Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with keylogger that blocks installation of programs


  • This topic is locked This topic is locked
14 replies to this topic

#1 dahue

dahue

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:01:59 AM

Posted 15 June 2014 - 10:29 AM

I think I have a key logger on my computer that I cannot remove.  The symptoms are input lag from the keyboard when ever typing and also installation of new programs is blocked.  Usually the installation will just before it is complete.  If I boot into safe mode I have none of these problems.  I have run scans with Norton 360, Malwarebytes, spybot, and super antispyware none of them detected anything.  Finally I am new to this forum so please forgive any breach in etiquette.  Anything you can do to help would be much appreciated.  Thank you
 
 DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORK
Internet Explorer: 8.0.7601.18472  BrowserJavaVersion: 10.55.2
Run by Chris at 10:18:33 on 2014-06-15
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.16346.14347 [GMT -5:00]
.
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
F:\Hamachi\hamachi-2.exe
F:\Hamachi\LMIGuardianSvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Public\Downloads\Norton\{N360P213012-SHPD-FSD40014}\NortonN360Downloader.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Public\Downloads\Norton\{N360P213012-SHPD-FSD40014}\N360-PremierUpgradeESDND-21.3.0.12-EN.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.default-search.net?sid=492&aid=205&itype=n&ver=12565&tm=378&src=hmp
uProxyServer = localhost:8080
BHO: Ant.com browser helper (video detector): {346FDE31-DFF9-418A-90C8-BA31DC9FF2EF} - C:\Program Files (x86)\Ant.com\IE add-on\Download.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\CoIEPlg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\IPS\IPSBHO.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Ant.com Video Downloader toolbar: {2E924F4F-67F0-4BD8-9560-49F468E843D2} - C:\Program Files (x86)\Ant.com\IE add-on\AntToolbar.dll
TB: Ant.com Video Downloader toolbar: {2E924F4F-67F0-4BD8-9560-49F468E843D2} - C:\Program Files (x86)\Ant.com\IE add-on\AntToolbar.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\CoIEPlg.dll
uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
uRun: [Logitech Vid] "C:\Program Files (x86)\Logitech\Vid HD\Vid.exe" -bootmode
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [OpenHardwareMonitor] F:\OpenHardwareMonitor\OpenHardwareMonitor.exe
uRun: [Norton Download Manager{N360P213012-SHPD-FSD40014}] C:\Users\Public\Downloads\Norton\{N360P213012-SHPD-FSD40014}\NortonN360Downloader.exe /m
mRun: [XFastUSB] "C:\Program Files (x86)\XFastUSB\XFastUsb.exe"
mRun: [THX TruStudio NB Settings] "C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe" /r
mRun: [UpdReg] C:\Windows\UpdReg.EXE
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
mRun: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [LogMeIn Hamachi Ui] "F:\Hamachi\hamachi-2-ui.exe" --auto-start
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: {70AF6C9F-0818-4cf7-924A-BBDBB24211D3} - {70AF6C9F-0818-4cf7-924A-BBDBB24211D3} - C:\Program Files (x86)\Ant.com\IE add-on\Download.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} - hxxps://eagent.farmersinsurance.com/PLA/eAgent/eAutoTwoE/commonActiveX/smsx.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {BE8EEE38-A7C5-4674-A6C4-C2D7421FDD10} - hxxps://bie.farmersinsurance.com/prweb/PRServletLDAP1/8gYJ4DHQrCXUTefMjim_tw%5B%5B*/prvisiointerface.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{6E6DC568-ACE0-44E4-A01C-3403B35F2249} : DHCPNameServer = 75.75.75.75 75.75.76.76
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
mASetup: {BDB786AF-6DFE-427F-9BAC-7291CA9F5A1B} - Msiexec.exe /fpum {BDB786AF-6DFE-427F-9BAC-7291CA9F5A1B} /qn
x64-BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.3.0.12\CoIEPlg.dll
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.3.0.12\CoIEPlg.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [XFast LAN] C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe
x64-Run: [THXCfg64] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\THXCfg64.dll,RunDLLEntry THXCfg64
x64-Run: [CDAServer] C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
x64-Run: [ProfilerU] C:\Program Files\SmartTechnology\Software\ProfilerU.exe
x64-Run: [SaiMfd] C:\Program Files\SmartTechnology\Software\SaiMfd.exe
x64-Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [ShadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
.
INFO: x64-HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\8pngxx4r.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypchub.dll
FF - plugin: C:\Users\Chris\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
.
============= SERVICES / DRIVERS ===============
.
R0 mv91xx;mv91xx;C:\Windows\System32\drivers\mv91xx.sys [2010-9-30 302120]
R1 FNETURPX;FNETURPX;C:\Windows\System32\drivers\FNETURPX.SYS [2012-9-18 15936]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;F:\Hamachi\hamachi-2.exe -s --> F:\Hamachi\hamachi-2.exe -s [?]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;C:\Windows\System32\drivers\EtronHub3.sys [2011-2-8 39936]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;C:\Windows\System32\drivers\EtronXHCI.sys [2011-2-8 64512]
R3 ikbevent;Intel Upper keyboard Class Filter Driver;C:\Windows\System32\drivers\ikbevent.sys [2012-2-9 25536]
R3 imsevent;Intel Upper Mouse Class Filter Driver;C:\Windows\System32\drivers\imsevent.sys [2012-2-9 25536]
R3 ISCT;Intel® Smart Connect Technology Device Driver;C:\Windows\System32\drivers\ISCTD64.sys [2013-1-19 46568]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-9-18 471144]
R3 rzudd;Razer Mouse Driver;C:\Windows\System32\drivers\rzudd.sys [2012-9-18 112640]
S0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\1503000.00C\SymDS64.sys [2014-6-15 493656]
S0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\1503000.00C\SymEFA64.sys [2014-6-15 1148120]
S1 BHDrvx64;BHDrvx64;C:\Program Files (x86)\Norton 360\NortonData\21.3.0.12\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [2014-6-15 1526488]
S1 ccSet_N360;N360 Settings Manager;C:\Windows\System32\drivers\N360x64\1503000.00C\ccSetx64.sys [2014-6-15 162392]
S1 IDSVia64;IDSVia64;C:\Program Files (x86)\Norton 360\NortonData\21.3.0.12\Definitions\IPSDefs\20140224.002\IDSviA64.sys [2014-6-15 524504]
S1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
S1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
S1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\1503000.00C\Ironx64.sys [2014-6-15 264280]
S1 SYMNETS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\1503000.00C\symnets.sys [2014-6-15 593112]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-2-2 628448]
S2 ISCTAgent;ISCT Always Updated Agent;C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [2012-2-9 133632]
S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-9-18 161560]
S2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\N360.exe [2014-6-15 265040]
S2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-3-15 1618888]
S2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-3-15 21009352]
S2 Samsung Network Fax Server;Samsung Network Fax Server;C:\Windows\System32\spool\drivers\x64\3\NetFaxServer64.exe [2013-5-9 239616]
S2 SSPORT;SSPORT;C:\Windows\System32\drivers\SSPORT.SYS [2012-2-15 11576]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-5-16 413128]
S2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe [2012-1-18 450848]
S2 Update Greener Web;Update Greener Web;"C:\Program Files (x86)\Greener Web\updateGreenerWeb.exe" --> C:\Program Files (x86)\Greener Web\updateGreenerWeb.exe [?]
S2 XMouseButton Launcher;XMouseButton Launcher;F:\Xbutton Mouse Control\XMouseButtonSvc.exe [2012-6-23 87040]
S3 FNETTBOH_305;FNETTBOH_305;C:\Windows\System32\drivers\FNETTBOH_305.SYS [2014-6-10 32320]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2012-1-18 351136]
S3 LVUVC64;Logitech HD Webcam C310(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2012-1-18 4865568]
S3 MBfilt;MBfilt;C:\Windows\System32\drivers\MBfilt64.sys [2012-9-18 32344]
S3 npggsvc;nProtect GameGuard Service;C:\Windows\System32\GameMon.des -service --> C:\Windows\System32\GameMon.des -service [?]
S3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-5-7 19744]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2014-5-7 40392]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-14 19456]
S3 RTCore64;RTCore64;F:\EVGA Precision X\RTCore64.sys [2013-7-17 15176]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-3-22 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-11-14 30208]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-9-21 1255736]
S3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001);C:\Windows\System32\drivers\WPRO_41_2001.sys [2012-9-18 34752]
.
=============== Created Last 30 ================
.
2014-06-15 12:33:43 -------- d-sh--w- C:\$RECYCLE.BIN
2014-06-14 23:00:40 98816 ----a-w- C:\Windows\sed.exe
2014-06-14 23:00:40 256000 ----a-w- C:\Windows\PEV.exe
2014-06-14 23:00:40 208896 ----a-w- C:\Windows\MBR.exe
2014-06-14 16:51:50 -------- d-----w- C:\Users\Chris\AppData\Roaming\Settings Manager
2014-06-14 16:51:50 -------- d-----w- C:\Program Files (x86)\Settings Manager
2014-06-14 16:51:48 -------- d-----w- C:\ProgramData\systemk
2014-06-14 07:40:39 -------- d-----w- C:\Program Files\Enigma Software Group
2014-06-14 07:40:22 -------- d-----w- C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-06-14 07:28:35 -------- d-----w- C:\ProgramData\boost_interprocess
2014-06-14 07:28:19 48656 ----a-w- C:\Windows\System32\drivers\asd2fsm.sys
2014-06-14 07:28:18 -------- d-----w- C:\ProgramData\Anvisoft
2014-06-14 07:25:07 81920 ----a-w- C:\Windows\eSellerateControl350.dll
2014-06-14 07:25:07 356352 ----a-w- C:\Windows\eSellerateEngine.dll
2014-06-14 07:25:07 274432 ----a-w- C:\Windows\SysWow64\ssleay32.dll
2014-06-14 07:25:07 1122304 ----a-w- C:\Windows\SysWow64\libeay32.dll
2014-06-14 05:13:52 536576 ----a-w- C:\Windows\SysWow64\sqlite3.dll
2014-06-14 05:13:28 -------- d-----w- C:\AdwCleaner
2014-06-14 05:09:38 -------- d-----w- C:\Program Files (x86)\ESET
2014-06-14 04:34:33 -------- d-----w- C:\ProgramData\SecTaskMan
2014-06-14 04:28:17 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-06-14 04:28:09 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-06-14 04:28:09 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-06-14 04:28:09 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-06-14 04:21:24 -------- d-----w- C:\ProgramData\RogueKiller
2014-06-14 04:12:21 388096 ----a-r- C:\Users\Chris\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2014-06-14 00:20:20 -------- d-----w- C:\Program Files\CCleaner
2014-06-14 00:19:49 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-06-13 23:56:39 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2014-06-13 04:50:31 -------- d-----w- C:\NPE
2014-06-13 04:48:52 -------- d-----w- C:\Users\Chris\AppData\Local\NPE
2014-06-11 23:26:43 -------- d-----w- C:\SUPERDelete
2014-06-11 23:17:35 -------- d-----w- C:\Users\Chris\AppData\Roaming\GitHub
2014-06-11 23:17:35 -------- d-----w- C:\Users\Chris\AppData\Local\GitHub
2014-06-11 23:16:51 -------- d-----w- C:\Users\Chris\AppData\Local\Deployment
2014-06-11 23:16:51 -------- d-----w- C:\Users\Chris\AppData\Local\Apps
2014-06-10 05:47:51 32320 ----a-w- C:\Windows\System32\drivers\FNETTBOH_305.SYS
2014-06-06 04:01:45 -------- d-----w- C:\ProgramData\Stardock
2014-06-06 04:01:45 -------- d-----w- C:\ProgramData\Ironclad Games
2014-05-31 06:07:26 466456 ----a-w- C:\Windows\System32\wrap_oal.dll
2014-05-31 06:07:26 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll
2014-05-31 06:07:26 122904 ----a-w- C:\Windows\System32\OpenAL32.dll
2014-05-31 06:07:26 109080 ----a-w- C:\Windows\SysWow64\OpenAL32.dll
2014-05-31 06:07:26 -------- d-----w- C:\Program Files (x86)\OpenAL
2014-05-29 12:32:14 80384 ----a-w- C:\Windows\System32\RazerCoinstaller.dll
2014-05-29 02:03:02 47632 ----a-w- C:\Windows\System32\drivers\asdids.sys
2014-05-17 04:53:35 601432 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
.
==================== Find3M  ====================
.
2014-06-15 12:58:44 177752 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2014-06-15 12:25:56 119296 ----a-w- C:\Windows\SysWow64\zlib.dll
2014-06-15 12:25:55 34752 ----a-w- C:\Windows\System32\drivers\WPRO_41_2001.sys
2014-05-27 23:53:07 1188864 ----a-w- C:\Windows\System32\wininet.dll
2014-05-27 23:50:48 47616 ----a-w- C:\Windows\System32\mshta.exe
2014-05-27 23:50:38 174592 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-05-27 23:50:11 1538048 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-05-27 23:49:16 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-05-27 23:46:54 50176 ----a-w- C:\Windows\SysWow64\mshta.exe
2014-05-27 23:46:45 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-05-27 23:46:15 1466368 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-05-27 21:04:18 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2014-05-27 20:40:10 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-05-14 01:55:30 70832 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-14 01:55:30 692400 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-05-09 06:14:03 477184 ----a-w- C:\Windows\System32\aepdu.dll
2014-05-09 06:11:23 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-05-08 09:32:11 3178496 ----a-w- C:\Windows\System32\rdpcorets.dll
2014-05-08 09:32:11 16384 ----a-w- C:\Windows\System32\RdpGroupPolicyExtension.dll
2014-04-30 18:29:25 1081112 ----a-w- C:\Windows\SysWow64\nvspcap.dll
2014-04-30 18:29:03 1225920 ----a-w- C:\Windows\System32\nvspcap64.dll
2014-04-25 02:34:59 801280 ----a-w- C:\Windows\System32\usp10.dll
2014-04-25 02:06:17 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
2014-04-15 01:13:43 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-04-12 02:22:05 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2014-04-12 02:22:05 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-04-12 02:19:38 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2014-04-12 02:19:38 136192 ----a-w- C:\Windows\System32\sspicli.dll
2014-04-12 02:19:37 28160 ----a-w- C:\Windows\System32\secur32.dll
2014-04-12 02:19:32 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-04-12 02:19:05 31232 ----a-w- C:\Windows\System32\lsass.exe
2014-04-12 02:12:06 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-04-12 02:10:56 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-04-11 15:34:34 686384 ----a-w- C:\Windows\System32\eed_sl.exe
2014-04-11 15:34:34 3112960 ----a-w- C:\Windows\System32\eed_ec.dll
2014-04-05 02:47:20 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2014-04-05 02:47:09 288192 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2014-04-01 03:46:48 130712 ----a-w- C:\Windows\SysWow64\MSSTDFMT.DLL
2014-04-01 03:46:48 1070232 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX
2014-03-31 16:42:44 40392 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys
2014-03-31 16:42:42 37320 ----a-w- C:\Windows\System32\nvaudcap64v.dll
2014-03-31 16:42:40 34760 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll
2014-03-27 02:11:04 6768584 ----a-w- C:\Windows\System32\nvcpl.dll
2014-03-27 02:11:04 3512664 ----a-w- C:\Windows\System32\nvsvc64.dll
2014-03-27 02:11:02 927520 ----a-w- C:\Windows\System32\nvvsvc.exe
2014-03-27 02:11:02 63776 ----a-w- C:\Windows\System32\nvshext.dll
2014-03-27 02:11:02 386336 ----a-w- C:\Windows\System32\nvmctray.dll
2014-03-26 14:44:48 2002432 ----a-w- C:\Windows\System32\msxml6.dll
2014-03-26 14:44:48 1882112 ----a-w- C:\Windows\System32\msxml3.dll
2014-03-26 14:41:39 2048 ----a-w- C:\Windows\System32\msxml6r.dll
2014-03-26 14:41:39 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2014-03-26 14:27:50 1389056 ----a-w- C:\Windows\SysWow64\msxml6.dll
2014-03-26 14:27:50 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll
2014-03-26 14:25:14 2048 ----a-w- C:\Windows\SysWow64\msxml6r.dll
2014-03-26 14:25:14 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2014-03-24 10:31:38 3683457 ----a-w- C:\Windows\System32\nvcoproc.bin
.
============= FINISH: 10:18:39.92 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 9/18/2012 10:52:37 PM
System Uptime: 6/15/2014 7:48:26 AM (3 hours ago)
.
Motherboard: ASRock | | P67 Extreme4 Gen3
Processor: Intel® Core™ i5-3570K CPU @ 3.40GHz | CPUSocket | 3392/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 119 GiB total, 11.892 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 37 GiB total, 7.652 GiB free.
F: is FIXED (NTFS) - 932 GiB total, 457.411 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Security Processor Loader Driver
Device ID: ROOT\LEGACY_SPLDR\0000
Manufacturer:
Name: Security Processor Loader Driver
PNP Device ID: ROOT\LEGACY_SPLDR\0000
Service: spldr
.
==== System Restore Points ===================
.
RP179: 6/12/2014 11:57:34 PM - Norton_Power_Eraser_20140612235734270
RP180: 6/13/2014 11:12:16 PM - Installed HiJackThis
RP181: 6/14/2014 2:28:30 AM - Device Driver Package Install: Anvisoft Network Service
RP182: 6/14/2014 2:40:24 AM - Installed SpyHunter
RP183: 6/14/2014 5:42:25 PM - Removed SpyHunter
.
==== Installed Programs ======================
.
Absolute Key Logger Removal Tool
Acrobat.com
Adobe AIR
Adobe Flash Player 13 ActiveX
Adobe Flash Player 13 Plugin
Adobe Reader X (10.1.10)
Adobe Shockwave Player 11.6
Anno 2070
Ant.com IE add-on
Antichamber
ASRock eXtreme Tuner v0.1.210
ASRock InstantBoot v1.26
ASRock SmartConnect v1.0.6
Assassin's Creed IV Black Flag
Assassin's Creed® III v1.02
Assassin’s Creed® III
Banished
Battle.net
BioShock Infinite
BitTorrent
CameraHelperMsi
CCleaner
CCVI Driver x64
Chivalry: Medieval Warfare
Common Desktop Agent
CPUID CPU-Z 1.69.2
CPUID HWMonitor 1.25
Crusader Kings II
Crysis 2 Maximum Edition
Cube World version 0.0.1
Darksiders II
Deadpool
Diablo III
Dungeon Keeper 2
Dungeon Keeper Gold
Dust: An Elysian Tail
Endless Space
erLT
ESET Online Scanner v3
Etron USB3.0 Host Controller
EVGA OC Scanner X 3.4.0 (64-bit)
EVGA Precision X 4.2.1
Evil Genius
Fallout
Fallout 2
Fallout Tactics
Fan Control Software
FTL: Faster Than Light
Giana Sisters: Twisted Dreams
Goat Simulator
Godus
GOG.com Downloader version 3.6.0
GOG.com Dungeon Keeper 2
Google Chrome
Google Earth
Google Update Helper
Guacamelee! Gold Edition
Guns of Icarus Online
Hammerwatch
HAWKEN
Hearthstone
HiJackThis
Intel® Management Engine Components
Intel® Smart Connect Technology 2.0 x64
Intel® Trusted Connect Service Client
Java 7 Update 55
Java 7 Update 7 (64-bit)
Java Auto Updater
Just Cause 2
Kenshi
Kerbal Space Program
L.A. Noire
Logitech Harmony Remote Software 7
Logitech Vid HD
Logitech Webcam Software
LogMeIn Hamachi
LWS Facebook
LWS Gallery
LWS Help_main
LWS Launcher
LWS Motion Detection
LWS Pictures And Video
LWS Twitter
LWS Video Mask Maker
LWS VideoEffects
LWS Webcam Software
LWS WLM Plugin
LWS YouTube Plugin
Malwarebytes Anti-Malware version 2.0.2.1012
marvell 91xx driver
MechWarrior Online
Microsoft .NET Framework 4.5.1
Microsoft Flight
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Small Business 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
Microsoft Xbox 360 Accessories 1.2
Microsoft XNA Framework Redistributable 4.0 Refresh
Monaco
Mozilla Firefox 29.0.1 (x86 en-US)
Mozilla Maintenance Service
MSI Afterburner 2.3.1
My Game Long Name
Neverwinter
Neverwinter Nights 2 Complete
Norton 360
Notepad++
NVIDIA 3D Vision Controller Driver 337.50
NVIDIA 3D Vision Driver 337.50
NVIDIA Control Panel 337.50
NVIDIA GeForce Experience 2.0.1
NVIDIA Graphics Driver 337.50
NVIDIA HD Audio Driver 1.3.30.1
NVIDIA Install Application
NVIDIA LED Visualizer 1.0
NVIDIA Network Service
NVIDIA PhysX
NVIDIA PhysX System Software 9.13.1220
NVIDIA ShadowPlay 12.4.67
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 12.4.67
NVIDIA Update Core
NVIDIA Virtual Audio 1.2.23
OpenAL
Path of Exile
PAYDAY 2
Pinnacle Game Profiler
Plague Inc: Evolved
PlanetSide 2 Beta
Prison Architect
PunkBuster Services
Quantum Conundrum
Razer Synapse 2.0
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Remote Control USB Driver
RivaTuner Statistics Server 5.2.0
Rockstar Games Social Club
RollerCoaster Tycoon 3: Platinum!
Saints Row IV
Saitek NT Controller Drivers
Samsung CLX-3300 Series
Samsung Easy Document Creator
Samsung Easy Printer Manager
Samsung Network PC Fax
Samsung OCR Software
Samsung Printer Live Update
Samsung Scan Process Machine
Security Task Manager 1.8g
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880513) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2880515) 32-Bit Edition
Shadowrun Returns
SHIELD Streaming
Sid Meier's Civilization V
SimCity 4 Deluxe
Sins of a Solar Empire: Rebellion
Skype™ 5.10
Sleeping Dogs™
Smart Technology Programming Software 7.0.27.13
Sniper Elite
Sniper Elite V2
SNS Upload for Easy Document Creator
Source SDK
Source SDK Base 2006
Source SDK Base 2007
Space Colony HD
Space Engineers
Spacebase DF-9
SpeedFan (remove only)
Star Trek Online
Star Wars - Battlefront II
Star Wars - Jedi Knight II: Jedi Outcast
Star Wars Jedi Knight: Jedi Academy
Star Wars Republic Commando
Star Wars Starfighter
Star Wars: Empire at War Gold
Star Wars: The Force Unleashed Ultimate Sith Edition
Starbound
StarCitizen
State of Decay
Steam
SteamTool 1.1
SUPERAntiSpyware
Surgeon Simulator 2013
swMSM
Take On Mars
TeamSpeak 3 Client
TechPowerUp GPU-Z
The Elder Scrolls V: Skyrim
The Swapper
Thief Gold
THX TruStudio
Tomb Raider
Uncharted Waters Online
Unity Web Player
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2881065) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Uplay
Ventrilo Client for Windows x64
Visual C++ 2008 Runtime (x64)
VLC media player 2.0.3
War Thunder
WildStar
Windows Live ID Sign-in Assistant
WinRAR 4.20 (64-bit)
X-COM: UFO Defense
X-Mouse Button Control 2.5
XCOM: Enemy Unknown
XFast LAN v6.61
XFastUSB
.
==== Event Viewer Messages From Past Week ========
.
6/15/2014 7:54:54 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service BITS with arguments "" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097}
6/15/2014 7:48:48 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
6/15/2014 7:48:48 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
6/15/2014 7:48:47 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
6/15/2014 7:48:47 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
6/15/2014 7:48:42 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
6/15/2014 7:48:36 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache SASDIFSV SASKUTIL spldr Wanarpv6
6/15/2014 7:32:40 AM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
6/15/2014 7:27:57 AM, Error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The system cannot find the file specified.
6/15/2014 7:26:02 AM, Error: Service Control Manager [7034] - The PinnacleUpdate Service service terminated unexpectedly. It has done this 1 time(s).
6/15/2014 7:25:56 AM, Error: Service Control Manager [7000] - The Update Greener Web service failed to start due to the following error: The system cannot find the file specified.
6/14/2014 9:09:36 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache eeCtrl SASDIFSV SASKUTIL spldr Wanarpv6
6/14/2014 8:57:21 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
6/14/2014 8:55:57 PM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
6/14/2014 8:53:45 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service VSS with arguments "" in order to run the server: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
6/14/2014 8:50:26 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
6/14/2014 8:50:26 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
6/14/2014 8:50:11 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD cFosSpeed DfsC discache eeCtrl NetBIOS NetBT nsiproxy Psched rdbss SASDIFSV SASKUTIL spldr tdx Wanarpv6 WfpLwf ws2ifsl
6/14/2014 8:50:11 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
6/14/2014 8:50:11 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
6/14/2014 8:50:11 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
6/14/2014 8:50:11 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
6/14/2014 8:50:11 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
6/14/2014 8:50:11 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
6/14/2014 8:50:11 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
6/14/2014 8:50:11 PM, Error: Service Control Manager [7001] - The Network Connections service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
6/14/2014 8:50:11 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
6/14/2014 8:50:11 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
6/14/2014 8:50:11 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
6/14/2014 8:37:25 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
6/14/2014 8:33:56 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD BHDrvx64 ccSet_N360 cFosSpeed DfsC discache eeCtrl IDSVia64 NetBIOS NetBT nsiproxy Psched rdbss SASDIFSV SASKUTIL spldr SRTSPX SymIRON SymNetS tdx Wanarpv6 WfpLwf ws2ifsl
6/14/2014 5:55:41 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx64 ccSet_N360 discache eeCtrl IDSVia64 SASDIFSV SASKUTIL spldr SRTSPX SymIRON SymNetS Wanarpv6
6/14/2014 5:46:51 PM, Error: Service Control Manager [7034] - The Computer Backup (MyPC Backup) service terminated unexpectedly. It has done this 1 time(s).
6/14/2014 5:46:33 PM, Error: Service Control Manager [7031] - The Util Greener Web service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
6/14/2014 5:46:33 PM, Error: Service Control Manager [7031] - The Update Greener Web service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
6/14/2014 2:14:30 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
6/14/2014 2:13:57 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD BHDrvx64 ccSet_N360 cFosSpeed DfsC discache eeCtrl IDSVia64 NetBIOS NetBT nsiproxy Psched rdbss SASDIFSV SASKUTIL spldr SRTSPX SymIRON SymNetS tdx Wanarpv6 WfpLwf
6/14/2014 11:50:26 AM, Error: Service Control Manager [7031] - The Samsung Network Fax Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
6/12/2014 11:51:22 PM, Error: Service Control Manager [7023] - The Server service terminated with the following error: The service has not been started.
6/12/2014 11:51:22 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: A system shutdown is in progress.
6/12/2014 11:49:29 PM, Error: Service Control Manager [7030] - The NPEService service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
6/12/2014 11:40:27 PM, Error: Service Control Manager [7024] - The Windows Firewall service terminated with service-specific error Access is denied..
.
==== End Of File ===========================

Attached Files


Edited by Oh My, 19 June 2014 - 01:26 PM.
Posted Attach.txt


BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,789 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:59 AM

Posted 19 June 2014 - 01:26 PM

Greetings dahue and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that. :thumbup2:

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. While I review our situation please run the below for me.

===================================================

Farbar Recovery Scan Tool (FRST)

--------------------
  • Download Farbar Recover Scan Tool for either 32 bit or 64 bit systems and save it to your desktop
  • If you are unsure if you have 32 bit or 64 bit simply download and try one. If that doesn't run properly the other one should
  • Double click the icon
  • Click Yes to the disclaimer
  • Make sure the Addition.txt box is checked
  • Click Scan and allow the program to run
  • Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen
  • 2 Notepad documents should now be open on your desktop.
  • Please copy and paste the contents of both in your reply
===================================================

System Summary Information

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type msinfo32 and press Enter
  • Left click on System Summary
  • Click File, Save, and name the file Summary
  • Zip and attach the file to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • FRST results
  • Addition log
  • Attached System Summary Information

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#3 dahue

dahue
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:01:59 AM

Posted 19 June 2014 - 01:29 PM

Gary,

 

Thank for the help I'll run what you said when I get home from work later today and post it then.



#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,789 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:59 AM

Posted 19 June 2014 - 01:37 PM

Very good, see you then!
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 dahue

dahue
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:01:59 AM

Posted 19 June 2014 - 10:53 PM

Gary,

 

Here are the logs.  Also I'm no longer experiencing the the keyboard input lag, but have not run any scans or anything so I think the virus my be dormant if that is possible.

 

Frst:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-06-2014
Ran by Chris (administrator) on ERZAN on 19-06-2014 22:44:46
Running from C:\Users\Chris\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\spd.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\N360.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxServer64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Highresolution Enterprises) F:\Xbutton Mouse Control\XMouseButtonSvc.exe
(LogMeIn Inc.) F:\Hamachi\hamachi-2.exe
(LogMeIn, Inc.) F:\Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\N360.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() F:\EVGA Precision X\EVGAPrecision.exe
() C:\Program Files (x86)\ASRock Utility\AXTU\Bin\AsrXTU.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\cfosspeed.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Saitek) C:\Program Files\SmartTechnology\Software\ProfilerU.exe
(Saitek) C:\Program Files\SmartTechnology\Software\SaiMfd.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Highresolution Enterprises) F:\Xbutton Mouse Control\XMouseButtonControl.exe
(FNet Co., Ltd.) C:\Program Files (x86)\XFastUSB\XFastUsb.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Razer USA Ltd) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(LogMeIn Inc.) F:\Hamachi\hamachi-2-ui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(LogMeIn, Inc.) F:\Hamachi\LMIGuardianSvc.exe
() C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11855976 2011-05-18] (Realtek Semiconductor)
HKLM\...\Run: [XFast LAN] => C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe [1441152 2011-10-19] (cFos Software GmbH)
HKLM\...\Run: [THXCfg64] => C:\Windows\system32\THXCfg64.dll [26624 2011-05-13] (Creative Technology Ltd.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [456704 2012-02-20] ()
HKLM\...\Run: [ProfilerU] => C:\Program Files\SmartTechnology\Software\ProfilerU.exe [454144 2013-04-16] (Saitek)
HKLM\...\Run: [SaiMfd] => C:\Program Files\SmartTechnology\Software\SaiMfd.exe [158208 2013-04-16] (Saitek)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1225920 2014-04-30] (NVIDIA Corporation)
HKLM-x32\...\Run: [XFastUSB] => C:\Program Files (x86)\XFastUSB\XFastUsb.exe [5019360 2012-09-18] (FNet Co., Ltd.)
HKLM-x32\...\Run: [THX TruStudio NB Settings] => C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe [909824 2011-05-19] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [336304 2012-10-11] (Razer USA Ltd)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => F:\Hamachi\hamachi-2-ui.exe [3814736 2014-05-13] (LogMeIn Inc.)
HKU\S-1-5-21-2113789371-665779158-1179155372-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1754816 2014-05-29] (Valve Corporation)
HKU\S-1-5-21-2113789371-665779158-1179155372-1000\...\Run: [Logitech Vid] => C:\Program Files (x86)\Logitech\Vid HD\Vid.exe [6129496 2011-01-12] (Logitech Inc.)
HKU\S-1-5-21-2113789371-665779158-1179155372-1000\...\Run: [OpenHardwareMonitor] => F:\OpenHardwareMonitor\OpenHardwareMonitor.exe [483328 2012-10-08] ()
BootExecute: autocheck autochk * sdnclean64.exe
 
==================== Internet (Whitelisted) ====================
 
ProxyServer: localhost:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.default-search.net?sid=492&aid=205&itype=n&ver=12565&tm=378&src=hmp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xB433EC54B896CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = http://www.default-search.net/search?sid=492&aid=205&itype=n&ver=12565&tm=378&src=ds&p={searchTerms}
SearchScopes: HKCU - {36CB5085-DB2F-4E41-97A3-5B4C6FFDC3E9} URL = http://searchou.com/?q={searchTerms}&id=d45878f3000000000000bc5ff447286f&r=738
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Ant.com browser helper (video detector) - {346FDE31-DFF9-418A-90C8-BA31DC9FF2EF} - C:\Program Files (x86)\Ant.com\IE add-on\Download.dll (Ant.com)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Ant.com Video Downloader toolbar - {2E924F4F-67F0-4BD8-9560-49F468E843D2} - C:\Program Files (x86)\Ant.com\IE add-on\AntToolbar.dll (Ant.com)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {2E924F4F-67F0-4BD8-9560-49F468E843D2} -  No File
DPF: HKLM-x32 {1663ed61-23eb-11d2-b92f-008048fdd814} https://eagent.farmersinsurance.com/PLA/eAgent/eAutoTwoE/commonActiveX/smsx.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
 
FireFox:
========
FF ProfilePath: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\8pngxx4r.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.7.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Chris\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: anvisoft.com/AdblockPlugin - C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\npAdblockPlugin.dll No File
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF user.js: detected! => C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\8pngxx4r.default\user.js
FF Extension: Ant Video Downloader - C:\Program Files (x86)\Mozilla Firefox\extensions\ant_video_downloader_avec_lecteur_flv_incorpore-2.4.7.8-fx.xpi [2014-06-13]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.3.0.12\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.3.0.12\IPSFF [2014-06-15]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.3.0.12\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.3.0.12\coFFPlgn\ []
 
Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-15]
CHR Extension: (Google Drive) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-15]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-15]
CHR Extension: (YouTube) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-15]
CHR Extension: (Google Search) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-15]
CHR Extension: (AdBlock) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-06-15]
CHR Extension: (Google Wallet) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-15]
CHR Extension: (Gmail) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-15]
CHR HKLM-x32\...\Chrome\Extension: [lhmiofmipcpmhgihiecmpiekcacigpgb] - C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\chrome.crx [2014-06-15]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\Exts\Chrome.crx [2014-06-15]
 
==================== Services (Whitelisted) =================
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-07-11] (SUPERAntiSpyware.com) [File not signed]
R2 cFosSpeedS; C:\Program Files\ASRock\XFast LAN\spd.exe [395136 2011-10-19] (cFos Software GmbH)
R2 Hamachi2Svc; F:\Hamachi\hamachi-2.exe [2228048 2014-05-13] (LogMeIn Inc.)
R2 ISCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-09] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2012-02-07] (Intel Corporation)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\N360.exe [265040 2014-05-11] (Symantec Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4230040 2013-04-14] (INCA Internet Co., Ltd.) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1618888 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21009352 2014-04-30] (NVIDIA Corporation)
S2 PinnacleUpdateSvc; F:\pinnacle_updater.exe [430080 2011-05-09] (PowerUp Software, LLC) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-01-29] ()
R2 Samsung Network Fax Server; C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe [239616 2012-09-17] (Samsung Electronics Co., Ltd.) [File not signed]
R2 XMouseButton Launcher; F:\Xbutton Mouse Control\XMouseButtonSvc.exe [87040 2012-06-23] (Highresolution Enterprises) [File not signed]
S2 Update Greener Web; "C:\Program Files (x86)\Greener Web\updateGreenerWeb.exe" [X]
 
==================== Drivers (Whitelisted) ====================
 
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.3.0.12\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [1526488 2013-12-22] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1503000.00C\ccSetx64.sys [162392 2014-02-20] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-14] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-06-14] (Symantec Corporation)
S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [32320 2014-06-10] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [15936 2012-09-18] (FNet Co., Ltd.)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.3.0.12\Definitions\IPSDefs\20140224.002\IDSVia64.sys [524504 2014-02-20] (Symantec Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-01-19] ()
S3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.3.0.12\Definitions\VirusDefs\20140614.001\ENG64.SYS [126040 2014-06-14] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.3.0.12\Definitions\VirusDefs\20140614.001\EX64.SYS [2099288 2014-06-14] (Symantec Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19744 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 RTCore64; F:\EVGA Precision X\RTCore64.sys [15176 2013-07-17] ()
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [25120 2013-04-30] (Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S3 SRTSP; C:\Windows\system32\drivers\N360x64\1503000.00C\SRTSP64.SYS [875736 2014-02-12] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1503000.00C\SRTSPX64.SYS [36952 2013-10-30] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1503000.00C\SYMDS64.SYS [493656 2013-10-30] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1503000.00C\SYMEFA64.SYS [1148120 2014-03-03] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-06-15] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1503000.00C\Ironx64.SYS [264280 2013-10-30] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\N360x64\1503000.00C\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-06-19] ()
R3 AxtuDrv; \??\C:\Windows\SysWOW64\Drivers\AxtuDrv.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz137; \??\C:\Users\Chris\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-06-19 22:44 - 2014-06-19 22:44 - 00022786 _____ () C:\Users\Chris\Desktop\FRST.txt
2014-06-19 22:44 - 2014-06-19 22:44 - 00000000 ____D () C:\FRST
2014-06-19 22:43 - 2014-06-19 22:43 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-06-19 22:42 - 2014-06-19 22:42 - 02082304 _____ (Farbar) C:\Users\Chris\Desktop\FRST64.exe
2014-06-15 16:04 - 2014-06-15 16:04 - 00000222 _____ () C:\Users\Chris\Desktop\Kerbal Space Program.url
2014-06-15 11:01 - 2014-06-15 16:04 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-06-15 10:41 - 2014-06-15 10:41 - 00026995 _____ () C:\ComboFix.txt
2014-06-15 10:36 - 2014-06-15 10:41 - 00000000 ____D () C:\ComboFix
2014-06-15 10:18 - 2014-06-15 10:18 - 00022317 _____ () C:\Users\Chris\Desktop\dds.txt
2014-06-15 10:18 - 2014-06-15 10:18 - 00020529 _____ () C:\Users\Chris\Desktop\attach.txt
2014-06-15 07:58 - 2014-06-15 07:58 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2014-06-15 07:58 - 2014-06-15 07:58 - 00008222 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2014-06-15 07:58 - 2014-06-15 07:58 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2014-06-15 07:58 - 2014-06-15 07:58 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2014-06-15 07:58 - 2014-06-15 07:58 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-06-15 07:58 - 2014-06-15 07:58 - 00000000 ____D () C:\Program Files (x86)\Norton 360
2014-06-15 07:36 - 2014-06-15 07:36 - 00002255 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-15 07:36 - 2014-06-15 07:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-15 07:35 - 2014-06-19 22:43 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-15 07:35 - 2014-06-19 00:40 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-15 07:35 - 2014-06-15 07:36 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-15 07:34 - 2014-06-15 07:34 - 00918672 _____ (Google Inc.) C:\Users\Chris\Downloads\ChromeSetup.exe
2014-06-14 20:35 - 2014-06-14 20:35 - 00129227 _____ () C:\Users\Chris\Desktop\bookmarks_6_14_14.html
2014-06-14 18:00 - 2011-06-26 01:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-06-14 18:00 - 2010-11-07 12:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-06-14 18:00 - 2009-04-19 23:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-06-14 18:00 - 2000-08-30 19:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-06-14 18:00 - 2000-08-30 19:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-06-14 18:00 - 2000-08-30 19:00 - 00098816 _____ () C:\Windows\sed.exe
2014-06-14 18:00 - 2000-08-30 19:00 - 00080412 _____ () C:\Windows\grep.exe
2014-06-14 18:00 - 2000-08-30 19:00 - 00068096 _____ () C:\Windows\zip.exe
2014-06-14 17:57 - 2014-06-15 10:41 - 00000000 ____D () C:\Qoobox
2014-06-14 17:57 - 2014-06-14 18:04 - 00000000 ____D () C:\Windows\erdnt
2014-06-14 17:57 - 2014-06-14 17:57 - 05206928 ____R (Swearware) C:\Users\Chris\Downloads\ComboFix.exe
2014-06-14 11:51 - 2014-06-14 11:51 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Settings Manager
2014-06-14 11:51 - 2014-06-14 11:51 - 00000000 ____D () C:\ProgramData\systemk
2014-06-14 11:51 - 2014-06-14 11:51 - 00000000 ____D () C:\Program Files (x86)\Settings Manager
2014-06-14 02:40 - 2014-06-14 17:42 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-06-14 02:40 - 2014-06-14 02:40 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-06-14 02:39 - 2014-06-14 02:39 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Chris\Downloads\SpyHunter-Installer.exe
2014-06-14 02:37 - 2014-06-14 11:51 - 03834832 _____ (PC Tools) C:\Users\Chris\Downloads\sdsetup.exe
2014-06-14 02:35 - 2014-06-14 02:36 - 109859096 _____ (Microsoft Corporation) C:\Users\Chris\Downloads\msert.exe
2014-06-14 02:28 - 2014-06-14 17:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvisoft
2014-06-14 02:28 - 2014-06-14 17:41 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-06-14 02:28 - 2014-06-14 02:28 - 00000000 ____D () C:\ProgramData\Anvisoft
2014-06-14 02:28 - 2014-05-28 21:03 - 00048656 _____ (Anvisoft) C:\Windows\system32\Drivers\asd2fsm.sys
2014-06-14 02:26 - 2014-06-14 02:26 - 00368264 _____ (RegNow.com) C:\Users\Chris\Downloads\Download_Anvi-Smart-Defender-2.2-regnow.exe
2014-06-14 02:25 - 2014-06-14 02:25 - 00000870 _____ () C:\Users\Chris\Desktop\Absolute Key Logger Removal Tool.lnk
2014-06-14 02:25 - 2014-06-14 02:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Absolute Key Logger Removal Tool
2014-06-14 02:25 - 2013-11-05 14:38 - 01122304 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Windows\SysWOW64\libeay32.dll
2014-06-14 02:25 - 2013-11-05 14:38 - 00274432 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Windows\SysWOW64\ssleay32.dll
2014-06-14 02:25 - 2012-12-10 11:04 - 00356352 _____ (eSellerate Inc.) C:\Windows\eSellerateEngine.dll
2014-06-14 02:25 - 2012-12-10 11:04 - 00081920 _____ (eSellerate Inc.) C:\Windows\eSellerateControl350.dll
2014-06-14 02:23 - 2014-06-14 02:23 - 03249776 _____ (Security Stronghold ) C:\Users\Chris\Downloads\AbsoluteKeyLoggerRemovalTool.exe
2014-06-14 02:23 - 2014-06-14 02:23 - 00929416 _____ (CNET Download.com) C:\Users\Chris\Downloads\cbsidlm-cbsi188-Absolute_Keylogger_Removal_Tool-SEO-75447038.exe
2014-06-14 00:27 - 2014-06-14 11:50 - 00004236 _____ () C:\Users\Chris\Desktop\Rkill.txt
2014-06-14 00:13 - 2014-06-14 02:11 - 00000000 ____D () C:\AdwCleaner
2014-06-14 00:13 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-14 00:09 - 2014-06-14 00:09 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-06-14 00:08 - 2014-06-14 00:08 - 04161050 _____ () C:\Users\Chris\Downloads\tdsskiller (1).zip
2014-06-14 00:08 - 2014-06-05 11:39 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Chris\Downloads\TDSSKiller.exe
2014-06-14 00:07 - 2014-06-14 00:07 - 04161050 _____ () C:\Users\Chris\Downloads\tdsskiller.zip
2014-06-13 23:38 - 2014-06-19 22:43 - 00002576 _____ () C:\Windows\setupact.log
2014-06-13 23:38 - 2014-06-13 23:38 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-13 23:34 - 2014-06-13 23:39 - 00000000 ____D () C:\ProgramData\SecTaskMan
2014-06-13 23:34 - 2014-06-13 23:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager
2014-06-13 23:28 - 2014-06-13 23:28 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-13 23:28 - 2014-06-13 23:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-13 23:28 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-13 23:28 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-13 23:28 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-13 23:21 - 2014-06-13 23:21 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-06-13 23:14 - 2014-06-19 22:41 - 00365002 _____ () C:\Windows\PFRO.log
2014-06-13 23:12 - 2014-06-13 23:12 - 00002935 _____ () C:\Users\Chris\Desktop\HiJackThis.lnk
2014-06-13 23:12 - 2014-06-13 23:12 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2014-06-13 20:15 - 2009-06-10 16:00 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.20140613-201516.backup
2014-06-13 20:10 - 2014-06-13 20:10 - 00000000 ____D () C:\Users\Chris\Documents\ProcAlyzer Dumps
2014-06-13 19:20 - 2014-06-13 19:20 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-06-13 19:20 - 2014-06-13 19:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-06-13 19:20 - 2014-06-13 19:20 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-13 19:19 - 2014-06-13 19:19 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-06-13 18:56 - 2014-06-14 20:47 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-13 01:04 - 2014-06-13 01:04 - 00003128 _____ () C:\Windows\System32\Tasks\{2AF50B2B-230C-4AF0-BAA7-076B46ED8770}
2014-06-13 00:52 - 2014-06-13 00:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-12 23:50 - 2014-06-12 23:52 - 00000000 ____D () C:\NPE
2014-06-12 23:48 - 2014-06-12 23:59 - 00000000 ____D () C:\Users\Chris\AppData\Local\NPE
2014-06-12 23:45 - 2014-05-27 18:53 - 01188864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-12 23:45 - 2014-05-27 18:52 - 12258816 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-12 23:45 - 2014-05-27 18:52 - 09079296 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-12 23:45 - 2014-05-27 18:52 - 02457600 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-12 23:45 - 2014-05-27 18:52 - 01496576 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-12 23:45 - 2014-05-27 18:52 - 00735232 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-12 23:45 - 2014-05-27 18:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-12 23:45 - 2014-05-27 18:52 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-06-12 23:45 - 2014-05-27 18:52 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-12 23:45 - 2014-05-27 18:52 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-06-12 23:45 - 2014-05-27 18:52 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-12 23:45 - 2014-05-27 18:50 - 01538048 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-12 23:45 - 2014-05-27 18:50 - 00174592 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-12 23:45 - 2014-05-27 18:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-06-12 23:45 - 2014-05-27 18:50 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-06-12 23:45 - 2014-05-27 18:49 - 00981504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-12 23:45 - 2014-05-27 18:48 - 10992128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-12 23:45 - 2014-05-27 18:48 - 06043136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-12 23:45 - 2014-05-27 18:48 - 02078208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-12 23:45 - 2014-05-27 18:48 - 01234432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-12 23:45 - 2014-05-27 18:48 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-12 23:45 - 2014-05-27 18:48 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-12 23:45 - 2014-05-27 18:48 - 00132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-06-12 23:45 - 2014-05-27 18:48 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-12 23:45 - 2014-05-27 18:48 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-06-12 23:45 - 2014-05-27 18:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-12 23:45 - 2014-05-27 18:46 - 01466368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-12 23:45 - 2014-05-27 18:46 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-12 23:45 - 2014-05-27 18:46 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-06-12 23:45 - 2014-05-27 18:46 - 00016384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-06-12 23:45 - 2014-05-27 16:04 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-12 23:45 - 2014-05-27 15:40 - 01638912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-12 23:45 - 2014-05-08 04:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-12 23:45 - 2014-05-08 04:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-12 23:45 - 2014-04-24 21:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-12 23:45 - 2014-04-24 21:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-12 23:45 - 2014-04-04 21:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-12 23:45 - 2014-04-04 21:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-12 23:45 - 2014-03-26 09:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-12 23:45 - 2014-03-26 09:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-12 23:45 - 2014-03-26 09:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-12 23:45 - 2014-03-26 09:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-12 23:45 - 2014-03-26 09:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-12 23:45 - 2014-03-26 09:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-12 23:45 - 2014-03-26 09:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-12 23:45 - 2014-03-26 09:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-11 18:26 - 2014-06-11 18:26 - 00000000 ____D () C:\SUPERDelete
2014-06-11 18:17 - 2014-06-12 23:39 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc
2014-06-11 18:17 - 2014-06-11 18:20 - 00000000 ____D () C:\Users\Chris\AppData\Local\GitHub
2014-06-11 18:17 - 2014-06-11 18:17 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\GitHub
2014-06-11 18:16 - 2014-06-11 18:17 - 00000000 ____D () C:\Users\Chris\AppData\Local\Deployment
2014-06-11 18:16 - 2014-06-11 18:16 - 00000000 ____D () C:\Users\Chris\AppData\Local\Apps\2.0
2014-06-10 01:25 - 2014-06-10 01:25 - 00003050 _____ () C:\Windows\System32\Tasks\{7237312F-3D25-4FF0-8563-A22A724FBE1B}
2014-06-10 00:47 - 2014-06-10 00:47 - 00032320 _____ (FNet Co., Ltd.) C:\Windows\system32\Drivers\FNETTBOH_305.SYS
2014-06-05 23:01 - 2014-06-05 23:01 - 00000000 ____D () C:\ProgramData\Stardock
2014-06-05 23:01 - 2014-06-05 23:01 - 00000000 ____D () C:\ProgramData\Ironclad Games
2014-05-31 01:07 - 2014-05-31 01:07 - 00466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2014-05-31 01:07 - 2014-05-31 01:07 - 00444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2014-05-31 01:07 - 2014-05-31 01:07 - 00122904 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2014-05-31 01:07 - 2014-05-31 01:07 - 00109080 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2014-05-31 01:07 - 2014-05-31 01:07 - 00000000 ____D () C:\Program Files (x86)\OpenAL
2014-05-29 07:32 - 2014-05-29 07:32 - 00080384 _____ (Razer Inc) C:\Windows\system32\RazerCoinstaller.dll
2014-05-28 21:03 - 2014-05-28 21:03 - 00047632 _____ (Anvisoft) C:\Windows\system32\Drivers\asdids.sys
2014-05-26 16:18 - 2014-05-26 16:18 - 00000076 _____ () C:\Users\Chris\Documents\Kenshi Key.txt
2014-05-20 23:20 - 2014-06-15 10:39 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360
 
==================== One Month Modified Files and Folders =======
 
2014-06-19 22:44 - 2014-06-19 22:44 - 00022786 _____ () C:\Users\Chris\Desktop\FRST.txt
2014-06-19 22:44 - 2014-06-19 22:44 - 00000000 ____D () C:\FRST
2014-06-19 22:43 - 2014-06-19 22:43 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-06-19 22:43 - 2014-06-15 07:35 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-19 22:43 - 2014-06-13 23:38 - 00002576 _____ () C:\Windows\setupact.log
2014-06-19 22:43 - 2013-08-16 22:27 - 00119296 _____ () C:\Windows\SysWOW64\zlib.dll
2014-06-19 22:43 - 2013-06-13 23:47 - 00000000 ____D () C:\Users\Chris\AppData\Local\LogMeIn Hamachi
2014-06-19 22:43 - 2013-01-04 00:58 - 00002954 _____ () C:\Windows\System32\Tasks\AsrXTU
2014-06-19 22:43 - 2013-01-03 20:21 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-19 22:43 - 2012-09-19 18:25 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-19 22:43 - 2012-09-18 23:03 - 00034752 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2014-06-19 22:43 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-19 22:42 - 2014-06-19 22:42 - 02082304 _____ (Farbar) C:\Users\Chris\Desktop\FRST64.exe
2014-06-19 22:41 - 2014-06-13 23:14 - 00365002 _____ () C:\Windows\PFRO.log
2014-06-19 01:15 - 2012-09-18 22:53 - 01325625 _____ () C:\Windows\WindowsUpdate.log
2014-06-19 01:14 - 2014-03-20 20:14 - 00002976 _____ () C:\Windows\System32\Tasks\EVGAPrecision
2014-06-19 00:55 - 2012-09-19 18:16 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-19 00:40 - 2014-06-15 07:35 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-18 22:29 - 2009-07-13 23:45 - 00020512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-18 22:29 - 2009-07-13 23:45 - 00020512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-18 22:27 - 2009-07-14 00:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-15 16:04 - 2014-06-15 16:04 - 00000222 _____ () C:\Users\Chris\Desktop\Kerbal Space Program.url
2014-06-15 16:04 - 2014-06-15 11:01 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-06-15 10:41 - 2014-06-15 10:41 - 00026995 _____ () C:\ComboFix.txt
2014-06-15 10:41 - 2014-06-15 10:36 - 00000000 ____D () C:\ComboFix
2014-06-15 10:41 - 2014-06-14 17:57 - 00000000 ____D () C:\Qoobox
2014-06-15 10:40 - 2009-07-13 21:34 - 00000215 _____ () C:\Windows\system.ini
2014-06-15 10:39 - 2014-05-20 23:20 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360
2014-06-15 10:35 - 2012-09-19 18:35 - 00003206 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-06-15 10:34 - 2012-09-19 18:32 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2014-06-15 10:34 - 2012-09-19 18:23 - 00000000 ____D () C:\ProgramData\Norton
2014-06-15 10:18 - 2014-06-15 10:18 - 00022317 _____ () C:\Users\Chris\Desktop\dds.txt
2014-06-15 10:18 - 2014-06-15 10:18 - 00020529 _____ () C:\Users\Chris\Desktop\attach.txt
2014-06-15 07:58 - 2014-06-15 07:58 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2014-06-15 07:58 - 2014-06-15 07:58 - 00008222 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2014-06-15 07:58 - 2014-06-15 07:58 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2014-06-15 07:58 - 2014-06-15 07:58 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2014-06-15 07:58 - 2014-06-15 07:58 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-06-15 07:58 - 2014-06-15 07:58 - 00000000 ____D () C:\Program Files (x86)\Norton 360
2014-06-15 07:54 - 2012-09-19 18:32 - 00000000 ____D () C:\Users\Public\Downloads\Norton
2014-06-15 07:39 - 2012-09-19 18:07 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\vlc
2014-06-15 07:36 - 2014-06-15 07:36 - 00002255 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-15 07:36 - 2014-06-15 07:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-15 07:36 - 2014-06-15 07:35 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-15 07:36 - 2012-09-19 18:15 - 00000000 ____D () C:\Users\Chris\AppData\Local\Google
2014-06-15 07:35 - 2013-04-13 19:01 - 00003892 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-15 07:35 - 2013-04-13 19:01 - 00003640 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-15 07:34 - 2014-06-15 07:34 - 00918672 _____ (Google Inc.) C:\Users\Chris\Downloads\ChromeSetup.exe
2014-06-14 20:47 - 2014-06-13 18:56 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-14 20:36 - 2012-09-18 22:52 - 00001443 _____ () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-14 20:35 - 2014-06-14 20:35 - 00129227 _____ () C:\Users\Chris\Desktop\bookmarks_6_14_14.html
2014-06-14 18:09 - 2014-04-22 18:47 - 00000000 ____D () C:\Users\dub_cm_auto
2014-06-14 18:08 - 2012-09-19 23:17 - 00000000 ____D () C:\Users\Chris\AppData\Local\CrashDumps
2014-06-14 18:04 - 2014-06-14 17:57 - 00000000 ____D () C:\Windows\erdnt
2014-06-14 17:57 - 2014-06-14 17:57 - 05206928 ____R (Swearware) C:\Users\Chris\Downloads\ComboFix.exe
2014-06-14 17:43 - 2014-06-14 02:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvisoft
2014-06-14 17:42 - 2014-06-14 02:40 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-06-14 17:41 - 2014-06-14 02:28 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-06-14 11:51 - 2014-06-14 11:51 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Settings Manager
2014-06-14 11:51 - 2014-06-14 11:51 - 00000000 ____D () C:\ProgramData\systemk
2014-06-14 11:51 - 2014-06-14 11:51 - 00000000 ____D () C:\Program Files (x86)\Settings Manager
2014-06-14 11:51 - 2014-06-14 02:37 - 03834832 _____ (PC Tools) C:\Users\Chris\Downloads\sdsetup.exe
2014-06-14 11:50 - 2014-06-14 00:27 - 00004236 _____ () C:\Users\Chris\Desktop\Rkill.txt
2014-06-14 02:40 - 2014-06-14 02:40 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-06-14 02:39 - 2014-06-14 02:39 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Chris\Downloads\SpyHunter-Installer.exe
2014-06-14 02:36 - 2014-06-14 02:35 - 109859096 _____ (Microsoft Corporation) C:\Users\Chris\Downloads\msert.exe
2014-06-14 02:28 - 2014-06-14 02:28 - 00000000 ____D () C:\ProgramData\Anvisoft
2014-06-14 02:28 - 2013-01-03 22:42 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\GetRightToGo
2014-06-14 02:26 - 2014-06-14 02:26 - 00368264 _____ (RegNow.com) C:\Users\Chris\Downloads\Download_Anvi-Smart-Defender-2.2-regnow.exe
2014-06-14 02:25 - 2014-06-14 02:25 - 00000870 _____ () C:\Users\Chris\Desktop\Absolute Key Logger Removal Tool.lnk
2014-06-14 02:25 - 2014-06-14 02:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Absolute Key Logger Removal Tool
2014-06-14 02:23 - 2014-06-14 02:23 - 03249776 _____ (Security Stronghold ) C:\Users\Chris\Downloads\AbsoluteKeyLoggerRemovalTool.exe
2014-06-14 02:23 - 2014-06-14 02:23 - 00929416 _____ (CNET Download.com) C:\Users\Chris\Downloads\cbsidlm-cbsi188-Absolute_Keylogger_Removal_Tool-SEO-75447038.exe
2014-06-14 02:11 - 2014-06-14 00:13 - 00000000 ____D () C:\AdwCleaner
2014-06-14 02:05 - 2009-07-14 00:08 - 00032600 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-06-14 00:09 - 2014-06-14 00:09 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-06-14 00:08 - 2014-06-14 00:08 - 04161050 _____ () C:\Users\Chris\Downloads\tdsskiller (1).zip
2014-06-14 00:07 - 2014-06-14 00:07 - 04161050 _____ () C:\Users\Chris\Downloads\tdsskiller.zip
2014-06-13 23:39 - 2014-06-13 23:34 - 00000000 ____D () C:\ProgramData\SecTaskMan
2014-06-13 23:38 - 2014-06-13 23:38 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-13 23:34 - 2014-06-13 23:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager
2014-06-13 23:29 - 2012-09-19 18:26 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-06-13 23:28 - 2014-06-13 23:28 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-13 23:28 - 2014-06-13 23:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-13 23:28 - 2012-09-19 18:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-13 23:21 - 2014-06-13 23:21 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-06-13 23:12 - 2014-06-13 23:12 - 00002935 _____ () C:\Users\Chris\Desktop\HiJackThis.lnk
2014-06-13 23:12 - 2014-06-13 23:12 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2014-06-13 20:10 - 2014-06-13 20:10 - 00000000 ____D () C:\Users\Chris\Documents\ProcAlyzer Dumps
2014-06-13 19:22 - 2013-05-11 03:19 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\BitTorrent
2014-06-13 19:22 - 2012-09-19 01:46 - 00000000 ____D () C:\Windows\Panther
2014-06-13 19:20 - 2014-06-13 19:20 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-06-13 19:20 - 2014-06-13 19:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-06-13 19:20 - 2014-06-13 19:20 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-13 19:19 - 2014-06-13 19:19 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-06-13 18:46 - 2013-07-15 23:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-13 01:04 - 2014-06-13 01:04 - 00003128 _____ () C:\Windows\System32\Tasks\{2AF50B2B-230C-4AF0-BAA7-076B46ED8770}
2014-06-13 00:52 - 2014-06-13 00:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-12 23:59 - 2014-06-12 23:48 - 00000000 ____D () C:\Users\Chris\AppData\Local\NPE
2014-06-12 23:58 - 2012-10-29 19:57 - 00000000 ____D () C:\Users\Administrator
2014-06-12 23:52 - 2014-06-12 23:50 - 00000000 ____D () C:\NPE
2014-06-12 23:48 - 2013-07-13 15:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-12 23:47 - 2012-09-23 17:17 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-12 23:47 - 2012-09-20 01:40 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-12 23:46 - 2012-09-19 20:14 - 00000000 ____D () C:\Program Files (x86)\Razer
2014-06-12 23:40 - 2012-09-18 22:52 - 00000000 ____D () C:\Users\Chris
2014-06-12 23:39 - 2014-06-11 18:17 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc
2014-06-12 23:39 - 2012-09-19 18:05 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Ventrilo
2014-06-12 23:39 - 2012-09-18 23:03 - 00000000 ____D () C:\ProgramData\FNET
2014-06-12 23:39 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\registration
2014-06-12 23:39 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\AppCompat
2014-06-12 23:39 - 2009-07-13 22:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-06-11 18:26 - 2014-06-11 18:26 - 00000000 ____D () C:\SUPERDelete
2014-06-11 18:20 - 2014-06-11 18:17 - 00000000 ____D () C:\Users\Chris\AppData\Local\GitHub
2014-06-11 18:17 - 2014-06-11 18:17 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\GitHub
2014-06-11 18:17 - 2014-06-11 18:16 - 00000000 ____D () C:\Users\Chris\AppData\Local\Deployment
2014-06-11 18:16 - 2014-06-11 18:16 - 00000000 ____D () C:\Users\Chris\AppData\Local\Apps\2.0
2014-06-10 01:25 - 2014-06-10 01:25 - 00003050 _____ () C:\Windows\System32\Tasks\{7237312F-3D25-4FF0-8563-A22A724FBE1B}
2014-06-10 00:47 - 2014-06-10 00:47 - 00032320 _____ (FNet Co., Ltd.) C:\Windows\system32\Drivers\FNETTBOH_305.SYS
2014-06-09 10:58 - 2013-05-19 20:29 - 00000000 ____D () C:\Users\Chris\Documents\Scan
2014-06-09 10:47 - 2013-05-09 18:41 - 00000072 _____ () C:\Users\Public\LMDebug.log
2014-06-07 14:04 - 2013-07-15 23:56 - 00000000 ____D () C:\Users\Chris\AppData\Local\Mozilla
2014-06-05 23:03 - 2012-09-20 23:07 - 00000000 ____D () C:\Users\Chris\Documents\my games
2014-06-05 23:01 - 2014-06-05 23:01 - 00000000 ____D () C:\ProgramData\Stardock
2014-06-05 23:01 - 2014-06-05 23:01 - 00000000 ____D () C:\ProgramData\Ironclad Games
2014-06-05 11:39 - 2014-06-14 00:08 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Chris\Downloads\TDSSKiller.exe
2014-06-02 00:15 - 2012-09-19 18:27 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Skype
2014-05-31 01:07 - 2014-05-31 01:07 - 00466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2014-05-31 01:07 - 2014-05-31 01:07 - 00444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2014-05-31 01:07 - 2014-05-31 01:07 - 00122904 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2014-05-31 01:07 - 2014-05-31 01:07 - 00109080 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2014-05-31 01:07 - 2014-05-31 01:07 - 00000000 ____D () C:\Program Files (x86)\OpenAL
2014-05-29 07:32 - 2014-05-29 07:32 - 00080384 _____ (Razer Inc) C:\Windows\system32\RazerCoinstaller.dll
2014-05-28 21:03 - 2014-06-14 02:28 - 00048656 _____ (Anvisoft) C:\Windows\system32\Drivers\asd2fsm.sys
2014-05-28 21:03 - 2014-05-28 21:03 - 00047632 _____ (Anvisoft) C:\Windows\system32\Drivers\asdids.sys
2014-05-27 18:53 - 2014-06-12 23:45 - 01188864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-27 18:52 - 2014-06-12 23:45 - 12258816 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-27 18:52 - 2014-06-12 23:45 - 09079296 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-27 18:52 - 2014-06-12 23:45 - 02457600 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-27 18:52 - 2014-06-12 23:45 - 01496576 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-27 18:52 - 2014-06-12 23:45 - 00735232 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-27 18:52 - 2014-06-12 23:45 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-27 18:52 - 2014-06-12 23:45 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-05-27 18:52 - 2014-06-12 23:45 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-27 18:52 - 2014-06-12 23:45 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-05-27 18:52 - 2014-06-12 23:45 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-27 18:50 - 2014-06-12 23:45 - 01538048 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-27 18:50 - 2014-06-12 23:45 - 00174592 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-27 18:50 - 2014-06-12 23:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-05-27 18:50 - 2014-06-12 23:45 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-05-27 18:49 - 2014-06-12 23:45 - 00981504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-27 18:48 - 2014-06-12 23:45 - 10992128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-27 18:48 - 2014-06-12 23:45 - 06043136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-27 18:48 - 2014-06-12 23:45 - 02078208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-27 18:48 - 2014-06-12 23:45 - 01234432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-27 18:48 - 2014-06-12 23:45 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-27 18:48 - 2014-06-12 23:45 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-27 18:48 - 2014-06-12 23:45 - 00132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-05-27 18:48 - 2014-06-12 23:45 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-27 18:48 - 2014-06-12 23:45 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-05-27 18:48 - 2014-06-12 23:45 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-27 18:46 - 2014-06-12 23:45 - 01466368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-27 18:46 - 2014-06-12 23:45 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-27 18:46 - 2014-06-12 23:45 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-05-27 18:46 - 2014-06-12 23:45 - 00016384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-05-27 16:04 - 2014-06-12 23:45 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-27 15:40 - 2014-06-12 23:45 - 01638912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-26 16:18 - 2014-05-26 16:18 - 00000076 _____ () C:\Users\Chris\Documents\Kenshi Key.txt
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-06-08 12:22
 
==================== End Of Log ============================
 
Addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-06-2014
Ran by Chris at 2014-06-19 22:45:04
Running from C:\Users\Chris\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Norton 360 Premier Edition (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton 360 Premier Edition (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
FW: Norton 360 Premier Edition (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
 
==================== Installed Programs ======================
 
Absolute Key Logger Removal Tool (HKLM-x32\...\Absolute Key Logger Removal Tool_is1) (Version: build_1.0.0.155_rev_3434_date_12:01:28 10-04-14 - Security Stronghold)
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.0.4990 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.0.8.4990 - Adobe Systems Inc.) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.7.637 - Adobe Systems, Inc.)
Anno 2070 (HKLM-x32\...\Steam App 48240) (Version:  - BlueByte / related Design)
Ant.com IE add-on (HKLM-x32\...\{B905CAA1-D6FF-4D21-8858-F8C610491C0B}) (Version: 2.2.4.1076 - Ant.com)
Antichamber (HKLM-x32\...\Steam App 219890) (Version:  - Alexander Bruce)
ASRock eXtreme Tuner v0.1.210 (HKLM-x32\...\ASRock eXtreme Tuner_is1) (Version:  - )
ASRock InstantBoot v1.26 (HKLM-x32\...\ASRock InstantBoot_is1) (Version:  - )
ASRock SmartConnect v1.0.6 (HKLM\...\ASRock SmartConnect_is1) (Version:  - ASRock Inc.)
Assassin’s Creed® III (HKLM-x32\...\Steam App 208480) (Version:  - Ubisoft Montreal)
Assassin's Creed IV Black Flag (HKLM-x32\...\Steam App 242050) (Version:  - Ubisoft Montreal)
Assassin's Creed® III v1.02 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.02 - Ubisoft)
Banished (HKLM-x32\...\Steam App 242920) (Version:  - Shining Rock Software LLC)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
BitTorrent (HKLM-x32\...\BitTorrent) (Version: 7.8.0.29626 - BitTorrent Inc.)
CameraHelperMsi (x32 Version: 13.50.854.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
CCVI Driver x64 (x32 Version: 0.1.0000 - Asetek Inc.) Hidden
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version:  - )
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
CPUID CPU-Z 1.69.2 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CPUID HWMonitor 1.25 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Crusader Kings II (HKLM-x32\...\Steam App 203770) (Version:  - Paradox)
Crysis 2 Maximum Edition (HKLM-x32\...\Steam App 108800) (Version:  - Crytek Studios)
Cube World version 0.0.1 (HKLM-x32\...\{D692A0E0-1BBB-4E9C-826E-4254EE330830}_is1) (Version: 0.0.1 - Picroma)
Darksiders II (HKLM-x32\...\Steam App 50650) (Version:  - Vigil Games)
Deadpool (HKLM-x32\...\Steam App 224060) (Version:  - High Moon Studios)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dungeon Keeper 2 (HKLM-x32\...\GOGPACKDUNGEONKEEPER2_is1) (Version: 2.0.0.32 - GOG.com)
Dungeon Keeper Gold (HKLM-x32\...\GOGPACKDUNGEONKEEPER_is1) (Version: 2.0.0.4 - GOG.com)
Dust: An Elysian Tail (HKLM-x32\...\Steam App 236090) (Version:  - Humble Hearts LLC)
Endless Space (HKLM-x32\...\Steam App 208140) (Version:  - Amplitude Studios)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.96 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.96 - Etron Technology) Hidden
EVGA OC Scanner X 3.4.0 (64-bit) (HKLM\...\{CC520CF6-B02E-49AA-8192-C1DDC159E0AA}}_is1) (Version:  - EVGA)
EVGA Precision X 4.2.1 (HKLM-x32\...\PrecisionX) (Version: 4.2.1 - EVGA Corporation)
Evil Genius (HKLM-x32\...\Steam App 3720) (Version:  - Elixir Studios)
Fallout (HKLM-x32\...\GOGPACKFALLOUT_is1) (Version: 2.0.0.14 - GOG.com)
Fallout 2 (HKLM-x32\...\GOGPACKFALLOUT2_is1) (Version: 2.0.0.12 - GOG.com)
Fallout Tactics (HKLM-x32\...\GOGPACKFALLOUTTACTICS_is1) (Version: 2.0.0.8 - GOG.com)
Fan Control Software (HKLM-x32\...\{BDB786AF-6DFE-427F-9BAC-7291CA9F5A1B}) (Version: 1.0.0001 - Thermaltake)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - )
Giana Sisters: Twisted Dreams (HKLM-x32\...\Steam App 223220) (Version:  - Black Forest Games)
Goat Simulator (HKLM-x32\...\Steam App 265930) (Version:  - Coffee Stain Studios)
Godus (HKLM-x32\...\Steam App 232810) (Version:  - )
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
GOG.com Dungeon Keeper 2 (HKLM\...\{b6462b67-caf5-4a74-99df-cc2811bd1957}.sdb) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Guacamelee! Gold Edition (HKLM-x32\...\Steam App 214770) (Version:  - DrinkBox Studios)
Guns of Icarus Online (HKLM-x32\...\Steam App 209080) (Version:  - Muse Games)
Hammerwatch (HKLM-x32\...\Steam App 239070) (Version:  - )
HAWKEN (HKLM-x32\...\Steam App 271290) (Version:  - Adhesive Games)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel® Smart Connect Technology 2.0 x64 (HKLM\...\{D1B033E8-A077-4B0D-9831-5798E19E861E}) (Version: 2.0.1083.0 - Intel)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Java 7 Update 7 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417007FF}) (Version: 7.0.70 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version:  - Avalanche Studios)
Kenshi (HKLM-x32\...\Steam App 233860) (Version:  - Lo-Fi Games)
Kerbal Space Program (HKLM-x32\...\Steam App 220200) (Version:  - Squad)
L.A. Noire (HKLM-x32\...\Steam App 110800) (Version:  - Rockstar)
Logitech Harmony Remote Software 7 (HKLM-x32\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
Logitech Harmony Remote Software 7 (x32 Version: 7.7.0.0 - Logitech) Hidden
Logitech Vid HD (HKLM-x32\...\Logitech Vid) (Version: 7.2 (7248) - Logitech Inc..)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.31 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.193 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.193 - LogMeIn, Inc.) Hidden
LWS Facebook (x32 Version: 13.50.854.0 - Logitech) Hidden
LWS Gallery (x32 Version: 13.50.854.0 - Logitech) Hidden
LWS Help_main (x32 Version: 13.50.862.0 - Logitech) Hidden
LWS Launcher (x32 Version: 13.50.859.0 - Logitech) Hidden
LWS Motion Detection (x32 Version: 13.30.1395.0 - Logitech) Hidden
LWS Pictures And Video (x32 Version: 13.50.861.0 - Logitech) Hidden
LWS Twitter (x32 Version: 13.30.1346.0 - Logitech) Hidden
LWS Video Mask Maker (x32 Version: 13.30.1379.0 - Logitech) Hidden
LWS VideoEffects (Version: 13.30.1379.0 - Logitech) Hidden
LWS Webcam Software (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS WLM Plugin (x32 Version: 1.30.1201.0 - Logitech) Hidden
LWS YouTube Plugin (x32 Version: 13.31.1038.0 - Logitech) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.0.0.1047 - Marvell)
MechWarrior Online (HKCU\...\{74d11f91-05cc-44f6-8e49-94fe7f33c79b}) (Version: 1.2.0.0 - Piranha Games Inc.)
MechWarrior Online (x32 Version: 1.2.0.0 - Piranha Games Inc.) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Flight (HKLM-x32\...\Steam App 203850) (Version:  - Microsoft Studios)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Small Business 2007 (HKLM-x32\...\SMALLBUSINESSR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Small Business 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Monaco (HKLM-x32\...\Steam App 113020) (Version:  - Pocketwatch Games)
Mozilla Firefox 29.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 en-US)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSI Afterburner 2.3.1 (HKLM-x32\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD)
My Game Long Name (HKLM\...\UDK-396c04d3-3c1c-43fa-8dbf-9e054364eda5) (Version:  - Epic Games, Inc.)
Neverwinter (HKLM-x32\...\Neverwinter) (Version:  - Cryptic Studios)
Neverwinter Nights 2 Complete (HKLM-x32\...\GOGPACKNWN2COMPLETE_is1) (Version: 2.1.0.6 - GOG.com)
Norton 360 (HKLM-x32\...\N360) (Version: 21.3.0.12 - Symantec Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5 - Notepad++ Team)
NVIDIA 3D Vision Controller Driver 337.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.50 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 337.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.50 - NVIDIA Corporation)
NVIDIA Control Panel 337.50 (Version: 337.50 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 337.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.50 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.151.1095 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 0.10.0.22397 - Grinding Gear Games)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
Pinnacle Game Profiler (HKLM-x32\...\{49BF48CC-ABB6-4795-9B35-B5DE005D8612}) (Version: 5.0.0 - )
Plague Inc: Evolved (HKLM-x32\...\Steam App 246620) (Version:  - Ndemic Creations)
PlanetSide 2 Beta (HKCU\...\SOE-PlanetSide 2 Beta) (Version:  - Sony Online Entertainment)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version:  - Introversion Software)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Quantum Conundrum (HKLM-x32\...\Steam App 200010) (Version:  - Airtight Games)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.5.18 - Razer USA Ltd.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.44.421.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6378 - Realtek Semiconductor Corp.)
Remote Control USB Driver (HKLM-x32\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
RivaTuner Statistics Server 5.2.0 (HKLM-x32\...\RTSS) (Version: 5.2.0 - Unwinder)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.6 - Rockstar Games)
RollerCoaster Tycoon 3: Platinum! (HKLM-x32\...\Steam App 2700) (Version:  - Frontier)
Saints Row IV (HKLM-x32\...\Steam App 206420) (Version:  - Deep Silver Volition)
Saitek NT Controller Drivers (HKLM-x32\...\{3A9E0E2F-B0D1-452B-B833-7A7300EA1231}) (Version:  - )
Samsung CLX-3300 Series (HKLM-x32\...\Samsung CLX-3300 Series) (Version: 1.06 (10/16/2012) - Samsung Electronics Co., Ltd.)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.04.12 (9/5/2012) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.02.70.02(9/21/2012) - Samsung Electronics Co., Ltd.)
Samsung Network PC Fax (HKLM-x32\...\Samsung Network PC Fax) (Version: 1.06.34 (9/4/2012) - Samsung Electronics Co., Ltd.)
Samsung OCR Software (HKLM-x32\...\Samsung OCR Software) (Version: 1.00.05 (7/10/2012) - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (x32 Version: 1.00.20.03 - Samsung Electronics Co., Ltd.) Hidden
Security Task Manager 1.8g (HKLM-x32\...\Security Task Manager) (Version: 1.8g - Neuber Software)
Shadowrun Returns (HKLM-x32\...\Steam App 234650) (Version:  - Harebrained Schemes)
SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Civilization V) (Version:  - 2K Games, Inc.)
SimCity 4 Deluxe (HKLM-x32\...\{A7A34FC9-DF24-4A36-00AD-D4EFE94CC116}) (Version:  - )
Sins of a Solar Empire: Rebellion (HKLM-x32\...\Steam App 204880) (Version:  - Ironclad Games)
Skype™ 5.10 (HKLM-x32\...\{1845470B-EB14-4ABC-835B-E36C693DC07D}) (Version: 5.10.116 - Skype Technologies S.A.)
Sleeping Dogs™ (HKLM-x32\...\Steam App 202170) (Version:  - United Front Games)
Smart Technology Programming Software 7.0.27.13 (HKLM\...\{BD90BC1C-115D-47E1-B85C-07AE182C3AB8}) (Version: 7.0.27.13 - Mad Catz)
Sniper Elite (HKLM-x32\...\Steam App 3700) (Version:  - Rebellion)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version:  - Rebellion)
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
Source SDK (HKLM-x32\...\Steam App 211) (Version:  - Valve)
Source SDK Base 2006 (HKLM-x32\...\Steam App 215) (Version:  - Valve)
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version:  - Valve)
Space Colony HD (HKLM-x32\...\GOGPACKSPACECOLONYHD_is1) (Version: 2.0.0.5 - GOG.com)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version:  - )
Space Run (HKLM-x32\...\Steam App 275670) (Version:  - Passtech Games)
Spacebase DF-9 (HKLM-x32\...\Steam App 246090) (Version:  - Double Fine Productions)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Star Trek Online (HKLM-x32\...\Star Trek Online) (Version:  - Cryptic Studios)
Star Wars - Battlefront II (HKLM-x32\...\Steam App 6060) (Version:  - Pandemic Studios)
Star Wars - Jedi Knight II: Jedi Outcast (HKLM-x32\...\Steam App 6030) (Version:  - Raven Software)
Star Wars Jedi Knight: Jedi Academy (HKLM-x32\...\Steam App 6020) (Version:  - Raven Software)
Star Wars Republic Commando (HKLM-x32\...\Steam App 6000) (Version:  - LucasArts)
Star Wars Starfighter (HKLM-x32\...\Steam App 32350) (Version:  - LucasArts)
Star Wars: Empire at War Gold (HKLM-x32\...\Steam App 32470) (Version:  - Petroglyph)
Star Wars: The Force Unleashed Ultimate Sith Edition (HKLM-x32\...\Steam App 32430) (Version:  - LucasArts)
Starbound (HKLM-x32\...\Steam App 211820) (Version:  - )
StarCitizen (HKLM-x32\...\StarCitizen) (Version: 1.0 - Cloud Imperium Games)
State of Decay (HKLM-x32\...\Steam App 241540) (Version:  - Undead Labs)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SteamTool 1.1 (HKLM-x32\...\{B442D7D6-5153-4DBC-954D-BFFAACACDFDC}_is1) (Version: 1.1 - Stefan Jones)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.5.1016 - SUPERAntiSpyware.com)
Surgeon Simulator 2013 (HKLM-x32\...\Steam App 233720) (Version:  - Bossa Studios)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Take On Mars (HKLM-x32\...\Steam App 244030) (Version:  - Bohemia Interactive)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.6 - TeamSpeak Systems GmbH)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - )
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Swapper (HKLM-x32\...\Steam App 231160) (Version:  - Olli Harjola, Otto Hantula, Tom Jubert, Carlo Castellano)
Thief Gold (HKLM-x32\...\Steam App 211600) (Version:  - Looking Glass Studios)
THX TruStudio (HKLM-x32\...\{AFB907F5-C0E6-4753-8284-DE955EF86AC2}) (Version: 1.00.01 - Creative Technology Limited)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version:  - Crystal Dynamics)
Uncharted Waters Online (HKLM-x32\...\Steam App 224320) (Version:  - TECMO KOEI GAMES)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_SMALLBUSINESSR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2881065) 32-Bit Edition (HKLM-x32\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{B7EF38F7-1D58-4085-A9A4-0F6C69A5AA1E}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
Visual C++ 2008 Runtime (x64) (x32 Version: 1.0.1 - Highresolution Enterprises) Hidden
VLC media player 2.0.3 (HKLM-x32\...\VLC media player) (Version: 2.0.3 - VideoLAN)
War Thunder (HKLM-x32\...\Steam App 236390) (Version:  - Gaijin Entertainment)
WildStar (HKLM-x32\...\WildStar) (Version:  - NCSOFT)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version:  - Firaxis Games)
X-COM: UFO Defense (HKLM-x32\...\Steam App 7760) (Version:  - MicroProse Software, Inc)
XFast LAN v6.61 (HKLM\...\XFast LAN) (Version: 6.61 - cFos Software GmbH, Bonn)
XFastUSB (HKLM-x32\...\XFastUSB) (Version: 3.02.30 - ASRock Inc.)
X-Mouse Button Control 2.5 (HKLM-x32\...\X-Mouse Button Control) (Version: 2.5 - Highresolution Enterprises)
 
==================== Restore Points  =========================
 
13-06-2014 04:57:34 Norton_Power_Eraser_20140612235734270
14-06-2014 04:12:16 Installed HiJackThis
14-06-2014 07:28:30 Device Driver Package Install: Anvisoft Network Service
14-06-2014 07:40:24 Installed SpyHunter
14-06-2014 22:42:25 Removed SpyHunter
 
==================== Hosts content: ==========================
 
2009-07-13 21:34 - 2014-06-14 20:56 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {16A35E89-E199-414C-BB94-34A43EB04807} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {3045988C-7F0E-48E4-AD2A-62C14131C7A0} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {41E3E5E7-B1D4-4EF7-BD3D-A0B6474F7A19} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2113789371-665779158-1179155372-1000Core => C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {55C38ADD-1AA4-48A9-852B-FA59B1F10980} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {696D4929-C8E7-4F96-98C3-819A49AE4F2E} - System32\Tasks\EVGAPrecision => F:\EVGA Precision X\EVGAPrecision.exe [2013-07-17] ()
Task: {7827EBC6-64FA-4207-88E1-FD11AC93256C} - System32\Tasks\AsrXTU => C:\Program Files (x86)\ASRock Utility\AXTU\Bin\AsrXTU.exe [2012-04-17] ()
Task: {82B98D57-2D97-490F-A751-EEE01F261E26} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-15] (Google Inc.)
Task: {92E51D3E-875B-4338-AD36-52493E1E650A} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\WSCStub.exe [2014-05-10] (Symantec Corporation)
Task: {B73C8D13-F4A7-4F33-84B6-E5BCC8B400E1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated)
Task: {B84027AA-A917-4056-8AB7-9126B1B4347F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2113789371-665779158-1179155372-1000UA => C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {BBB4FD45-4979-44C2-824A-C17237E10A8D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-15] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-04-21 01:11 - 2014-03-26 21:11 - 00118728 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-05-09 18:38 - 2012-01-09 06:47 - 00034304 _____ () C:\Windows\System32\sst7clm.dll
2013-05-09 18:39 - 2012-01-09 08:58 - 00034304 _____ () C:\Windows\System32\sst7ylm.dll
2012-02-09 16:26 - 2012-02-09 16:26 - 00133632 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
2012-02-09 16:26 - 2012-02-09 16:26 - 00048128 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\NetworkHeuristic.dll
2012-02-09 16:26 - 2012-02-09 16:26 - 00036864 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\ISCTNetDetect.dll
2013-01-04 02:12 - 2014-01-29 00:46 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-07-17 19:28 - 2013-07-17 19:28 - 00627016 _____ () F:\EVGA Precision X\EVGAPrecision.exe
2012-09-18 23:03 - 2012-04-17 19:52 - 08463656 _____ () C:\Program Files (x86)\ASRock Utility\AXTU\Bin\AsrXTU.exe
2013-05-09 18:38 - 2014-04-11 10:34 - 01252864 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\sst7cdu.dll
2013-05-09 18:38 - 2012-09-19 06:35 - 01581568 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\smx330pu.dll
2013-05-09 18:39 - 2012-09-20 04:56 - 01212928 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\sst7ydu.dll
2012-09-18 23:04 - 2011-05-19 09:58 - 00246784 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL
2012-02-20 22:23 - 2012-02-20 22:23 - 00456704 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2012-02-20 22:23 - 2012-02-20 22:23 - 00051200 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2011-11-11 14:07 - 2011-11-11 14:07 - 00265240 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2011-08-12 12:19 - 2011-08-12 12:19 - 00680984 _____ () C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
2013-05-15 11:49 - 2013-05-15 11:49 - 00071680 _____ () F:\EVGA Precision X\RTMUI.dll
2013-05-15 11:48 - 2013-05-15 11:48 - 00056832 _____ () F:\EVGA Precision X\RTFC.dll
2013-05-15 11:49 - 2013-05-15 11:49 - 00216064 _____ () F:\EVGA Precision X\RTCore.dll
2013-05-15 11:49 - 2013-05-15 11:49 - 00127488 _____ () F:\EVGA Precision X\RTUI.dll
2013-05-15 11:49 - 2013-05-15 11:49 - 00587776 _____ () F:\EVGA Precision X\RTHAL.dll
2012-09-18 23:03 - 2012-02-24 10:53 - 00094208 _____ () C:\Program Files (x86)\ASRock Utility\AXTU\Bin\IccLibDll.DLL
2014-05-21 17:45 - 2014-04-29 19:08 - 01135104 _____ () C:\Program Files (x86)\Steam\libavcodec-55.dll
2014-04-22 18:36 - 2014-04-29 19:08 - 00471552 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll
2014-05-21 17:45 - 2014-04-29 19:08 - 00404992 _____ () C:\Program Files (x86)\Steam\libavformat-55.dll
2014-01-08 18:56 - 2014-04-29 19:08 - 00340992 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2013-03-12 17:10 - 2014-05-16 20:36 - 00756224 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-05-21 17:45 - 2014-05-29 12:37 - 02139840 _____ () C:\Program Files (x86)\Steam\video.dll
2014-05-21 17:45 - 2014-04-28 19:37 - 00519168 _____ () C:\Program Files (x86)\Steam\libswscale-2.dll
2012-09-19 18:28 - 2014-05-29 12:36 - 01116864 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2012-09-19 18:28 - 2014-05-01 18:35 - 20628160 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2012-09-19 18:28 - 2013-06-14 18:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2012-09-19 18:28 - 2013-06-14 18:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2012-09-19 18:28 - 2013-06-14 18:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2009-04-09 18:04 - 2009-04-09 18:04 - 02141008 _____ () C:\Program Files (x86)\Logitech\Vid HD\QtCore4.dll
2009-03-03 17:17 - 2009-03-03 17:17 - 07704400 _____ () C:\Program Files (x86)\Logitech\Vid HD\QtGui4.dll
2009-04-22 16:53 - 2009-04-22 16:53 - 00969040 _____ () C:\Program Files (x86)\Logitech\Vid HD\QtNetwork4.dll
2009-03-03 17:17 - 2009-03-03 17:17 - 00475472 _____ () C:\Program Files (x86)\Logitech\Vid HD\QtOpenGL4.dll
2009-03-03 17:17 - 2009-03-03 17:17 - 00363856 _____ () C:\Program Files (x86)\Logitech\Vid HD\QtXml4.dll
2009-03-03 17:17 - 2009-03-03 17:17 - 00200016 _____ () C:\Program Files (x86)\Logitech\Vid HD\QtSql4.dll
2011-01-12 20:55 - 2011-01-12 20:55 - 00027472 _____ () C:\Program Files (x86)\Logitech\Vid HD\SDL.dll
2009-03-03 17:17 - 2009-03-03 17:17 - 11311952 _____ () C:\Program Files (x86)\Logitech\Vid HD\QtWebKit4.dll
2009-03-03 17:17 - 2009-03-03 17:17 - 00291664 _____ () C:\Program Files (x86)\Logitech\Vid HD\phonon4.dll
2011-01-12 20:57 - 2011-01-12 20:57 - 00751616 _____ () C:\Program Files (x86)\Logitech\Vid HD\vpxmd.dll
2009-03-03 17:18 - 2009-03-03 17:18 - 00029008 _____ () C:\Program Files (x86)\Logitech\Vid HD\plugins\imageformats\qgif4.dll
2009-03-03 17:18 - 2009-03-03 17:18 - 00035152 _____ () C:\Program Files (x86)\Logitech\Vid HD\plugins\imageformats\qico4.dll
2009-03-03 17:18 - 2009-03-03 17:18 - 00138064 _____ () C:\Program Files (x86)\Logitech\Vid HD\plugins\imageformats\qjpeg4.dll
2012-01-18 01:43 - 2012-01-18 01:43 - 00183320 _____ () C:\Program Files (x86)\Common Files\logishrd\SharedBin\LVAPI11.dll
2011-03-01 23:14 - 2011-03-01 23:14 - 02143576 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2011-03-01 23:14 - 2011-03-01 23:14 - 07954776 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2011-03-01 23:15 - 2011-03-01 23:15 - 00340824 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2011-03-01 23:15 - 2011-03-01 23:15 - 00027480 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2011-03-01 23:15 - 2011-03-01 23:15 - 00126808 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2012-07-23 15:10 - 2012-07-23 15:10 - 00336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
2014-06-15 07:36 - 2014-06-05 08:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-06-15 07:36 - 2014-06-05 08:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
2014-06-15 07:36 - 2014-06-05 08:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-06-15 07:36 - 2014-06-05 08:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-06-15 07:36 - 2014-06-05 08:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:DocumentSummaryInformation
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:SummaryInformation
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
 
==================== Safe Mode (whitelisted) ===================
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
 
==================== EXE Association (whitelisted) =============
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
MSCONFIG\startupreg: Pando Media Booster => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/19/2014 10:43:16 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2
 
Error: (06/19/2014 00:56:10 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program KSP.exe version 4.3.3.30826 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1914
 
Start Time: 01cf8b766f6c948d
 
Termination Time: 316
 
Application Path: F:\Steam Games\steamapps\common\Kerbal Space Program\KSP.exe
 
Report Id:
 
Error: (06/18/2014 10:21:50 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2
 
Error: (06/18/2014 00:49:38 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program KSP.exe version 4.3.3.30826 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 240c
 
Start Time: 01cf8aa7329a4b72
 
Termination Time: 392
 
Application Path: F:\Steam Games\steamapps\common\Kerbal Space Program\KSP.exe
 
Report Id:
 
Error: (06/17/2014 06:06:15 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (06/17/2014 06:06:13 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.
 
Error: (06/17/2014 04:58:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program KSP.exe version 4.3.3.30826 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 6bc
 
Start Time: 01cf8a76528f9d1f
 
Termination Time: 81
 
Application Path: F:\Steam Games\steamapps\common\Kerbal Space Program\KSP.exe
 
Report Id:
 
Error: (06/17/2014 04:23:32 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2
 
Error: (06/16/2014 10:33:55 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2
 
Error: (06/15/2014 03:43:12 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2
 
 
System errors:
=============
Error: (06/19/2014 10:43:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The PinnacleUpdate Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (06/19/2014 10:43:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Update Greener Web service failed to start due to the following error: 
%%2
 
Error: (06/19/2014 10:41:37 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (06/19/2014 10:41:37 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (06/19/2014 10:41:36 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (06/19/2014 10:41:36 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (06/19/2014 10:41:36 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (06/19/2014 10:41:36 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (06/19/2014 10:41:35 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (06/19/2014 10:41:35 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2014-06-14 20:55:57.539
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-06-14 20:55:57.508
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-06-14 20:55:57.461
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-06-14 20:55:57.430
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-06-14 18:03:45.843
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-06-14 18:03:45.796
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 16%
Total physical RAM: 16345.8 MB
Available physical RAM: 13655.87 MB
Total Pagefile: 32689.77 MB
Available Pagefile: 29202.59 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:119.23 GB) (Free:10.16 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (Games) (Fixed) (Total:37.26 GB) (Free:7.65 GB) NTFS
Drive f: (Programs) (Fixed) (Total:931.51 GB) (Free:458.14 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: 6A45A926)
Partition 1: (Active) - (Size=119 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 932 GB) (Disk ID: A70245CF)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 37 GB) (Disk ID: 0C380C37)
Partition 1: (Active) - (Size=37 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

 

Attached Files



#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,789 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:59 AM

Posted 20 June 2014 - 09:08 AM

Greetings,

Nothing of significance in terms of malware. At the risk of sounding like I am lecturing (which I am not) please allow me to caution you regarding several things. I see you have run many programs already prior to posting here. Some of those programs can be harmful (Combofix, registry manipulation programs or components if used, like CCleaner) if not handled properly so be cautious in applying them. In addition, a couple more items to make you aware of and then let's do a little clean up.

Please do these things.

===================================================

Spybot S&D No Longer Recommended

--------------------

MVPS.org is no longer recommending Spybot S&D due to poor testing results. (scroll down on the web site and read under Freeware Antispyware Products)

I strongly recommend uninstalling Spybot Search & Destroy. The presence of this program can make cleaning your computer more difficult.

If you choose to uninstall please go to Start, Control Panel, Add/Remove Programs (or Programs and Features) and uninstall the program.

===================================================

P2P Warning

--------------------

Going over your logs I noticed that you have Bit Torrent installed. It is pretty much certain that if you continue to use P2P programs, you will get infected again.
  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.
I would recommend that you uninstall Bit Torrent, however that choice is up to you. If you choose to remove the program, you can do so via Start > Control Panel > Add/Remove Programs.

If you are still leaning toward using this program, please take a look at this information about Ransomware which can be delivered via P2P file transfers. The newest variation of Ransomware can make it impossible to recover the files this malicious software encrypts. In other words, you will probably lose most if not all of your valuable information, including pictures. In addition it has recently been reported that P2P downloads may be tracked resulting in your IP address being monitored by copyright authorities. .

If you wish to keep it, please do not use it until we are completely done and your machine is determined to be clean and updated.

===================================================

Junkware Removal Tool by thisisu

-------------------
  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply
===================================================

AdwCleaner by Xplode - Delete Adware

-------------------
  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browser
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on Scan
  • Upon completion click Report
  • Review the entries and uncheck any items you would like to keep on your computer (leaving an item checked will cause its deletion)
  • Click Clean to remove the items still checked
  • Click OK twice to reboot your computer
  • Copy and paste the contents of the text file on your desktop upon reboot in your reply
  • You can also find the logfile at C:\AdwCleaner\AdwCleaner.txt
===================================================

screen317's Security Check

--------------------
  • Please download screen317's Security Check to your desktop
  • Double-click icon to launch the program
  • Click OK
  • Select Run Note: If you receive an error message attempt to run the program in Safe Mode
  • Press any key to start the program
  • Allow the program to run
  • A Notepad document will open on your desktop. Please copy and paste the contents in your reply
===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it to your desktop (<<<Important) as fixlist.txt
S2 Update Greener Web; "C:\Program Files (x86)\Greener Web\updateGreenerWeb.exe" [X]
C:\Program Files (x86)\Greener Web
2014-06-14 02:40 - 2014-06-14 17:42 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Junkware log
  • AdwCleaner log
  • Security Check log
  • Fixlog
  • How is your computer running?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#7 dahue

dahue
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:01:59 AM

Posted 20 June 2014 - 11:31 PM

  • Junkware log:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Chris on Fri 06/20/2014 at 23:09:30.41
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\m-lyrics
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\optprostart_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\optprostart_rasmancs
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{36CB5085-DB2F-4E41-97A3-5B4C6FFDC3E9}
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\Users\Chris\AppData\Roaming\getrighttogo"
 
 
 
~~~ FireFox
 
Successfully deleted: [File] C:\Users\Chris\AppData\Roaming\mozilla\firefox\profiles\8pngxx4r.default\user.js
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 06/20/2014 at 23:13:47.35
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
  • AdwCleaner log :

# AdwCleaner v3.212 - Report created 20/06/2014 at 23:18:53
# Updated 05/06/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Chris - ERZAN
# Running from : C:\Users\Chris\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\systemk
Folder Deleted : C:\Program Files (x86)\Settings Manager
Folder Deleted : C:\Users\Chris\AppData\Roaming\Settings Manager
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKCU\Software\SystemK
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\Software\SystemK
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v8.0.7601.18472
 
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
 
-\\ Mozilla Firefox v29.0.1 (en-US)
 
[ File : C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\8pngxx4r.default\prefs.js ]
 
 
-\\ Google Chrome v35.0.1916.153
 
[ File : C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Deleted [Search Provider] : hxxp://www.default-search.net/search?sid=492&aid=205&itype=n&ver=12565&tm=378&src=ds&p={searchTerms}
 
*************************
 
AdwCleaner[R0].txt - [1996 octets] - [14/06/2014 00:13:42]
AdwCleaner[R1].txt - [991 octets] - [14/06/2014 02:07:47]
AdwCleaner[R2].txt - [1050 octets] - [14/06/2014 02:11:35]
AdwCleaner[R3].txt - [2112 octets] - [20/06/2014 23:18:06]
AdwCleaner[S0].txt - [2313 octets] - [14/06/2014 02:04:29]
AdwCleaner[S1].txt - [1938 octets] - [20/06/2014 23:18:53]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1998 octets] ##########
 
  • Security Check log :


  •  Results of screen317's Security Check version 0.99.85  
     Windows 7 Service Pack 1 x64 (UAC is enabled)  
    ``````````````Antivirus/Firewall Check:`````````````` 
     Windows Firewall Enabled!  
     Windows Firewall Disabled!  
    Norton 360 Premier Edition   
     WMI entry may not exist for antivirus; attempting automatic update. 
    `````````Anti-malware/Other Utilities Check:````````` 
     Java 7 Update 55  
     Java version out of Date! 
      Adobe Flash Player 13.0.0.214 Flash Player out of Date!  
     Adobe Reader 10.1.10 Adobe Reader out of Date!  
     Mozilla Firefox 29.0.1 Firefox out of Date!  
     Google Chrome 35.0.1916.153  
    ````````Process Check: objlist.exe by Laurent````````  
    `````````````````System Health check````````````````` 
     Total Fragmentation on Drive C: 28% Defragment your hard drive soon! (Do NOT defrag if SSD!)
    ````````````````````End of Log`````````````````````` 
     

  • Fixlog :

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 21-06-2014 01
Ran by Chris at 2014-06-20 23:26:07 Run:1
Running from C:\Users\Chris\Desktop
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
S2 Update Greener Web; "C:\Program Files (x86)\Greener Web\updateGreenerWeb.exe" [X]
C:\Program Files (x86)\Greener Web
2014-06-14 02:40 - 2014-06-14 17:42 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
*****************
 
Update Greener Web => Service deleted successfully.
"C:\Program Files (x86)\Greener Web" => File/Directory not found.
C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP => Moved successfully.
 
==== End of Fixlog ====
 
Gary,
 
Things seems to be running fine I'm not getting any input lag anymore and had no problem installing the programs you suggested.  So maybe it's fixed I'm not sure though.


#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,789 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:59 AM

Posted 21 June 2014 - 07:44 AM

Great to hear. I see you have run Malwarebytes and ESET already so let's scan your computer with another good scanner. Following that we have a number of updates to perform to secure your computer.

Please do this.

===================================================

Sophos Free Virus Removal Tool

--------------------
  • Download Sophos Free Virus Removal Tool and save it to your desktop
  • Double click the icon and select Run
  • Click Next
  • Select I accept the terms in this license agreement, then click Next twice
  • Click Install
  • Click Finish to launch the program
  • Once the virus database has been updated click Start Scanning
  • If any threats are found click Details, then View log file... (bottom left hand corner)
  • Copy and paste the results in your reply
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup
  • Click Exit to close the program
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Sophos log

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#9 dahue

dahue
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:01:59 AM

Posted 21 June 2014 - 08:51 PM

Gary,

 

I ran Sophos and no threats were found and Sophos is not giving me a log to post.



#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,789 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:59 AM

Posted 21 June 2014 - 09:01 PM

Good, now let's do this.

===================================================

Update Java

-------------------

Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.Please follow these steps to update Java and remove any existing older versions:
  • Click here to evaluate your current version of Java
  • Click Free Java Download
  • Click the Agree and Start Free Download
  • Save jxpiinstall.exe to your desktop
  • Double click the icon then click Run
  • Click Install
  • Uncheck any Ask Toolbar offers
  • Click Next
  • You should be notified You have successfully installed Java
Go to StartBtn.gif > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7 and remove all older versions of Java.
  • In addition, check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java version.
  • Reboot your computer once all Java components are removed.
===================================================

Update Adobe Reader

--------------------

Your Adobe Reader is out of date and a security concern. Here is some excellent information and a video which explains the importance of minimizing the risk of infection through compromised PDF files.

Adobe Reader Update
  • Please download Adobe Reader
  • After installing the latest Adobe Reader, uninstall all previous versions through Add/Remove Programs.
  • If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed Uncheck the box which says Also Download Adobe Photoshop® Album Starter Edition
===================================================

Update Adobe Flash Player

--------------------

Please update your Adobe Flash Player to the latest version
  • Download Adobe Flash Player here and save it to your desktop. Uncheck "Yes, install McAfee Security Scan Plus - optional"
  • Close any open browsers
  • Double click on the adobeflashplayer.jpg icon to launch the installation
  • If you are presented with a warning popup select "Run"
  • Once the installation is complete click "Finish"
===================================================

Firefox Update

--------------------

I recommend you consider updating Firefox to the newest version. If you desire to do so please click this link to begin the process.

===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Did the programs update correctly?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#11 dahue

dahue
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:01:59 AM

Posted 21 June 2014 - 11:23 PM

Gary,

 

Everything installed and updated correctly.  So far it seems like it's all good what next?



#12 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,789 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:59 AM

Posted 22 June 2014 - 09:56 AM

Greetings,
 

So far it seems like it's all good what next?


:)

Now that your computer is running well it is my great pleasure to proclaim to you the Good News!

===================================================

All Clean!

--------------

Your machine appears to be clean and you may delete any programs or logs on your computer as a result of our efforts. Please take the time to read below on how to secure the machine and take the necessary steps to keep it clean :thumbsup:

Lawrence Abrams, the founder of BleepingComputer.com, has developed an excellent tutorial which will provide you with the information you need to know to keep your computer secure and clean. Please take the time to read:In addition, here are some more links you might find of interest:I will leave this topic open for just a day or so in case you have any further issues then it will be closed shortly thereafter.

Thank you for placing your trust in BleepingComputer. It was a pleasure serving you. OhMy_done.gif
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#13 dahue

dahue
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:01:59 AM

Posted 22 June 2014 - 04:51 PM

Gary,

 

Thank you so much for all the help on this.



#14 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,789 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:59 AM

Posted 22 June 2014 - 04:53 PM

It has been my pleasure. I think we are off and running but I always like to keep the topic open for a day or so just in case.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#15 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,789 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:59 AM

Posted 24 June 2014 - 08:28 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users