Zwart beeld soms bij youtube

[anoniem]

Bij sommige filmpjes op youtube krijg ik zwart beeld, en soms speelt die een video wel af en daarna als ik hem nog eens wil kijken iets later, blijft die weer op zwart beeld. even voor de duidelijkheid sommige filmpjes kan ik dus niet afspelen en sommige wel, en bij sommige gebeurt zoals ik boven heb beschreven

[anoniem]

Graag de drie logs in één keer posten. [color=#008000:9cfb5ab3c0][b:9cfb5ab3c0]Stap •1•[/b:9cfb5ab3c0][/color:9cfb5ab3c0] [b:9cfb5ab3c0]Welk programma[/b:9cfb5ab3c0]: [color=#008000:9cfb5ab3c0][b:9cfb5ab3c0]AdwCleaner[/b:9cfb5ab3c0][/color:9cfb5ab3c0] [b:9cfb5ab3c0]Waarvoor/waarom[/b:9cfb5ab3c0]: Scanner om Windows op te schonen en te ontdoen van malafide toolbars. [b:9cfb5ab3c0]Moeilijkheidsgraad[/b:9cfb5ab3c0]: Geen. [b:9cfb5ab3c0]Downloadlokatie[/b:9cfb5ab3c0]: Dit programma absoluut naar het bureaublad downloaden dan wel daar naar toe verplaatsen! [b:9cfb5ab3c0]Download[/b:9cfb5ab3c0]: [url=http://general-changelog-team.fr/en/downloads/finish/20-outils-de-xplode/2-adwcleaner][color=#FF0000:9cfb5ab3c0][b:9cfb5ab3c0]AdwCleaner by Xplode[/b:9cfb5ab3c0][/color:9cfb5ab3c0][/url]. [b:9cfb5ab3c0]Opmerkingen[/b:9cfb5ab3c0]: [list:9cfb5ab3c0]Alle openstaande programma's en webpagina's dienen afgesloten te zijn. [*:9cfb5ab3c0]Dat na opstarten van [b:9cfb5ab3c0]AdwCleaner[/b:9cfb5ab3c0] de snelkoppelingen verdwijnen van bureaublad, is normaal.[/list:u:9cfb5ab3c0] [b:9cfb5ab3c0]AdwCleaner opstarten[/b:9cfb5ab3c0]: [list:9cfb5ab3c0][*:9cfb5ab3c0][b:9cfb5ab3c0][color=#0000FF:9cfb5ab3c0]Windows 2000[/color:9cfb5ab3c0][/b:9cfb5ab3c0] en [color=#0000FF:9cfb5ab3c0][b:9cfb5ab3c0]Windows XP[/b:9cfb5ab3c0][/color:9cfb5ab3c0]: dubbelklik op adwcleaner.exe. [*:9cfb5ab3c0][color=#0000FF:9cfb5ab3c0][b:9cfb5ab3c0]Windows Vista[/b:9cfb5ab3c0][/color:9cfb5ab3c0], [color=#0000FF:9cfb5ab3c0][b:9cfb5ab3c0]Windows 7[/b:9cfb5ab3c0][/color:9cfb5ab3c0] en [color=#0000FF:9cfb5ab3c0][b:9cfb5ab3c0]Windows 8[/b:9cfb5ab3c0][/color:9cfb5ab3c0]: via rechtsklik op adwcleaner.exe en kies voor "Als Administrator uitvoeren".[/list:u:9cfb5ab3c0] [b:9cfb5ab3c0]AdwCleaner is opgestart[/b:9cfb5ab3c0]: [list:9cfb5ab3c0][*:9cfb5ab3c0]Klik op de knop [b:9cfb5ab3c0]Verwijderen[/b:9cfb5ab3c0] [*:9cfb5ab3c0]Klik bij [b:9cfb5ab3c0]AdwCleaner – Afsluiting van de programma's[/b:9cfb5ab3c0] op [b:9cfb5ab3c0]OK[/b:9cfb5ab3c0] [*:9cfb5ab3c0]Klik bij [b:9cfb5ab3c0]AdwCleaner – Herstarten noodzakelijk[/b:9cfb5ab3c0] op [b:9cfb5ab3c0]OK[/b:9cfb5ab3c0][/list:u:9cfb5ab3c0] [b:9cfb5ab3c0]AdwCleaner logbestand[/b:9cfb5ab3c0]: [list:9cfb5ab3c0][*:9cfb5ab3c0]Nadat de PC opnieuw is opgestart, opent een logfile. [*:9cfb5ab3c0]Post vervolgens de inhoud van dit log in je volgende bericht.[/list:u:9cfb5ab3c0] [color=#008000:9cfb5ab3c0][b:9cfb5ab3c0]Stap •2•[/b:9cfb5ab3c0][/color:9cfb5ab3c0] [b:9cfb5ab3c0]Welk programma[/b:9cfb5ab3c0]: [color=#008000:9cfb5ab3c0][b:9cfb5ab3c0]Junkware Removal Tool by Thisisu[/b:9cfb5ab3c0][/color:9cfb5ab3c0] [b:9cfb5ab3c0]Waarvoor/waarom[/b:9cfb5ab3c0]: Scanner om Windows o.a. te ontdoen van malafide toolbars. [b:9cfb5ab3c0]Moeilijkheidsgraad[/b:9cfb5ab3c0]: Geen. [b:9cfb5ab3c0]Downloadlokatie[/b:9cfb5ab3c0]: Dit programma absoluut naar het bureaublad downloaden dan wel daar naar toe verplaatsen! [b:9cfb5ab3c0]Download[/b:9cfb5ab3c0]: [url=http://thisisudax.org/downloads/JRT.exe][color=#FF0000:9cfb5ab3c0][b:9cfb5ab3c0]JRT.exe[/b:9cfb5ab3c0][/color:9cfb5ab3c0] [/url]. [b:9cfb5ab3c0]Opmerkingen[/b:9cfb5ab3c0]: [list:9cfb5ab3c0][*:9cfb5ab3c0]Alle openstaande programma's en webpagina's dienen afgesloten te zijn. [*:9cfb5ab3c0]Het is raadzaam de actieve beveiligingssoftware te de-activeren, zodat mogelijke conflicten met JRT.exe uitgsloten worden.: [*:9cfb5ab3c0][url=http://www.hijackthis.nl/forum/viewtopic.php?f=86&t=32608][b:9cfb5ab3c0][color=#0000FF:9cfb5ab3c0]Hier[/color:9cfb5ab3c0][/b:9cfb5ab3c0][/url] en [url=http://www.hijackthis.nl/forum/viewtopic.php?f=86&t=32607][b:9cfb5ab3c0][color=#0000FF:9cfb5ab3c0]hier[/color:9cfb5ab3c0][/b:9cfb5ab3c0][/url] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren. [*:9cfb5ab3c0]Dat tijdens de scan van [b:9cfb5ab3c0]JRT.exe[/b:9cfb5ab3c0] tijdelijk de snelkoppelingen verdwijnen van het bureaublad, is normaal.[/list:u:9cfb5ab3c0] [b:9cfb5ab3c0]Junkware Removal Tool by Thisisu opstarten[/b:9cfb5ab3c0]: [list:9cfb5ab3c0][*:9cfb5ab3c0][b:9cfb5ab3c0][color=#0000FF:9cfb5ab3c0]Windows 2000[/color:9cfb5ab3c0][/b:9cfb5ab3c0] en [color=#0000FF:9cfb5ab3c0][b:9cfb5ab3c0]Windows XP[/b:9cfb5ab3c0][/color:9cfb5ab3c0]: dubbelklik op [b:9cfb5ab3c0]JRT.exe[/b:9cfb5ab3c0]. [*:9cfb5ab3c0][color=#0000FF:9cfb5ab3c0][b:9cfb5ab3c0]Windows Vista[/b:9cfb5ab3c0][/color:9cfb5ab3c0], [color=#0000FF:9cfb5ab3c0][b:9cfb5ab3c0]Windows 7[/b:9cfb5ab3c0][/color:9cfb5ab3c0] en [color=#0000FF:9cfb5ab3c0][b:9cfb5ab3c0]Windows 8[/b:9cfb5ab3c0][/color:9cfb5ab3c0]: via rechtsklik op [b:9cfb5ab3c0]JRT.exe[/b:9cfb5ab3c0] en kies voor "Als Administrator uitvoeren". [*:9cfb5ab3c0][b:9cfb5ab3c0]JRT.exe[/b:9cfb5ab3c0] zal daarna Windows gaan scannen. [*:9cfb5ab3c0]Deze scan kan afhankelijk van de systeemspecificaties soms vrij lang duren, wees dus geduldig. [*:9cfb5ab3c0]Indien de scan voltooid is, zal een logje ([b:9cfb5ab3c0]JRT.txt[/b:9cfb5ab3c0]) op het bureaublad opgeslagen worden en automatisch openen. [*:9cfb5ab3c0]Post de inhoud van dit log in je volgende bericht.[/list:u:9cfb5ab3c0] [color=#008000:9cfb5ab3c0][b:9cfb5ab3c0]Stap •3•[/b:9cfb5ab3c0][/color:9cfb5ab3c0] [b:9cfb5ab3c0]Welk programma[/b:9cfb5ab3c0]: [color=#008000:9cfb5ab3c0][b:9cfb5ab3c0]RogueKiller[/b:9cfb5ab3c0][/color:9cfb5ab3c0] [b:9cfb5ab3c0]Waarvoor/waarom[/b:9cfb5ab3c0]: gratis specialistische scanner om lopende processen te scannen en om malware processen te kunnen uitschakelen. [b:9cfb5ab3c0]Moeilijkheidsgraad[/b:9cfb5ab3c0]: geen. [b:9cfb5ab3c0]Download: [url=http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe][color=#FF0000:9cfb5ab3c0]RogueKiller[/b:9cfb5ab3c0][/color:9cfb5ab3c0][/url] [b:9cfb5ab3c0]RogueKiller opstarten[/b:9cfb5ab3c0]: [list:9cfb5ab3c0][*:9cfb5ab3c0]Sluit nu eerst alle nog openstaande programmavensters! [*:9cfb5ab3c0][b:9cfb5ab3c0][color=#0000FF:9cfb5ab3c0]Windows 2000[/color:9cfb5ab3c0][/b:9cfb5ab3c0] en [color=#0000FF:9cfb5ab3c0][b:9cfb5ab3c0]Windows XP[/b:9cfb5ab3c0][/color:9cfb5ab3c0]: dubbelklik op RogueKiller.exe. [*:9cfb5ab3c0][color=#0000FF:9cfb5ab3c0][b:9cfb5ab3c0]Windows Vista[/b:9cfb5ab3c0][/color:9cfb5ab3c0], [color=#0000FF:9cfb5ab3c0][b:9cfb5ab3c0]Windows 7[/b:9cfb5ab3c0][/color:9cfb5ab3c0] en [color=#0000FF:9cfb5ab3c0][b:9cfb5ab3c0]Windows 8[/b:9cfb5ab3c0][/color:9cfb5ab3c0]: rechtsklik op RogueKiller.exe en dan kiezen voor Als Administrator uitvoeren.[/list:u:9cfb5ab3c0] [b:9cfb5ab3c0]Scannen[/b:9cfb5ab3c0]: [list:9cfb5ab3c0][*:9cfb5ab3c0][b:9cfb5ab3c0]Sluit voordat RogueKiller gaat scannen, eerst alle andere openstaande vensters![/b:9cfb5ab3c0] [*:9cfb5ab3c0]Na opstarten begint RogueKiller meteen een pre-scan, dus wacht tot de scan klaar is. [*:9cfb5ab3c0]Klik vervolgens op de knop [b:9cfb5ab3c0]Scan[/b:9cfb5ab3c0] [*:9cfb5ab3c0]Wacht tot het einde van de scan. [*:9cfb5ab3c0]Een log wordt aangemaakt en geplaatst op het bureaublad.[/list:u:9cfb5ab3c0] [b:9cfb5ab3c0]Hoe nu verder[/b:9cfb5ab3c0]: [list:9cfb5ab3c0][*:9cfb5ab3c0][b:9cfb5ab3c0][color=#008000:9cfb5ab3c0]Doe verder nog niks maar plaats eerst de inhoud van dat log in jouw volgende bericht. [*:9cfb5ab3c0]En klik RK op uit.[/color:9cfb5ab3c0][/b:9cfb5ab3c0][/list:u:9cfb5ab3c0]

[anoniem]

# AdwCleaner v2.301 - Logfile created 05/27/2013 at 18:45:14 # Updated 16/05/2013 by Xplode # Operating system : Windows 7 Ultimate Service Pack 1 (64 bits) # User : Leroy - LEROY-PC # Boot Mode : Normal # Running from : C:\Users\Leroy\Downloads\adwcleaner.exe # Option [Delete] ***** [Services] ***** ***** [Files / Folders] ***** Folder Deleted : C:\ProgramData\Babylon Folder Deleted : C:\Users\Leroy\AppData\Local\Bundled software uninstaller Folder Deleted : C:\Users\Leroy\AppData\Roaming\Babylon ***** [Registry] ***** Key Deleted : HKCU\Software\BabylonToolbar Key Deleted : HKCU\Software\BI Key Deleted : HKCU\Software\DataMngr Key Deleted : HKCU\Software\Softonic Key Deleted : HKCU\Software\596d7dfe635ec43 Key Deleted : HKCU\Software\93f19dda2412c86ad7520ba4198f39a0 Key Deleted : HKCU\Software\94a40d183a1e5b33be1cb7d99b0c9e16 Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Deleted : HKLM\Software\Babylon Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994} Key Deleted : HKLM\Software\DataMngr Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} ***** [Internet Browsers] ***** -\\ Internet Explorer v10.0.9200.16576 Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.delta-search.com/?affID=119816&babsrc=HP_ss&mntrId=2096001D922145D7 --> hxxp://www.google.com -\\ Mozilla Firefox v21.0 (nl) File : C:\Users\Leroy\AppData\Roaming\Mozilla\Firefox\Profiles\rox8ilwp.default\prefs.js Deleted : user_pref("browser.search.selectedEngine", "Delta Search"); -\\ Google Chrome v27.0.1453.94 File : C:\Users\Leroy\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean.

[anoniem]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 4.9.4 (05.06.2013:1) OS: Windows 7 Ultimate x64 Ran by Leroy on Mon 05/27/2013 at 18:50:49.97 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys ~~~ Files ~~~ Folders ~~~ FireFox Emptied folder: C:\Users\Leroy\AppData\Roaming\mozilla\firefox\profiles\rox8ilwp.default\minidumps [40 files] ~~~ Event Viewer Logs were cleared

[anoniem]

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ besturingssysteem : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Gestart vanuit : Normale modus Gebruiker : Leroy [Administrator rechten] Modus : Scan -- Datum : 05/27/2013 18:58:46 | ARK || FAK || MBR | ¤¤¤ Kwaadaardige processen : 0 ¤¤¤ ¤¤¤ Register verwijzingen : 4 ¤¤¤ [HJPOL] HKCU\[...]\System : DisableTaskMgr (0) -> gevonden [HJPOL] HKCU\[...]\System : DisableRegistryTools (0) -> gevonden [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> gevonden [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> gevonden ¤¤¤ Speciale Files / Folders: ¤¤¤ ¤¤¤ Driver : [Niet geladen] ¤¤¤ ¤¤¤ HOSTS Bestand: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts ¤¤¤ MBR Controle: ¤¤¤ +++++ PhysicalDrive0: WDC WD3200AAJS-00YFA0 ATA Device +++++ --- User --- [MBR] c3d25689c3fdd144d0065be03d55dae4 [BSP] da50f223a938d9d1fd197a9adf3111ab : Windows 7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 305243 Mo User = LL1 ... OK! User = LL2 ... OK! Gereed : << RKreport[3]_S_05272013_02d1858.txt >> RKreport[1]_S_05272013_02d1852.txt ; RKreport[2]_S_05272013_02d1858.txt ; RKreport[3]_S_05272013_02d1858.txt

[anoniem]

En gaat het al beter?

[anoniem]

ik kan nog steeds sommige filmpjes niet kijken en blijft op zwart zoals bijvoorbeeld http://www.youtube.com/watch?v=MU8B4XDI3Uw

[anoniem]

hen je wel de laatste versie van de flash player? http://get.adobe.com/nl/flashplayer/

[anoniem]

ja !

[anoniem]

ja !

[anoniem]

Heb je dat zwarte beeld met beide browsers (IE & Chrome)?

[anoniem]

ja zelf bij alle 3 heb firefox

[anoniem]

Welke versie is dat? En heb je daar de Adobe Flashplayer-plugin geïnstalleerd? En betreffende Chroom, heb je die zo gelaten of daar ook de Adobe Flashplayer-plugin in geïnstalleerd?

[anoniem]

die nieuwste versie heb het voor de zekerheid gister nog een keer geinstralleerd, maar werkte niet, bij chroom heb ik inderdaad die plugin.

[anoniem]

Dan dien je in Chrome "Pepperflash" uit te schakelen.

[anoniem]

ik heb me vergist heb hem daar niet als plugin

[anoniem]

Laten we jouw Windows uitgebreid gaan bekijken: [b:bec0bea1d7]Welk programma[/b:bec0bea1d7]: [color=#008000:bec0bea1d7][b:bec0bea1d7]OTL.exe[/b:bec0bea1d7][/color:bec0bea1d7] [b:bec0bea1d7]Waarvoor/waarom[/b:bec0bea1d7]: multifunktioneel tool - analyse en fix [b:bec0bea1d7]Moeilijkheidsgraad[/b:bec0bea1d7]: geen. [b:bec0bea1d7]Download[/b:bec0bea1d7]: [url=http://oldtimer.geekstogo.com/OTL.exe][b:bec0bea1d7][color=red:bec0bea1d7]OTL.exe[/color:bec0bea1d7][/b:bec0bea1d7][/url] en plaats het bestand op het bureaublad. [b:bec0bea1d7]Sluit voordat OTL.exe gaat scannen, eerst alle andere openstaande vensters![/b:bec0bea1d7] [b:bec0bea1d7]OTL.exe gebruiken[/b:bec0bea1d7]: [list:bec0bea1d7][list:bec0bea1d7][*:bec0bea1d7][b:bec0bea1d7][color=#0000FF:bec0bea1d7]Windows 2000[/color:bec0bea1d7][/b:bec0bea1d7] en [color=#0000FF:bec0bea1d7][b:bec0bea1d7]Windows XP[/b:bec0bea1d7][/color:bec0bea1d7]: dubbelklik op [color=#008000:bec0bea1d7][b:bec0bea1d7]OTL.exe[/b:bec0bea1d7][/color:bec0bea1d7]. [*:bec0bea1d7][color=#0000FF:bec0bea1d7][b:bec0bea1d7]Windows Vista[/b:bec0bea1d7][/color:bec0bea1d7], [color=#0000FF:bec0bea1d7][b:bec0bea1d7]Windows 7[/b:bec0bea1d7][/color:bec0bea1d7] en [color=#0000FF:bec0bea1d7][b:bec0bea1d7]Windows 8[/b:bec0bea1d7][/color:bec0bea1d7]: via rechtsklik op [color=#008000:bec0bea1d7][b:bec0bea1d7]OTL.exe[/b:bec0bea1d7][/color:bec0bea1d7] en kies voor "Als Administrator uitvoeren".[/list:u:bec0bea1d7][/list:u:bec0bea1d7] [list:bec0bea1d7][*:bec0bea1d7]Zet een vinkje bij [b:bec0bea1d7]Scan All Users[/b:bec0bea1d7], [b:bec0bea1d7]LOP Check[/b:bec0bea1d7] en bij [b:bec0bea1d7]PURITY Check[/b:bec0bea1d7]. [*:bec0bea1d7]Kopieer onderstaande in de Code-kader staande tekst en plak deze in het kader onder [img:bec0bea1d7]http://www.imgdumper.nl/uploads5/4f9111a6d2e57/4f9111a6d2a6c-OTL-2.png[/img:bec0bea1d7] [code:1:bec0bea1d7] services.* explorer.exe winlogon.exe Userinit.exe svchost.exe netsvcs BASESERVICES DRIVES msconfig %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job /lockedfiles %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\system32\*.exe /lockedfiles %PROGRAMFILES%\* [/code:1:bec0bea1d7] [*:bec0bea1d7]Klik vervolgens op de knop [img:bec0bea1d7]http://www.imgdumper.nl/uploads6/50cd93c69c626/50cd93c69be5b-OTL_-_Run_Scan_knop.jpg[/img:bec0bea1d7]. [*:bec0bea1d7]Verander verder geen andere instellingen in OTL, alleen tenzij ik hiervoor specifiek instructies geef. [*:bec0bea1d7]De scan zal niet heel erg lang duren. [list:bec0bea1d7][*:bec0bea1d7]Er zullen twee Kladblok-vensters geopend worden wanneer de scan klaar is: [b:bec0bea1d7]OTL.Txt[/b:bec0bea1d7] en [b:bec0bea1d7]Extras.txt[/b:bec0bea1d7]. [*:bec0bea1d7]Kopieer vervolgens de inhoud van zowel OTL.txt alsmede Extras.txt en plak die gegevens in je volgende bericht.[/list:u:bec0bea1d7][/list:u:bec0bea1d7] [color=#008000:bec0bea1d7][b:bec0bea1d7]Notabene:[/b:bec0bea1d7][/color:bec0bea1d7] indien het log niet in één bericht past, spreidt het dan over twee of meer berichten.

[anoniem]

OTL logfile created on: 5/30/2013 1:40:39 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Leroy\Downloads 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16576) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 0.83 Gb Available Physical Memory | 41.51% Memory free 4.00 Gb Paging File | 2.43 Gb Available in Paging File | 60.89% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 298.09 Gb Total Space | 121.01 Gb Free Space | 40.59% Space Free | Partition Type: NTFS Drive E: | 6.42 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS Drive J: | 376.25 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: LEROY-PC | User Name: Leroy | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717:6ace35c276]========== Processes (SafeList) ==========[/color:6ace35c276] PRC - [2013/05/30 13:39:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Leroy\Downloads\OTL.exe PRC - [2013/05/26 15:24:05 | 001,855,880 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe PRC - [2013/05/14 13:26:12 | 003,289,208 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe PRC - [2013/05/12 00:26:08 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2013/05/11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2013/05/09 10:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2013/05/09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2013/03/28 11:32:38 | 001,106,288 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe PRC - [2013/03/14 23:07:46 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2013/03/06 14:15:38 | 000,580,672 | ---- | M] (Disc Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe [color=#E56717:6ace35c276]========== Modules (No Company Name) ==========[/color:6ace35c276] MOD - [2013/05/26 15:24:05 | 016,033,160 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll MOD - [2013/05/12 00:26:24 | 003,128,728 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll [color=#E56717:6ace35c276]========== Services (SafeList) ==========[/color:6ace35c276] SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2013/05/09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2009/07/14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2013/05/26 15:24:05 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013/05/17 09:20:21 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013/05/14 13:26:12 | 003,289,208 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2013/05/11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013/05/04 01:35:30 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2013/03/15 07:53:06 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2013/03/14 23:07:46 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2013/03/06 14:15:38 | 000,580,672 | ---- | M] (Disc Soft Ltd) [On_Demand | Running] -- C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe -- (Disc Soft Bus Service) SRV - [2013/02/28 20:09:08 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [color=#E56717:6ace35c276]========== Driver Services (SafeList) ==========[/color:6ace35c276] DRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2013/05/09 10:59:07 | 001,025,808 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2013/05/09 10:59:07 | 000,378,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2013/05/09 10:59:07 | 000,189,936 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm) DRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2013/05/09 10:59:07 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2013/05/09 10:59:07 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt) DRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2013/05/09 10:59:07 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2013/05/09 10:59:06 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2013/05/09 10:59:06 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) DRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2013/03/16 17:41:17 | 000,029,696 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtscsibus.sys -- (dtscsibus) DRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2013/02/22 09:17:06 | 000,203,544 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm) DRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2013/02/22 09:17:06 | 000,102,936 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus) DRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2012/08/23 16:12:16 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt) DRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2012/08/23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2012/08/23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2012/08/23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2012/01/18 06:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64) DRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2011/06/10 07:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2010/11/21 05:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub) DRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2010/11/21 05:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc) DRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2010/11/21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) DRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2010/11/21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2009/09/23 19:23:02 | 006,180,832 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2009/08/13 23:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21) DRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2007/05/14 17:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb) DRV - [2013/02/04 18:29:24 | 000,015,664 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717:6ace35c276]========== Standard Registry (SafeList) ==========[/color:6ace35c276] [color=#E56717:6ace35c276]========== Internet Explorer ==========[/color:6ace35c276] IE:[b:6ace35c276]64bit:[/b:6ace35c276] - HKLM\..\SearchScopes,DefaultScope = IE:[b:6ace35c276]64bit:[/b:6ace35c276] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:[b:6ace35c276]64bit:[/b:6ace35c276] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-2743922135-3053947181-1030724633-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKU\S-1-5-21-2743922135-3053947181-1030724633-1000\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-2743922135-3053947181-1030724633-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKU\S-1-5-21-2743922135-3053947181-1030724633-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7NDKB_enNL527 IE - HKU\S-1-5-21-2743922135-3053947181-1030724633-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717:6ace35c276]========== FireFox ==========[/color:6ace35c276] FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0 FF - user.js - File not found FF:[b:6ace35c276]64bit:[/b:6ace35c276] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found FF:[b:6ace35c276]64bit:[/b:6ace35c276] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF:[b:6ace35c276]64bit:[/b:6ace35c276] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF:[b:6ace35c276]64bit:[/b:6ace35c276] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll () FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/05/16 19:12:30 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/05/17 09:20:16 | 000,000,000 | ---D | M] [2013/04/12 15:01:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Leroy\AppData\Roaming\mozilla\Extensions [2013/04/12 15:01:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Leroy\AppData\Roaming\mozilla\Extensions\songbird@songbirdnest.com [2013/05/26 19:58:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Leroy\AppData\Roaming\mozilla\Firefox\Profiles\rox8ilwp.default\extensions [2013/05/26 19:58:59 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Leroy\AppData\Roaming\mozilla\firefox\profiles\rox8ilwp.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013/05/17 09:20:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2013/05/28 08:55:38 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013/05/17 09:20:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions [2013/05/28 08:55:38 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013/05/26 15:28:23 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [color=#E56717:6ace35c276]========== Chrome ==========[/color:6ace35c276] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}, CHR - homepage: http://www.google.com/ CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\pdf.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll CHR - Extension: YouTube = C:\Users\Leroy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Adblock Plus = C:\Users\Leroy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4.1_0\ CHR - Extension: Adblock Plus = C:\Users\Leroy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\ CHR - Extension: Google Zoeken = C:\Users\Leroy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: Instagram for Chrome = C:\Users\Leroy\AppData\Local\Google\Chrome\User Data\Default\Extensions\opnbmdkdflhjiclaoiiifmheknpccalb\4.5.1_0\ CHR - Extension: Instagram for Chrome = C:\Users\Leroy\AppData\Local\Google\Chrome\User Data\Default\Extensions\opnbmdkdflhjiclaoiiifmheknpccalb\4.5.2_0\ CHR - Extension: Gmail = C:\Users\Leroy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:[b:6ace35c276]64bit:[/b:6ace35c276] - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2:[b:6ace35c276]64bit:[/b:6ace35c276] - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:[b:6ace35c276]64bit:[/b:6ace35c276] - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) O2:[b:6ace35c276]64bit:[/b:6ace35c276] - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg64.dll (Google Inc.) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.) O3:[b:6ace35c276]64bit:[/b:6ace35c276] - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:[b:6ace35c276]64bit:[/b:6ace35c276] - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3:[b:6ace35c276]64bit:[/b:6ace35c276] - HKU\S-1-5-21-2743922135-3053947181-1030724633-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O4:[b:6ace35c276]64bit:[/b:6ace35c276] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:[b:6ace35c276]64bit:[/b:6ace35c276] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:[b:6ace35c276]64bit:[/b:6ace35c276] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2743922135-3053947181-1030724633-1000..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung) O4 - HKU\S-1-5-21-2743922135-3053947181-1030724633-1000..\Run: [DAEMON Tools Ultra Agent] C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe (Disc Soft Ltd) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O9:[b:6ace35c276]64bit:[/b:6ace35c276] - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O13[b:6ace35c276]64bit:[/b:6ace35c276] - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9AF4A85A-C065-4910-A861-9F095130D129}: DhcpNameServer = 192.168.2.254 O18:[b:6ace35c276]64bit:[/b:6ace35c276] - Protocol\Handler\ms-help - No CLSID value found O18:[b:6ace35c276]64bit:[/b:6ace35c276] - Protocol\Handler\skype4com - No CLSID value found O18:[b:6ace35c276]64bit:[/b:6ace35c276] - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20:[b:6ace35c276]64bit:[/b:6ace35c276] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b:6ace35c276]64bit:[/b:6ace35c276] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:[b:6ace35c276]64bit:[/b:6ace35c276] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:[b:6ace35c276]64bit:[/b:6ace35c276] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012/09/25 19:55:04 | 000,000,065 | R--- | M] () - E:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{a8feb63a-905f-11e2-a704-001d922145d7}\Shell - "" = AutoRun O33 - MountPoints2\{a8feb63a-905f-11e2-a704-001d922145d7}\Shell\AutoRun\command - "" = E:\Installer.exe -- [2011/10/22 19:55:30 | 000,580,608 | R--- | M] (RELOADED) O33 - MountPoints2\{dc2a7a27-ab16-11e2-8804-001d922145d7}\Shell - "" = AutoRun O33 - MountPoints2\{dc2a7a27-ab16-11e2-8804-001d922145d7}\Shell\AutoRun\command - "" = L:\Autorun.exe O33 - MountPoints2\{e16aa805-aa3e-11e2-9e98-001d922145d7}\Shell - "" = AutoRun O33 - MountPoints2\{e16aa805-aa3e-11e2-9e98-001d922145d7}\Shell\AutoRun\command - "" = J:\Setup.exe O33 - MountPoints2\{e16aa812-aa3e-11e2-9e98-001d922145d7}\Shell - "" = AutoRun O33 - MountPoints2\{e16aa812-aa3e-11e2-9e98-001d922145d7}\Shell\AutoRun\command - "" = K:\setup.exe O33 - MountPoints2\E\Shell - "" = AutoRun O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\Installer.exe -- [2011/10/22 19:55:30 | 000,580,608 | R--- | M] (RELOADED) O34 - HKLM BootExecute: (autocheck autochk *) O35:[b:6ace35c276]64bit:[/b:6ace35c276] - HKLM\..comfile [open] -- "%1" %* O35:[b:6ace35c276]64bit:[/b:6ace35c276] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b:6ace35c276]64bit:[/b:6ace35c276] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b:6ace35c276]64bit:[/b:6ace35c276] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) NetSvcs:[b:6ace35c276]64bit:[/b:6ace35c276] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) MsConfig:64bit - StartUpReg: [b:6ace35c276]93f19dda2412c86ad7520ba4198f39a0[/b:6ace35c276] - hkey= - key= - File not found MsConfig:64bit - StartUpReg: [b:6ace35c276]94a40d183a1e5b33be1cb7d99b0c9e16[/b:6ace35c276] - hkey= - key= - File not found MsConfig:64bit - StartUpReg: [b:6ace35c276]Adobe ARM[/b:6ace35c276] - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) MsConfig:64bit - StartUpReg: [b:6ace35c276]DAEMON Tools Ultra Agent[/b:6ace35c276] - hkey= - key= - C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe (Disc Soft Ltd) MsConfig:64bit - StartUpReg: [b:6ace35c276]KiesPreload[/b:6ace35c276] - hkey= - key= - C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung) MsConfig:64bit - StartUpReg: [b:6ace35c276]KiesTrayAgent[/b:6ace35c276] - hkey= - key= - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) MsConfig:64bit - StartUpReg: [b:6ace35c276]Sidebar[/b:6ace35c276] - hkey= - key= - C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) MsConfig:64bit - StartUpReg: [b:6ace35c276]Steam[/b:6ace35c276] - hkey= - key= - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) MsConfig:64bit - StartUpReg: [b:6ace35c276]swg[/b:6ace35c276] - hkey= - key= - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) [color=#E56717:6ace35c276]========== Files/Folders - Created Within 30 Days ==========[/color:6ace35c276] [2013/05/27 18:51:20 | 000,000,000 | ---D | C] -- C:\Users\Leroy\Desktop\RK_Quarantine [2013/05/27 18:49:33 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT [2013/05/27 18:49:06 | 000,000,000 | ---D | C] -- C:\JRT [2013/05/27 18:44:20 | 000,545,954 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Leroy\Desktop\JRT.exe [2013/05/26 19:33:56 | 000,000,000 | ---D | C] -- C:\Users\Leroy\Documents\Reus [2013/05/26 19:08:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft XNA [2013/05/26 19:08:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com [2013/05/26 19:07:31 | 000,000,000 | ---D | C] -- C:\GOG Games [2013/05/25 20:52:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\logishrd [2013/05/20 13:54:32 | 000,000,000 | ---D | C] -- C:\Users\Leroy\Documents\FIFA 13 [2013/05/17 09:20:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013/05/16 00:23:06 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013/05/16 00:23:06 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013/05/16 00:23:05 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013/05/16 00:23:04 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013/05/16 00:23:04 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013/05/16 00:23:04 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013/05/16 00:23:04 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013/05/16 00:23:04 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013/05/16 00:23:04 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013/05/16 00:23:04 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013/05/16 00:23:04 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013/05/16 00:23:03 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013/05/16 00:22:59 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013/05/16 00:22:59 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013/05/16 00:22:58 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013/05/15 21:55:40 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys [2013/05/15 21:55:40 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll [2013/05/15 21:55:31 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll [2013/05/15 21:55:30 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll [2013/05/15 21:55:29 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll [2013/05/15 21:55:29 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe [2013/05/15 21:55:22 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll [2013/05/06 22:48:56 | 000,000,000 | ---D | C] -- C:\Users\Leroy\AppData\Roaming\vlc [2013/05/06 22:48:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN [2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ] [1 C:\Users\Leroy\AppData\Roaming\*.tmp files -> C:\Users\Leroy\AppData\Roaming\*.tmp -> ] [1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [color=#E56717:6ace35c276]========== Files - Modified Within 30 Days ==========[/color:6ace35c276] [2013/05/30 13:18:48 | 000,025,936 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013/05/30 13:18:48 | 000,025,936 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013/05/30 13:13:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013/05/30 12:54:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013/05/30 09:20:04 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job [2013/05/30 09:19:02 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013/05/30 09:18:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013/05/30 08:44:52 | 1610,014,720 | -HS- | M] () -- C:\hiberfil.sys [2013/05/30 00:20:21 | 001,645,156 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013/05/30 00:20:21 | 000,740,722 | ---- | M] () -- C:\Windows\SysNative\perfh013.dat [2013/05/30 00:20:21 | 000,659,900 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013/05/30 00:20:21 | 000,151,550 | ---- | M] () -- C:\Windows\SysNative\perfc013.dat [2013/05/30 00:20:21 | 000,120,828 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013/05/30 00:20:12 | 001,645,156 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013/05/27 18:44:28 | 000,545,954 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Leroy\Desktop\JRT.exe [2013/05/26 19:08:15 | 000,001,540 | ---- | M] () -- C:\Users\Public\Desktop\Reus.lnk [2013/05/26 15:28:26 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013/05/26 15:24:05 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013/05/26 15:24:05 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013/05/26 13:02:47 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013/05/23 21:33:28 | 000,002,362 | ---- | M] () -- C:\Users\Leroy\Desktop\Play FIFA 13 nosTEAM.lnk [2013/05/16 19:13:15 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2013/05/16 19:07:44 | 000,416,712 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013/05/09 10:59:07 | 001,025,808 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2013/05/09 10:59:07 | 000,378,432 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2013/05/09 10:59:07 | 000,189,936 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys [2013/05/09 10:59:07 | 000,072,016 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys [2013/05/09 10:59:07 | 000,065,336 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys [2013/05/09 10:59:07 | 000,064,288 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2013/05/09 10:59:06 | 000,080,816 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2013/05/09 10:59:06 | 000,033,400 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2013/05/09 10:58:37 | 000,041,664 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2013/05/09 10:58:11 | 000,287,840 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ] [1 C:\Users\Leroy\AppData\Roaming\*.tmp files -> C:\Users\Leroy\AppData\Roaming\*.tmp -> ] [1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [color=#E56717:6ace35c276]========== Files Created - No Company Name ==========[/color:6ace35c276] [2013/05/26 19:13:09 | 001,645,156 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013/05/26 19:08:15 | 000,001,540 | ---- | C] () -- C:\Users\Public\Desktop\Reus.lnk [2013/05/23 21:19:36 | 000,002,362 | ---- | C] () -- C:\Users\Leroy\Desktop\Play FIFA 13 nosTEAM.lnk [2013/02/05 17:52:54 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2013/02/05 17:52:50 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll [2013/02/05 17:52:50 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll [2013/02/05 17:52:50 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll [2013/02/05 17:52:50 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll [2011/09/28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [color=#E56717:6ace35c276]========== ZeroAccess Check ==========[/color:6ace35c276] [2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717:6ace35c276]========== LOP Check ==========[/color:6ace35c276] [2013/03/23 18:45:22 | 000,000,000 | ---D | M] -- C:\Users\Leroy\AppData\Roaming\Bioshock2 [2013/05/30 00:07:04 | 000,000,000 | ---D | M] -- C:\Users\Leroy\AppData\Roaming\BitTorrent [2013/03/16 17:41:06 | 000,000,000 | ---D | M] -- C:\Users\Leroy\AppData\Roaming\DAEMON Tools Ultra [2013/04/22 17:23:25 | 000,000,000 | ---D | M] -- C:\Users\Leroy\AppData\Roaming\Red Alert 3 [2013/04/12 15:19:37 | 000,000,000 | ---D | M] -- C:\Users\Leroy\AppData\Roaming\Samsung [2013/04/12 15:01:07 | 000,000,000 | ---D | M] -- C:\Users\Leroy\AppData\Roaming\Songbird2 [2013/03/29 22:01:37 | 000,000,000 | ---D | M] -- C:\Users\Leroy\AppData\Roaming\Theta [2013/04/21 16:50:23 | 000,000,000 | ---D | M] -- C:\Users\Leroy\AppData\Roaming\Ubisoft [2013/04/25 11:12:28 | 000,000,000 | ---D | M] -- C:\Users\Leroy\AppData\Roaming\Unity [color=#E56717:6ace35c276]========== Purity Check ==========[/color:6ace35c276] [color=#E56717:6ace35c276]========== Custom Scans ==========[/color:6ace35c276] [color=#A23BEC:6ace35c276]< services.* >[/color:6ace35c276] [2009/07/14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT [2009/07/14 07:08:49 | 000,032,132 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2013/03/16 15:19:03 | 000,000,892 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [2013/03/16 15:19:04 | 000,000,896 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [2013/03/18 17:19:35 | 000,000,266 | ---- | C] () -- C:\Windows\Tasks\AutoKMS.job [2013/04/23 21:57:09 | 000,000,940 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job [color=#A23BEC:6ace35c276]< explorer.exe >[/color:6ace35c276] [color=#A23BEC:6ace35c276]< winlogon.exe >[/color:6ace35c276] [color=#A23BEC:6ace35c276]< Userinit.exe >[/color:6ace35c276] [color=#A23BEC:6ace35c276]< svchost.exe >[/color:6ace35c276] [color=#E56717:6ace35c276]========== Base Services ==========[/color:6ace35c276] SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2009/07/14 03:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc) SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2013/02/27 07:47:10 | 000,070,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo) SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2009/07/14 03:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG) SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2010/11/21 05:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS) SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2010/11/21 05:24:00 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE) SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2011/11/17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso) SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2009/07/14 03:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem) SRV - [2009/07/14 03:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem) SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2012/07/05 00:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser) SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2012/06/02 07:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc) SRV - [2012/06/02 06:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc) SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2010/11/21 05:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch) SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2010/11/21 05:24:00 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp) SRV - [2010/11/21 05:24:09 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp) SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2011/03/03 08:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache) SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2009/07/14 03:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost) SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2009/07/14 03:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv) SRV - [2009/07/14 03:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv) SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2009/07/14 03:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess) SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2010/11/21 05:23:48 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent) No service found with a name of MsMpSvc No service found with a name of NisSrv SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2009/07/14 03:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv) SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2009/07/14 03:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS) SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2009/07/14 03:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman) SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2009/07/14 03:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm) SRV - [2009/07/14 03:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm) SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2012/10/03 19:44:21 | 000,303,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc) SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2009/07/14 03:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi) SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2011/05/24 13:42:55 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay) SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2012/02/11 08:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler) SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2011/11/17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage) No service found with a name of EMDMgmt SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2009/07/14 03:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto) SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2010/11/21 05:24:17 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan) SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2010/11/21 05:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs) SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2010/11/21 05:24:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon) SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2011/11/17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs) SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2009/07/14 03:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc) SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2010/11/21 05:23:48 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer) SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2010/11/21 05:23:55 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection) SRV - [2010/11/21 05:24:03 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection) No service found with a name of slsvc SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2010/11/21 05:24:16 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule) SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2010/11/21 05:24:32 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv) SRV - [2010/11/21 05:24:00 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv) SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2009/07/14 03:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes) SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2012/05/01 07:40:20 | 000,209,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc) SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2010/11/21 05:23:55 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS) SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2010/11/21 05:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv) SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2010/11/21 05:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder) SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2010/11/21 05:25:06 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC) SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2010/11/21 05:23:55 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog) SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2010/11/21 05:24:28 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc) SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2010/11/21 05:24:48 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc) SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2010/11/21 05:24:15 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver) SRV - [2010/11/21 05:24:28 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver) SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2009/07/14 03:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt) SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2012/06/03 00:19:43 | 002,428,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv) SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2010/11/21 05:24:09 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc) SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2009/07/14 03:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc) SRV:[b:6ace35c276]64bit:[/b:6ace35c276] - [2010/11/21 05:24:32 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation) [color=#E56717:6ace35c276]========== Drive Information ==========[/color:6ace35c276] Physical Drives --------------- Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media Interface type: IDE Media Type: Fixed hard disk media Model: WDC WD3200AAJS-00YFA0 ATA Device Partitions: 1 Status: OK Status Info: 0 Drive: \\\\.\\PHYSICALDRIVE1 - Interface type: USB Media Type: Model: Generic USB SD Reader USB Device Partitions: 0 Status: OK Status Info: 0 Drive: \\\\.\\PHYSICALDRIVE2 - Interface type: USB Media Type: Model: Generic USB CF Reader USB Device Partitions: 0 Status: OK Status Info: 0 Drive: \\\\.\\PHYSICALDRIVE3 - Interface type: USB Media Type: Model: Generic USB SM Reader USB Device Partitions: 0 Status: OK Status Info: 0 Drive: \\\\.\\PHYSICALDRIVE4 - Interface type: USB Media Type: Model: Generic USB MS Reader USB Device Partitions: 0 Status: OK Status Info: 0 Partitions --------------- DeviceID: Disk #0, Partition #0 PartitionType: Installable File System Bootable: True BootPartition: True PrimaryPartition: True Size: 298.00GB Starting Offset: 1048576 Hidden sectors: 0 [color=#A23BEC:6ace35c276]< %systemroot%\system32\*.dll /lockedfiles >[/color:6ace35c276] [color=#A23BEC:6ace35c276]< %systemroot%\Tasks\*.job /lockedfiles >[/color:6ace35c276] [color=#A23BEC:6ace35c276]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color:6ace35c276] [color=#A23BEC:6ace35c276]< %systemroot%\system32\*.exe /lockedfiles >[/color:6ace35c276] [color=#A23BEC:6ace35c276]< %PROGRAMFILES%\* >[/color:6ace35c276] [2009/07/14 06:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini [2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ] < End of report >

[anoniem]

OTL Extras logfile created on: 5/30/2013 1:40:39 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Leroy\Downloads 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16576) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 0.83 Gb Available Physical Memory | 41.51% Memory free 4.00 Gb Paging File | 2.43 Gb Available in Paging File | 60.89% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 298.09 Gb Total Space | 121.01 Gb Free Space | 40.59% Space Free | Partition Type: NTFS Drive E: | 6.42 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS Drive J: | 376.25 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: LEROY-PC | User Name: Leroy | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717:9645ae4d91]========== Extra Registry (SafeList) ==========[/color:9645ae4d91] [color=#E56717:9645ae4d91]========== File Associations ==========[/color:9645ae4d91] [b:9645ae4d91]64bit:[/b:9645ae4d91] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) [HKEY_USERS\S-1-5-21-2743922135-3053947181-1030724633-1000\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717:9645ae4d91]========== Shell Spawning ==========[/color:9645ae4d91] [b:9645ae4d91]64bit:[/b:9645ae4d91] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. [color=#E56717:9645ae4d91]========== Security Center Settings ==========[/color:9645ae4d91] [b:9645ae4d91]64bit:[/b:9645ae4d91] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b:9645ae4d91]64bit:[/b:9645ae4d91] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b:9645ae4d91]64bit:[/b:9645ae4d91] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b:9645ae4d91]64bit:[/b:9645ae4d91] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717:9645ae4d91]========== Firewall Settings ==========[/color:9645ae4d91] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717:9645ae4d91]========== Authorized Applications List ==========[/color:9645ae4d91] [color=#E56717:9645ae4d91]========== Vista Active Open Ports Exception List ==========[/color:9645ae4d91] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0409B887-BE1F-4588-9886-56B074907829}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{263DB45C-4944-4E5D-853E-95DBFFA850EE}" = rport=445 | protocol=6 | dir=out | app=system | "{3BF085D7-1DA0-417C-A80E-D5CBFFF93524}" = rport=137 | protocol=17 | dir=out | app=system | "{3EDF67BE-8007-430D-9360-DB1FBA94D911}" = lport=137 | protocol=17 | dir=in | app=system | "{4E39BBDE-82D7-4057-A262-551B6057EFA3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{6494FE6F-0043-4D8A-BDAB-37EC69FC3B79}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{655F7E64-3769-4E24-8EB8-B6B046BA4E8A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{695662BA-DE4E-4E1E-AAF5-B9434A7D879D}" = lport=139 | protocol=6 | dir=in | app=system | "{695A72B6-1B9F-47B6-9CE4-1E646557FE3D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{6C53A10E-47A4-4665-92B7-93D220EE8EC8}" = lport=2869 | protocol=6 | dir=in | app=system | "{6D4A6960-B832-4E93-B928-CDDED3FE8040}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{6EE595A6-18EE-4B9D-BF8C-DF5BE06FD980}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{7FF1C30B-185F-40C4-B7D6-785E4E1EE600}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe | "{A5925464-ACAF-44F8-9D81-43E5789EA3F3}" = lport=138 | protocol=17 | dir=in | app=system | "{AABF159D-D99D-4528-9A62-E05E86FABA5A}" = lport=445 | protocol=6 | dir=in | app=system | "{BBF0CA52-6426-4432-B9D6-D97484A2D613}" = rport=139 | protocol=6 | dir=out | app=system | "{DA9ABF38-6050-452A-A66E-59DF972B62F6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{E059EAE1-BD79-4643-BAD7-62FF25D9ED51}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{E9A43C44-FA98-4499-9D57-7615DAEC5FE5}" = lport=10243 | protocol=6 | dir=in | app=system | "{EA9FAD66-EBC4-4BA1-9968-CCEA0A2A522C}" = rport=10243 | protocol=6 | dir=out | app=system | "{F00EE5E4-37A0-44DD-B664-6F7B2AB0C4AA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{F742B268-ECF7-4096-974F-A4AFF0A45049}" = rport=138 | protocol=17 | dir=out | app=system | [color=#E56717:9645ae4d91]========== Vista Active Application Exception List ==========[/color:9645ae4d91] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0EB5041D-38BF-440D-93CC-FEDDD3D38DA8}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{1AD8DD7D-760C-440A-A23D-00CC4BB998FE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{26979FA2-45ED-4471-9EC4-4DA3E46DB2C0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{27C9D537-94D8-4B8A-9F04-1F8527D90B63}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{284C8F1F-D69C-4553-8EAF-2C25364B9D0E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{2E79A84B-1A24-4F7F-8D62-042611FEEE37}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{2F408608-8048-453B-AE51-4D335F0A77FB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe | "{413481F3-0D57-41C1-B7E1-22AA18CE4537}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe | "{43F5897C-A86F-4578-8DA2-4E5665555470}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{4C3574B9-F9E1-4DC7-8329-4E1CEEB4045C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{4D4467B0-2346-4773-B856-E3720EDFDAAD}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{53395776-8DC6-4E83-B7D8-881CA0303018}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe | "{5701A091-77C1-4C6D-BE10-6EB8D110A9F8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe | "{5F660651-2E2B-4E7E-A4D6-46F973FD9F7C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe | "{751099DC-49B9-4649-AB8B-E5FD7303094B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{7C564D4F-0F6A-4673-BB69-40EF40568D41}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{8116A887-9900-4007-BDEB-C0995ED53AAA}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{8DB2DDA7-9A91-4BDA-BF32-A3C3B6D5C832}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{8FD6D441-2CC6-485C-B77C-5BD7DB00B05D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{926CF009-B00D-45C3-8920-8926B55422C8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{A9DE6B2E-0A4F-4BAE-A1A0-5224F89BEE94}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{AADA76DA-5CAA-4B5E-94E1-333265D26D1E}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{AF6789E1-30B9-4C20-96D5-126CA0D9041B}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{C04FB480-1AD8-477C-8CAF-36C332F70955}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{C3E82AE2-51C6-4E42-B44B-0E3877C06733}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{C9611EFF-FFC9-4819-9A16-BF7504E2C8EB}" = protocol=6 | dir=in | app=c:\users\leroy\appdata\roaming\bittorrent\bittorrent.exe | "{CAD93B83-488A-4D6A-B985-C63C5590C8DA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{E28E7218-A588-4FAE-A4AA-63E932F28370}" = protocol=6 | dir=out | app=system | "{E72C5C38-1263-41BD-A072-EF2AAA6B76D8}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{EBEA8863-48A3-4390-A606-8821DB58E7DA}" = protocol=17 | dir=in | app=c:\users\leroy\appdata\roaming\bittorrent\bittorrent.exe | "{F19BE66E-31DD-4768-842B-D02104AAF983}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{FCB52F9D-F36E-4C68-8666-B08017369561}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe | "TCP Query User{1696F0B4-5392-4806-B12C-37910C2461D9}C:\games\assassin's creed 3\ac3sp.exe" = protocol=6 | dir=in | app=c:\games\assassin's creed 3\ac3sp.exe | "TCP Query User{4978C814-0BC3-43BA-9331-84C55FCFA829}C:\users\leroy\downloads\fifa 13 =fifa soccer 13= pc full game ^^nosteam^^\fifa 13\game\fifa13.exe" = protocol=6 | dir=in | app=c:\users\leroy\downloads\fifa 13 =fifa soccer 13= pc full game ^^nosteam^^\fifa 13\game\fifa13.exe | "TCP Query User{AD9684E5-C933-4C62-B896-B0C72539F183}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=6 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe | "TCP Query User{E4320726-A198-471B-83A6-7EDE4918DA14}C:\program files (x86)\songbird\songbird.exe" = protocol=6 | dir=in | app=c:\program files (x86)\songbird\songbird.exe | "UDP Query User{110CBA79-56E9-4924-8F7B-A889A573A6D8}C:\games\assassin's creed 3\ac3sp.exe" = protocol=17 | dir=in | app=c:\games\assassin's creed 3\ac3sp.exe | "UDP Query User{3578FC41-4A89-42E6-845A-FE222239D8A9}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=17 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe | "UDP Query User{E65E7D74-6A69-46D0-BABA-34372800FF46}C:\users\leroy\downloads\fifa 13 =fifa soccer 13= pc full game ^^nosteam^^\fifa 13\game\fifa13.exe" = protocol=17 | dir=in | app=c:\users\leroy\downloads\fifa 13 =fifa soccer 13= pc full game ^^nosteam^^\fifa 13\game\fifa13.exe | "UDP Query User{F8DC6D2B-487B-4736-A071-E1E7BE34B28E}C:\program files (x86)\songbird\songbird.exe" = protocol=17 | dir=in | app=c:\program files (x86)\songbird\songbird.exe | [color=#E56717:9645ae4d91]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color:9645ae4d91] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010 "{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010 "{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision stuurprogramma 314.22 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA-configuratiescherm 314.22 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafisch stuurprogramma 314.22 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision controllerstuurprogramma 314.22 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX systeemsoftware 9.12.1031 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.12.12 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "CCleaner" = CCleaner "HDMI" = Intel(R) Graphics Media Accelerator Driver "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "WinRAR archiver" = WinRAR 4.20 (64-bit) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{127BEFB3-24B2-4B44-8E99-AD22C2A5A8ED}" = Full Tilt Poker.Eu "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{296D8550-CB06-48E4-9A8B-E5034FB64715}" = Command & Conquer™ Red Alert™ 3 "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3 "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable "{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX "{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010 "{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010 "{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010 "{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010 "{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010 "{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010 "{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 "{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010 "{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010 "{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010 "{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010 "{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010 "{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010 "{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0116-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010 "{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1043-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Nederlands "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}" = Microsoft XNA Framework Redistributable 4.0 Refresh "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "avast" = avast! Free Antivirus "BitTorrent" = BitTorrent "Crack Windows 7 x64 x86 2.0" = Crack Windows 7 x64 x86 2.0 "DAEMON Tools Ultra" = DAEMON Tools Ultra "GOGPACKREUS_is1" = Reus "Google Chrome" = Google Chrome "InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "Mozilla Firefox 21.0 (x86 nl)" = Mozilla Firefox 21.0 (x86 nl) "MozillaMaintenanceService" = Mozilla Maintenance Service "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "Office14.SingleImage" = Microsoft Office Professional 2010 "Songbird-release-2453" = Songbird 2.2.0 (Build 2453) "Steam App 219640" = Chivalry: Medieval Warfare "Steam App 42680" = Call of Duty: Modern Warfare 3 "Steam App 42690" = Call of Duty: Modern Warfare 3 - Multiplayer "Uplay" = Uplay "VLC media player" = VLC media player 2.0.6 "Windows 7 Activation Crack v3.5" = Windows 7 Activation Crack v3.5 [color=#E56717:9645ae4d91]========== Last 20 Event Log Errors ==========[/color:9645ae4d91] [ Application Events ] Error - 5/28/2013 2:55:47 AM | Computer Name = Leroy-PC | Source = WinMgmt | ID = 10 Description = Error - 5/29/2013 3:01:36 AM | Computer Name = Leroy-PC | Source = WinMgmt | ID = 10 Description = Error - 5/30/2013 3:18:59 AM | Computer Name = Leroy-PC | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 5/29/2013 3:02:23 AM | Computer Name = Leroy-PC | Source = Application Popup | ID = 1060 Description = \SystemRoot\SysWow64\Drivers\GEARAspiWDM.sys kan niet worden geladen vanwege incompatibiliteit met dit systeem. Vraag de leverancier van de software om een compatibele versie van het stuurprogramma. Error - 5/29/2013 3:02:24 AM | Computer Name = Leroy-PC | Source = Application Popup | ID = 1060 Description = \SystemRoot\SysWow64\Drivers\GEARAspiWDM.sys kan niet worden geladen vanwege incompatibiliteit met dit systeem. Vraag de leverancier van de software om een compatibele versie van het stuurprogramma. Error - 5/29/2013 3:02:38 AM | Computer Name = Leroy-PC | Source = Service Control Manager | ID = 7038 Description = De nvUpdatusService-service kan niet als .\UpdatusUser met het huidig ingestelde wachtwoord worden aangemeld vanwege de volgende fout: %%1330 Gebruik de module Services in de Microsoft Management Console (MMC) om te controleren of de service juist is geconfigureerd. Error - 5/29/2013 3:02:38 AM | Computer Name = Leroy-PC | Source = Service Control Manager | ID = 7000 Description = De NVIDIA Update Service Daemon-service kan vanwege de volgende fout niet worden gestart: %%1069 Error - 5/29/2013 3:06:13 AM | Computer Name = Leroy-PC | Source = Service Control Manager | ID = 7022 Description = De Windows Update-service is bij het starten vastgelopen. Error - 5/30/2013 2:44:49 AM | Computer Name = Leroy-PC | Source = Application Popup | ID = 1060 Description = \SystemRoot\SysWow64\Drivers\GEARAspiWDM.sys kan niet worden geladen vanwege incompatibiliteit met dit systeem. Vraag de leverancier van de software om een compatibele versie van het stuurprogramma. Error - 5/30/2013 3:19:54 AM | Computer Name = Leroy-PC | Source = Application Popup | ID = 1060 Description = \SystemRoot\SysWow64\Drivers\GEARAspiWDM.sys kan niet worden geladen vanwege incompatibiliteit met dit systeem. Vraag de leverancier van de software om een compatibele versie van het stuurprogramma. Error - 5/30/2013 3:19:55 AM | Computer Name = Leroy-PC | Source = Application Popup | ID = 1060 Description = \SystemRoot\SysWow64\Drivers\GEARAspiWDM.sys kan niet worden geladen vanwege incompatibiliteit met dit systeem. Vraag de leverancier van de software om een compatibele versie van het stuurprogramma. Error - 5/30/2013 3:20:46 AM | Computer Name = Leroy-PC | Source = Service Control Manager | ID = 7038 Description = De nvUpdatusService-service kan niet als .\UpdatusUser met het huidig ingestelde wachtwoord worden aangemeld vanwege de volgende fout: %%1330 Gebruik de module Services in de Microsoft Management Console (MMC) om te controleren of de service juist is geconfigureerd. Error - 5/30/2013 3:20:46 AM | Computer Name = Leroy-PC | Source = Service Control Manager | ID = 7000 Description = De NVIDIA Update Service Daemon-service kan vanwege de volgende fout niet worden gestart: %%1069 < End of report >

[anoniem]

[b:8adbae85ce]Sluit voordat [color=#008000:8adbae85ce]OTL[/color:8adbae85ce] de fix gaat doen, eerst alle andere openstaande vensters![/b:8adbae85ce] [list:8adbae85ce][*:8adbae85ce][b:8adbae85ce][color=#0000FF:8adbae85ce]Windows 2000[/color:8adbae85ce][/b:8adbae85ce] en [color=#0000FF:8adbae85ce][b:8adbae85ce]Windows XP[/b:8adbae85ce][/color:8adbae85ce]: dubbelklik op [b:8adbae85ce]OTL.exe[/b:8adbae85ce]. [*:8adbae85ce][color=#0000FF:8adbae85ce][b:8adbae85ce]Windows Vista[/b:8adbae85ce][/color:8adbae85ce], [color=#0000FF:8adbae85ce][b:8adbae85ce]Windows 7[/b:8adbae85ce][/color:8adbae85ce] en [color=#0000FF:8adbae85ce][b:8adbae85ce]Windows 8[/b:8adbae85ce][/color:8adbae85ce]: via rechtsklik op [b:8adbae85ce]OTL.exe[/b:8adbae85ce] en kies voor "Als Administrator uitvoeren". [b:8adbae85ce][*:8adbae85ce]Kopieer onderstaande in de Code-kader staande tekst en plak deze in het venster onder [img:8adbae85ce]http://www.imgdumper.nl/uploads5/4f9111a6d2e57/4f9111a6d2a6c-OTL-2.png[/img:8adbae85ce][/b:8adbae85ce][/list:u:8adbae85ce] [code:1:8adbae85ce] :OTL O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - AutoRun File - [2012/09/25 19:55:04 | 000,000,065 | R--- | M] () - E:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{a8feb63a-905f-11e2-a704-001d922145d7}\Shell - "" = AutoRun O33 - MountPoints2\{a8feb63a-905f-11e2-a704-001d922145d7}\Shell\AutoRun\command - "" = E:\Installer.exe -- [2011/10/22 19:55:30 | 000,580,608 | R--- | M] (RELOADED) O33 - MountPoints2\{dc2a7a27-ab16-11e2-8804-001d922145d7}\Shell - "" = AutoRun O33 - MountPoints2\{dc2a7a27-ab16-11e2-8804-001d922145d7}\Shell\AutoRun\command - "" = L:\Autorun.exe O33 - MountPoints2\{e16aa805-aa3e-11e2-9e98-001d922145d7}\Shell - "" = AutoRun O33 - MountPoints2\{e16aa805-aa3e-11e2-9e98-001d922145d7}\Shell\AutoRun\command - "" = J:\Setup.exe O33 - MountPoints2\{e16aa812-aa3e-11e2-9e98-001d922145d7}\Shell - "" = AutoRun O33 - MountPoints2\{e16aa812-aa3e-11e2-9e98-001d922145d7}\Shell\AutoRun\command - "" = K:\setup.exe O33 - MountPoints2\E\Shell - "" = AutoRun O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\Installer.exe -- [2011/10/22 19:55:30 | 000,580,608 | R--- | M] (RELOADED) MsConfig:64bit - StartUpReg: 93f19dda2412c86ad7520ba4198f39a0 - hkey= - key= - File not found MsConfig:64bit - StartUpReg: 94a40d183a1e5b33be1cb7d99b0c9e16 - hkey= - key= - File not found :Services :Reg :Files ipconfig /flushdns /c :Commands [purity] [emptytemp] [resethosts] [emptyjava] [emptyflash] [createrestorepoint] [reboot][/code:1:8adbae85ce] [list:8adbae85ce][*:8adbae85ce]Klik daarna bovenaan op [img:8adbae85ce]http://www.imgdumper.nl/uploads5/4f911cee9de47/4f911cee9da59-OTL-4.png[/img:8adbae85ce] [*:8adbae85ce]Laat het programma ongestoord zijn werk doen. [*:8adbae85ce][color=#FF0000:8adbae85ce][b:8adbae85ce]OTL zal na de scan melden dat de PC opnieuw opgestart gaat worden. Sta dat dus toe.[/b:8adbae85ce][/color:8adbae85ce] [*:8adbae85ce]Klik op [b:8adbae85ce]OK[/b:8adbae85ce] [*:8adbae85ce]Na het opnieuw opstarten wordt enkel een nieuw log geopend. [*:8adbae85ce]Post via kopiëren en plakken de inhoud van dat OTL-scanlog.[/list:u:8adbae85ce]