDBE5-BBF5-4763-85B4-658335B844C1}" = rport=137 | protocol=17 | dir=out | app=system |
"{5D406916-CEE7-4233-9F85-1C08CAEB086F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{61A09031-622B-4800-9AC3-D9FB2522A571}" = lport=138 | protocol=17 | dir=in | app=system |
"{6502231F-CE24-4F31-AB43-851B21CF061B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{74D38A91-6F37-4CF4-870A-A1363E08A9D2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{926C816B-5207-4D72-9483-9B0876A37C34}" = lport=10243 | protocol=6 | dir=in | app=system |
"{98923575-EDD3-4BFD-8274-537BC9D113B3}" = lport=5432 | protocol=6 | dir=in | name=postgres |
"{9C676989-7ED1-4274-B9D2-6E1335E8AE7A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{9FFAD157-5275-4CB0-8445-1B08700C6C12}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B4411DE2-D06F-49E9-8DE3-2151EA23873A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BDCF488B-B214-491F-8FDD-F79002D5A03D}" = rport=445 | protocol=6 | dir=out | app=system |
"{BEE5C4DA-EE6A-435D-91AD-44DDACF605A7}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C585162A-9D3E-4652-96A7-5CF3DE1C038A}" = rport=139 | protocol=6 | dir=out | app=system |
"{C792DC75-AB7F-423E-8762-26B9DB569B10}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CAD13884-A7CB-4487-A816-C791F6215AC3}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{D7AD99AD-0997-499A-9A87-9CB1BBD54984}" = lport=8317 | protocol=6 | dir=in | name=techsmith camtasia studio |
"{DACFDA9F-B690-4F66-9EA2-0144318FB4F8}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{FF300EC0-5417-4E83-A6A8-6AB5297C2364}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Firewall Rules]
"{030458AD-C599-40FC-A932-C522C51FF4B2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{03118C66-C380-42BE-92A7-C1CF2F2E2C8D}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{073F7BF6-6044-4C00-8A96-8A7729CD849E}" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\logitech vid\vid.exe |
"{0D845ED1-0B31-4F5E-B46E-98C113BB4676}" = protocol=17 | dir=in | app=c:\users\danny\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{15790F0A-1913-4A67-ABAF-5ED7BFAC2CF5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{181309F1-F136-47FC-A807-BAAA8A818CAE}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{25A2BF2A-24B5-4A30-A96A-B4C940040E41}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{2BABEB61-9FB9-4EC8-A0E9-2067B70719B7}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{2DF25071-40E7-4B40-B122-FA11A15B30D6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{316C8B1C-8C32-4D00-AC58-57EEF8F6A301}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{34F6BB99-7776-4C84-A18E-D182DD45FD86}" = protocol=17 | dir=in | app=c:\program files (x86)\nvidia corporation\nvidia updatus\daemonu.exe |
"{360A22E8-BF0D-4CB6-AEF5-BF2534EE8A66}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3D609B0A-5DE3-4DDE-B2B9-0F35FFF0769D}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3E9A3CEF-3A44-4E05-9461-A8A4E6D2065B}" = protocol=17 | dir=in | app=c:\users\danny\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{4CA0C575-2145-4C2A-8EA6-191A4EA2D51D}" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\logitech vid\vid.exe |
"{4ED2275D-9C13-4AD5-8AD8-A498C3613C0C}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{58F5BDFC-E48A-472C-812F-F0DB37EB17EF}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{5B46A762-B892-4152-B327-76DCEB45E23B}" = protocol=6 | dir=out | app=system |
"{5D5A840E-3A8A-40F8-BE40-41D3F1C8F2C9}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{619DC6DE-0A7F-44D0-9E63-B527C6B853B8}" = protocol=6 | dir=in | app=c:\program files (x86)\intertops poker\pokerclient.exe |
"{689F8C54-8573-4078-A55F-999C062B96C1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6DAAED93-6CD0-44A3-85D9-C7388D895E16}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7086D3BC-268C-486F-BD10-E8C7B9162D23}" = protocol=6 | dir=in | app=c:\users\danny\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{71293256-506D-4076-9F18-83AC623ADFE2}" = protocol=6 | dir=in | app=c:\program files (x86)\skype\plugin manager\skypepm.exe |
"{718FD365-C1E1-40C7-A9F0-C6E5A7CFA283}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{75A13D9D-3B01-4B81-B2BD-4EA6C8DD3391}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{77D4A0E3-38B3-47B0-8FAB-5AE259650FFB}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7F15CF6A-DE89-42B9-84F5-FE76712CBDE9}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{861E535A-E1B5-46A6-BDC1-F20078827991}" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\logitech vid\vid.exe |
"{891150E7-BD5E-4EDB-AEB1-984ABA646D8B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{9058ECDA-45F7-4442-84C6-75ECA3FA37B5}" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\logitech vid\vid.exe |
"{ACF41044-3983-4053-AF1E-F64D0313D711}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B1D03A84-9868-4644-8D6C-36CFC7A2BA10}" = protocol=17 | dir=in | app=c:\program files (x86)\skype\plugin manager\skypepm.exe |
"{B41B8E14-D6FC-4E2D-96BD-B1C5B2ED81F0}" = protocol=6 | dir=in | app=c:\program files (x86)\intertops poker\pokerclient.exe |
"{B8AB1C79-C83C-4FBA-8155-D38758C24995}" = protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\nvidia updatus\daemonu.exe |
"{B91C5D80-14A9-4658-BBAB-8EBA4232E9F4}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{BA086C08-97B6-4D37-8D8C-D92ABDFF1606}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{BC6869B0-3522-4643-8DD3-82FABD3379F7}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{BE6B48C8-D3E8-4FC4-980A-4A437B13DD11}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{C329BFC5-9DAF-452E-BE93-5926614066BE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C394DF0D-E661-4AE5-9082-14F3320451E8}" = protocol=17 | dir=in | app=c:\program files (x86)\intertops poker\pokerclient.exe |
"{CD4BA9E3-8AC1-4E48-9512-9364699E21CE}" = protocol=6 | dir=in | app=c:\users\danny\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{CF4AA02B-46C6-4831-94CB-D7149412E3B2}" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"{DC008A39-85F3-49FE-8F3E-E1729D2B7D17}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{EAA1F849-CA22-49B8-A041-B5568DB54C13}" = protocol=17 | dir=in | app=c:\program files (x86)\intertops poker\pokerclient.exe |
"{EB97B43A-50AC-47E7-9FF2-A316CB0A4F0F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{F0D720AD-D942-4118-B80A-67A688475790}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{F174E03E-E0AD-4A07-82A0-0B57B006FA48}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F8E79ACF-B939-4765-AD23-40638E95435E}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{FB5EEE8C-4443-4F64-B977-2E50D28FA67E}" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{972E0F1B-BF44-4E87-9489-5260DAE89FD0}C:\program files (x86)\pacificpoker\bin\poker.exe" = protocol=6 | dir=in | app=c:\program files (x86)\pacificpoker\bin\poker.exe |
"UDP Query User{7FCD16BC-77B0-4A8B-A458-CCAA69D5A684}C:\program files (x86)\pacificpoker\bin\poker.exe" = protocol=17 | dir=in | app=c:\program files (x86)\pacificpoker\bin\poker.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall]
"{23F2C78C-E131-4CA0-8F84-3473FB7728BA}" = Microsoft Security Client
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}" = ASUS Power4Gear Hybrid
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{987FE247-4E69-4A2E-A961-D14F901FDBF6}" = Logitech Webcam Software
"{B678797F-DF38-4556-8A31-8B818E261868}" = Apple Mobile Device Support
"{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}" = SRS Premium Sound Control Panel
"{F46AA0F1-E284-4878-A462-5F11B9166C0E}" = iTunes
"CCleaner" = CCleaner
"Elantech" = ETDWare PS/2-x64 7.0.5.11_WHQL
"HoldemManager" = Holdem Manager
"lvdrivers_12.10" = Logitech Webcam Software Driver Package
"Microsoft Security Client" = Microsoft Security Essentials
"NetWorx_is1" = NetWorx 5.2.9
"NVIDIA Drivers" = NVIDIA Drivers
"USB 2.0 VGA UVC WebCam" = USB 2.0 VGA UVC WebCam
"WinRAR archiver" = WinRAR 5.00 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall]
"{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}" = ASUS AI Recovery
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD Video Downloader 4.8.2
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{240AED60-1548-49C6-AB90-C069C1807A57}" = TableNinja
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 6.20
"{45F34E54-DAD9-405B-A4F6-B12B0A46B984}" = Camtasia Studio 8
"{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}" = Logitech Vid
"{55E61709-D7D4-43C0-B45D-BFAF5C09A02D}" = OpenOffice 4.0.0
"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{78002155-F025-4070-85B3-7C0453561701}" = Apple Application Support
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{8127AADE-F5CF-4E42-ABC9-2CDCA9D2FD66}" = TableNinja
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{A7B8A5E9-CA44-44A0-9393-9EA0FFE4C3FB}" = Alcor Micro USB Card Reader
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.09)
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B5A5627C-0173-4DB2-ADA8-740479370F67}" = Express Gate
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics DiskDefrag
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F7770F7F-0ABC-30CB-95BC-93761A05CAB6}" = Google Talk Plugin
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"5Dimes Open Waters 8.2" = 5Dimes Open Waters 8.2
"888poker" = 888poker
"Adobe Flash Player ActiveX" = Adobe Flash Player 15 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 15 Plugin
"Asus Screensaver" = Asus Screensaver
"FE4D6F94-B3D5-484b-94F7-8BC45DEB7A82" = BlackChipPoker
"Google Chrome" = Google Chrome
"HoldemManager2" = Holdem Manager 2
"InstallShield_{A7B8A5E9-CA44-44A0-9393-9EA0FFE4C3FB}" = Alcor Micro USB Card Reader
"Intertops Poker" = Intertops Poker
"iSkysoft iTube Studio_is1" = iSkysoft iTube Studio(Build 4.2.1.1)
"Mozilla Firefox 31.0 (x86 en-US)" = Mozilla Firefox 31.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA.Updatus" = NVIDIA Updatus
"Poker - Espacejeux " = Poker - Espacejeux
"PokerStars" = PokerStars
"PostgreSQL 8.4" = PostgreSQL 8.4
"TeamViewer 9" = TeamViewer 9
"Titan Poker" = Titan Poker
"VLC media player" = VLC media player 2.0.8
"Winamp" = Winamp
"Yahoo! Messenger" = Yahoo! Messenger

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Uninstall]
"AIM" = AIM for Windows
"Winamp Detect" = Winamp Detector Plug-in

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 10/9/2014 7:43:37 PM | Computer Name = Danny-PC | Source = Application Error | ID = 1000
Description = Faulting application name: SDUpdate.exe, version: 2.4.40.94, time
stamp: 0x53ad3eee Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409,
time stamp: 0x53159a86 Exception code: 0x0eedfade Fault offset: 0x0000c42d Faulting
process id: 0x1df0 Faulting application start time: 0x01cfe41ac6978877 Faulting application
path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe Faulting module
path: C:\Windows\syswow64\KERNELBASE.dll Report Id: 169435c5-500e-11e4-bb5c-20cf301711b9

Error - 10/9/2014 7:48:46 PM | Computer Name = Danny-PC | Source = Application Error | ID = 1000
Description = Faulting application name: SDUpdate.exe, version: 2.4.40.94, time
stamp: 0x53ad3eee Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409,
time stamp: 0x53159a86 Exception code: 0x0eedfade Fault offset: 0x0000c42d Faulting
process id: 0x1df8 Faulting application start time: 0x01cfe41b79683ace Faulting application
path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe Faulting module
path: C:\Windows\syswow64\KERNELBASE.dll Report Id: cec2bbea-500e-11e4-bb5c-20cf301711b9

Error - 10/9/2014 7:53:36 PM | Computer Name = Danny-PC | Source = Application Error | ID = 1000
Description = Faulting application name: SDUpdate.exe, version: 2.4.40.94, time
stamp: 0x53ad3eee Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409,
time stamp: 0x53159a86 Exception code: 0x0eedfade Fault offset: 0x0000c42d Faulting
process id: 0x11b0 Faulting application start time: 0x01cfe41c2c3877f4 Faulting application
path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe Faulting module
path: C:\Windows\syswow64\KERNELBASE.dll Report Id: 7b9dc50b-500f-11e4-bb5c-20cf301711b9

Error - 10/9/2014 7:58:36 PM | Computer Name = Danny-PC | Source = Application Error | ID = 1000
Description = Faulting application name: SDUpdate.exe, version: 2.4.40.94, time
stamp: 0x53ad3eee Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409,
time stamp: 0x53159a86 Exception code: 0x0eedfade Fault offset: 0x0000c42d Faulting
process id: 0x1700 Faulting application start time: 0x01cfe41cdf088e09 Faulting application
path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe Faulting module
path: C:\Windows\syswow64\KERNELBASE.dll Report Id: 2e6ddb20-5010-11e4-bb5c-20cf301711b9

Error - 10/9/2014 8:03:37 PM | Computer Name = Danny-PC | Source = Application Error | ID = 1000
Description = Faulting application name: SDUpdate.exe, version: 2.4.40.94, time
stamp: 0x53ad3eee Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409,
time stamp: 0x53159a86 Exception code: 0x0eedfade Fault offset: 0x0000c42d Faulting
process id: 0x260 Faulting application start time: 0x01cfe41d91d94060 Faulting application
path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe Faulting module
path: C:\Windows\syswow64\KERNELBASE.dll Report Id: e1d614bf-5010-11e4-bb5c-20cf301711b9

Error - 10/9/2014 8:08:37 PM | Computer Name = Danny-PC | Source = Application Error | ID = 1000
Description = Faulting application name: SDUpdate.exe, version: 2.4.40.94, time
stamp: 0x53ad3eee Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409,
time stamp: 0x53159a86 Exception code: 0x0eedfade Fault offset: 0x0000c42d Faulting
process id: 0x1f9c Faulting application start time: 0x01cfe41e44a9a497 Faulting application
path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe Faulting module
path: C:\Windows\syswow64\KERNELBASE.dll Report Id: 94a678f5-5011-11e4-bb5c-20cf301711b9

Error - 10/9/2014 8:13:37 PM | Computer Name = Danny-PC | Source = Application Error | ID = 1000
Description = Faulting application name: SDUpdate.exe, version: 2.4.40.94, time
stamp: 0x53ad3eee Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409,
time stamp: 0x53159a86 Exception code: 0x0eedfade Fault offset: 0x0000c42d Faulting
process id: 0x1984 Faulting application start time: 0x01cfe41ef779939b Faulting application
path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe Faulting module
path: C:\Windows\syswow64\KERNELBASE.dll Report Id: 47757d97-5012-11e4-bb5c-20cf301711b9

Error - 10/9/2014 8:18:37 PM | Computer Name = Danny-PC | Source = Application Error | ID = 1000
Description = Faulting application name: SDUpdate.exe, version: 2.4.40.94, time
stamp: 0x53ad3eee Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409,
time stamp: 0x53159a86 Exception code: 0x0eedfade Fault offset: 0x0000c42d Faulting
process id: 0x1fb8 Faulting application start time: 0x01cfe41faa49f7d2 Faulting application
path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe Faulting module
path: C:\Windows\syswow64\KERNELBASE.dll Report Id: fa4879e7-5012-11e4-bb5c-20cf301711b9

Error - 10/9/2014 8:23:37 PM | Computer Name = Danny-PC | Source = Application Error | ID = 1000
Description = Faulting application name: SDUpdate.exe, version: 2.4.40.94, time
stamp: 0x53ad3eee Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409,
time stamp: 0x53159a86 Exception code: 0x0eedfade Fault offset: 0x0000c42d Faulting
process id: 0x177c Faulting application start time: 0x01cfe4205d1a5c08 Faulting application
path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe Faulting module
path: C:\Windows\syswow64\KERNELBASE.dll Report Id: ad17cca9-5013-11e4-bb5c-20cf301711b9

Error - 10/9/2014 8:28:37 PM | Computer Name = Danny-PC | Source = Application Error | ID = 1000
Description = Faulting application name: SDUpdate.exe, version: 2.4.40.94, time
stamp: 0x53ad3eee Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409,
time stamp: 0x53159a86 Exception code: 0x0eedfade Fault offset: 0x0000c42d Faulting
process id: 0x1bf4 Faulting application start time: 0x01cfe4210feac03e Faulting application
path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe Faulting module
path: C:\Windows\syswow64\KERNELBASE.dll Report Id: 5fe571b5-5014-11e4-bb5c-20cf301711b9

Error - 10/9/2014 8:33:37 PM | Computer Name = Danny-PC | Source = Application Error | ID = 1000
Description = Faulting application name: SDUpdate.exe, version: 2.4.40.94, time
stamp: 0x53ad3eee Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409,
time stamp: 0x53159a86 Exception code: 0x0eedfade Fault offset: 0x0000c42d Faulting
process id: 0x1c54 Faulting application start time: 0x01cfe421c2bb2474 Faulting application
path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe Faulting module
path: C:\Windows\syswow64\KERNELBASE.dll Report Id: 12b6c04e-5015-11e4-bb5c-20cf301711b9

[ System Events ]
Error - 10/9/2014 12:06:33 AM | Computer Name = Danny-PC | Source = Service Control Manager | ID = 7000
Description = The Spybot-S&D 2 Scanner Service service failed to start due to the
following error: %%1053

Error - 10/9/2014 10:57:09 AM | Computer Name = Danny-PC | Source = Microsoft-Windows-Kernel-General | ID = 5
Description =

Error - 10/9/2014 10:57:47 AM | Computer Name = Danny-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D
2 Scanner Service service to connect.

Error - 10/9/2014 10:57:47 AM | Computer Name = Danny-PC | Source = Service Control Manager | ID = 7000
Description = The Spybot-S&D 2 Scanner Service service failed to start due to the
following error: %%1053

Error - 10/9/2014 1:06:40 PM | Computer Name = Danny-PC | Source = Microsoft-Windows-Kernel-General | ID = 5
Description =

Error - 10/9/2014 1:07:17 PM | Computer Name = Danny-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D
2 Scanner Service service to connect.

Error - 10/9/2014 1:07:17 PM | Computer Name = Danny-PC | Source = Service Control Manager | ID = 7000
Description = The Spybot-S&D 2 Scanner Service service failed to start due to the
following error: %%1053

Error - 10/9/2014 1:48:02 PM | Computer Name = Danny-PC | Source = Microsoft-Windows-Kernel-General | ID = 5
Description =

Error - 10/9/2014 1:48:37 PM | Computer Name = Danny-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D
2 Scanner Service service to connect.

Error - 10/9/2014 1:48:37 PM | Computer Name = Danny-PC | Source = Service Control Manager | ID = 7000
Description = The Spybot-S&D 2 Scanner Service service failed to start due to the
following error: %%1053

< End of report >

Quote

10-10-2014 , 03:21 AM

#33

Gabethebabe

Malware Jedi

Join Date: Oct 2007 Posts: 27,387

The century during which Spybot S&D was good ended more than 14 years ago. If you want something besides MSE, I suggest you use Malwarebytes.

Run OTL again and in the custom scans/fixes field, copy the following:

Code:

:files
C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\wl324c8p.default\extensions\saamazon@mybrowserbar.com.xpi
C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\wl324c8p.default\extensions\saebay@mybrowserbar.com.xpi
C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\wl324c8p.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}.xpi

:otl
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [Calculator] C:\Windows\winfaith1.exe (IBuster)
O4 - HKLM..\Run: [Calculator2] C:\Windows\winfaith1.exe (IBuster)
O4 - HKLM..\Run: [Notepad] C:\Windows\winfaith3.exe ()
O4 - HKLM..\Run: [Notepad2] C:\Windows\winfaith3.exe ()
O4 - HKCU..\Run: [CPN Notifier] C:\Program Files (x86)\Intertops Poker\PokerNotifier.exe File not found

Click Run Fix.
Post the log here

After that your problems should be over.

Quote

10-10-2014 , 10:23 AM

#34

PaulyJames200x

Pooh-Bah

Join Date: Aug 2014 Posts: 4,027

========== FILES ==========
C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Pro files\wl324c8p.default\extensions\saamazon@mybrows erbar.com.xpi moved successfully.
C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Pro files\wl324c8p.default\extensions\saebay@mybrowser bar.com.xpi moved successfully.
C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Pro files\wl324c8p.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}.xpi moved successfully.
========== OTL ==========
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run\\Calculator deleted successfully.
C:\Windows\winfaith1.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run\\Calculator2 deleted successfully.
File C:\Windows\winfaith1.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run\\Notepad deleted successfully.
C:\Windows\winfaith3.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run\\Notepad2 deleted successfully.
File C:\Windows\winfaith3.exe not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Run\\CPN Notifier deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 10102014_102308

Quote

10-10-2014 , 10:31 AM

#35

Gabethebabe

Malware Jedi

Join Date: Oct 2007 Posts: 27,387

Cool

How is your comp running now?

Quote

10-10-2014 , 11:22 AM

#36

PaulyJames200x

Pooh-Bah

Join Date: Aug 2014 Posts: 4,027

I no longer see those 2 popups when i start windows 7 now.

Can you tell me what those 2 processes were? I'm sure i downloaded it through some program that it then downloaded to right? Like when you download something like winamp then if u install all, it install stuff you don't want to?

Could this be the reason that my laptop is really slow? Any chance it could be a reason why my tables lag a lot when playing on pokerstars with hem2 and tn1? I can't verify it now b/c im back in the usa and thus can't play on stars and test it out.

Quote

10-10-2014 , 12:12 PM

#37

PaulyJames200x

Pooh-Bah

Join Date: Aug 2014 Posts: 4,027

Laptop is asus u45jc-a1. I had this laptop for many years already, like it b/c its small and thin type and 14.1. Laptop is slow when playing many tables with hem2 and tn1.

However, the bigger issue i have with this is last year i noticed that when i first bought a new hp 24' monitor with 1920x1200 resolution, it would randomly go to sleep. Issue with this is when im playing many tables, once this happens, i sit out every table and then it takes 90 seconds or so before i can fix it. I would have to wait till my computer's power goes off. Then i click power button then it would resume windows.

At first i thought this was my new HP monitor. The thing is after some time, this rarely happened. But when it does, it would happen few times a day, it could be once every hour but rarely would go black more than a few times a day. Sometimes it would go black, then go back to normal then go black again after 20 minutes. Some days it wouldn't happen even once but its rare. Note my laptop is on all day.

It wasn't until i came back to the usa and used my dell 2007fp monitor that i noticed i had the same issue. It would randomly turn off and only way to turn back on was to wait like 90 seconds for computer to turn off, then click power to resume windows. Note previously what i did when this happened was hold the power button and wait and release. What of course happened was the laptop would turn off then powering it on again... it would show starting windows instead of resuming windows so i never did this ever again. So at this point, i figure it cannot be the monitor then. I then tested another monitor this time an acer one but this laptop is many years old... same issue.

Does that mean this is 100 percent my laptop? HP monitor which bought brand new had this issue. I googled hp monitor going to sleep and many ppl who have hp monitor say similar thing so i figure its the monitor. Then i used an old dell 2007fp and same issue, then acer one same issue so this isn't a coincidence right?

Someone in a forum told me this has to be a driver issue. The thing is i tried to update my driver but what eventually happened was many times was driver installed but everytime computer restarted it would never start up and be stuck. I tried every way possible and same issue. I then read it has to do with the driver i have. Does anyone know what i can do to fix this issue? Someone else said my video card could be broken? Again this issue is very annoying especially when 20 plus tabling poker. So basically i had to play on a small laptop screen instead of connecting it to any monitor because of this.

One other thing i want to mention is hp monitor when it does this, it would say on screen monitor goes to sleep. But my dell fp 2007 or acer one, theres no message, it would just go to sleep.

Thoughts?

Quote

10-10-2014 , 01:47 PM

#38

PaulyJames200x

Pooh-Bah

Join Date: Aug 2014 Posts: 4,027

Someone suggested me to download batterybar and post the stats.

Laptop battery without charger currently plugged in with BATTERYBAR shows

Percent: 28.2%

Capacity: 17,085 mWh of 61,185 mWh

Discharge Rate: -14370 mW

Battery: 0:45 Discharging

Elapsed Time: 0:03 since 28.2%

Full Time: 3:04

Battery Wear: 27.2% of 84,000 mWH

Anyone know what these numbers mean? Is there any indication here that something is wrong with the battery? I had this laptop since 2010 so from what i read online, it having 27 percent battery wear all these years isn't that bad right? The thing however is majority of me using a lot of it was in the last year. When i first got it, i rarely used it much b/c i used my desktop.

Quote

10-10-2014 , 02:51 PM

#39

Gabethebabe

Malware Jedi

Join Date: Oct 2007 Posts: 27,387

No idea what those processes were. OTL has created a directory for moved files, I think C:\_OTL or something. You can look them up and submit to www.virustotal.com (winfaith1.exe and winfaith3.exe)

It is very well possible those processes slowed down your computer. What also does not help is all the ASUS bloatware, the Yahoo Messenger bloatware and the Spybot S&D.

Quote

10-10-2014 , 03:11 PM

#40

PaulyJames200x

Pooh-Bah

Join Date: Aug 2014 Posts: 4,027

How would i remove the asus , yahoo messenger bloatware?

Quote

10-10-2014 , 03:30 PM

#41

PaulyJames200x

Pooh-Bah

Join Date: Aug 2014 Posts: 4,027

So you are saying remove spybot just uninstall it right? And i recall you said install malware bytes?

The only antivirus i have on computer is the microsoft essentials because i read thats the only thing i need. So keep essentials and download malwarebytes?

Quote

10-10-2014 , 04:14 PM

#42

Gabethebabe

Malware Jedi

Join Date: Oct 2007 Posts: 27,387

That would be fine.

MBAM does not provide real time protection, but it is an excellent on-demand scanner to run 1/month

I have no idea what of the Asus stuff you can gt rid of without missing out on actually useful functionality. Try and google a bit might help here.

Yahoo messenger is in your installed programs. If you use it to chat, well that's OK. I would still get rid of it and go for a universal chat client like pidgin that does not come with neigh uninstallable toolbars

Quote

10-10-2014 , 04:48 PM

#43

PaulyJames200x

Pooh-Bah

Join Date: Aug 2014 Posts: 4,027

When i reinstalled windows 7 with my asus cd, i basically installed everything that is needed according to one website on notebookforum where someone posted which u should add and which you shouldn't add etc...

I can remove yahoo messenger no big deal. However, i dont use it that much so i cant imagine that could be a reason.

I have another thing that i thought about because someone else mentioned this when i have battery issue with my laptop.

Last year when i had a friend replace my 7200 rpm hard drive with the samsung 250gb ssd hard drive, i recalled he just took the old hard drive out and then put the new one in without an issue. I had to make sure laptop ssd was installed before going to canada from the usa. When i got to canada, my laptop couldn't turn on. I then went to computer store and the person found out reason was b/c my ssd was pretty loose and wasn't installed secure enough. Does that make sense? He then used some stuff like a cushion to where it wrapped around the ssd a bit then tested my laptop and then it powered on.

I assume that should have zero effect on the speed of my i3 laptop? Another thing i thought about was could it be, because my laptop inside is dirty and i have to clean it? Someone a while back said you need to clean it with some stuff because there could be dirt there. Could that be a cause of the slowness or not possible? There isn't any fan sound in my laptop usually but will make some sound when cpu at 100 percent or close to it.

Quote

10-10-2014 , 04:55 PM

#44

Gabethebabe

Malware Jedi

Join Date: Oct 2007 Posts: 27,387

I am not the right person to answer those hardware questions

Quote

10-10-2014 , 07:26 PM

#45

Love_the_game

grinder

Join Date: May 2014 Posts: 513

27% battery wear is still not bad. One time i was stupidly playing games on my laptop without the AC charger plugged in and in 1 year, i had 50% battery wear. At the time i didnt know a quick drain can damage the battery.

Quote

10-10-2014 , 07:28 PM

#46

Love_the_game

grinder

Join Date: May 2014 Posts: 513

hmm it seems like youre posting a lot about your laptop. Mayb its time for a new one.

Quote

10-10-2014 , 07:46 PM

#47

PaulyJames200x

Pooh-Bah

Join Date: Aug 2014 Posts: 4,027

what do you mean by that? You mean u played games on laptop on battery then once it was 5 percent or so, you then plugged the charger then once back to 100 percent you went back to unplugging the charger?

Quote

10-10-2014 , 10:00 PM

#48

LASJayhawk

veteran

Join Date: Jan 2014 Posts: 2,900

GO into your power management (looks like a battery) and adjust your sleep time.

Folks, a lot of people are not computer savvy, or good with BBS.

Quote

10-10-2014 , 11:31 PM

#49

PaulyJames200x

Pooh-Bah

Join Date: Aug 2014 Posts: 4,027

Yes i did that already. There isn't any sleeping in my laptop an no hibernation and i made sure everything is do nothing when lid is closed and all of that...

Quote

10-11-2014 , 12:33 PM

#50

donfairplay

grinder

Join Date: Nov 2006 Posts: 678

Quote:

Originally Posted by PaulyJames200x

Last year when i had a friend replace my 7200 rpm hard drive with the samsung 250gb ssd hard drive, i recalled he just took the old hard drive out and then put the new one in without an issue. I had to make sure laptop ssd was installed before going to canada from the usa. When i got to canada, my laptop couldn't turn on. I then went to computer store and the person found out reason was b/c my ssd was pretty loose and wasn't installed secure enough. Does that make sense? He then used some stuff like a cushion to where it wrapped around the ssd a bit then tested my laptop and then it powered on.

I assume that should have zero effect on the speed of my i3 laptop? Another thing i thought about was could it be, because my laptop inside is dirty and i have to clean it? Someone a while back said you need to clean it with some stuff because there could be dirt there. Could that be a cause of the slowness or not possible? There isn't any fan sound in my laptop usually but will make some sound when cpu at 100 percent or close to it.

250gb samsung ssd you say - let me guess, Samsung 840 EVO or Samsung 840?

Most of the Samsung 840s come in that size.

Could be a firmware bug that is causing read operations to slow to a crawl, it would fit the profile of the ssd trying to read Windows OS files on old blocks of NAND. Samsung is working on a fix (due October 15)

If not an 840/840 EVO, disregard everything I just said.

http://www.anandtech.com/show/8550/s...-is-on-the-way

Also, I'm not some Samsung 840 EVO hater, just throwing out a possible cause.

Quote

Page 2 of 25

First

1 2 3 4 5 6 7 12 22

Last

Post Reply Subscribe

...

Page 2 of 25

First

1 2 3 4 5 6 7 12 22

Last