autoaim by sae typer by murgee软件怎么用
点击联系发帖人
时间:2017-05-25 10:10
Please click
if you are not redirected within a few seconds.
Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.
Javascript Disabled Detected
You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.
Web Browser Injection
Started by
blackfire88
This topic is locked
blackfire88
Whenever i am browsing the internet, certain keywords like power are underlined, are green and link to an advertisement.
Something really weird called text-enhance...?
Advertisements
Hi,Download
to your DesktopDouble click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.Check the box that says Scan All Users.Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.Please copy (Edit-&Select All, Edit-&Copy) the contents of these files, one at a time and post them in your topic.
blackfire88
OTL logfile created on: 8/21/:57 PM - Run 1OTL by OldTimer - Version 3.2.26.5 Folder = C:\Users\Public\Music\sexy music64bit- An unknown product Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstationInternet Explorer (Version = 9.0.)Locale:
| Country: United States | Language: ENU | Date Format: M/d/yyyy 7.96 Gb Total Physical Memory | 4.37 Gb Available Physical Memory | 54.96% Memory free15.92 Gb Paging File | 11.62 Gb Available in Paging File | 73.01% Paging File freePaging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)Drive C: | 1862.92 Gb Total Space | 1652.03 Gb Free Space | 88.68% Space Free | Partition Type: NTFS Computer Name: ASUS-PC | User Name: ASUS | Logged in as Administrator.Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit ScansCompany Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [ 18:14:51 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Public\Music\sexy music\OTL.exePRC - [ 08:22:00 | 000,411,432 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exePRC - [ 08:21:12 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exePRC - [ 09:36:57 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exePRC - [ 17:35:38 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exePRC - [ 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exePRC - [ 17:29:54 | 001,951,112 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exePRC - [ 10:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccsvchst.exePRC - [ 19:43:20 | 007,797,112 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exePRC - [ 19:43:20 | 002,280,312 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exePRC - [ 19:14:11 | 000,108,408 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\tv_w32.exePRC - [ 15:32:56 | 000,428,336 | ---- | M] (Tesline-service) -- C:\Program Files (x86)\KidLogger\Kidlogger.exePRC - [ 22:36:33 | 001,115,536 | ---- | M] (Discordia, LTD) -- C:\Program Files (x86)\Windows Savevid Toolbar\Datamngr\datamngrUI.exePRC - [ 04:37:06 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exePRC - [ 21:02:56 | 000,755,040 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\SDKLauncher.exePRC - [ 21:02:56 | 000,144,720 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\orangebox\bin\hammer.exePRC - [ 22:17:56 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exePRC - [ 10:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exePRC - [ 22:49:08 | 006,974,464 | ---- | M] (The Audacity Team) -- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)\audacity.exePRC - [ 13:46:40 | 000,697,640 | ---- | M] (CyberLink Corporation.) -- C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exePRC - [ 16:10:48 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files (x86)\CyberLink\Shared files\brs.exePRC - [ 18:50:10 | 002,011,205 | ---- | M] (Informer Technologies, Inc.) -- C:\Program Files (x86)\Software Informer\softinfo.exePRC - [ 13:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exePRC - [ 18:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel& Management Engine Components\UNS\UNS.exePRC - [ 18:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel& Management Engine Components\LMS\LMS.exePRC - [ 13:22:04 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exePRC - [ 13:32:30 | 012,193,852 | ---- | M] (Macromedia Inc.) -- C:\Program Files (x86)\Macromedia\Fireworks MX\Fireworks.exe
========== Modules (No Company Name) ========== MOD - [ 17:30:52 | 000,155,232 | -H-- | M] () -- C:\Users\ASUS\AppData\Local\Temp\~2C4A.tmpMOD - [ 19:42:42 | 000,154,624 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;garrysmod\garrysmod\bin\game_shader_generic_garrysmod.dllMOD - [ 17:51:23 | 000,349,520 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\orangebox\bin\vgui2.dllMOD - [ 17:51:23 | 000,288,104 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\orangebox\bin\FileSystem_Steam.dllMOD - [ 08:21:59 | 014,401,832 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dllMOD - [ 08:21:59 | 000,214,528 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\mssvoice.asiMOD - [ 08:21:59 | 000,095,744 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\mssmp3.asiMOD - [ 08:21:51 | 000,914,216 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-52.dllMOD - [ 08:21:51 | 000,190,248 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dllMOD - [ 08:21:51 | 000,155,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-52.dllMOD - [ 08:21:51 | 000,091,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-50.dllMOD - [ 17:44:49 | 001,234,272 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\orangebox\bin\vguimatsurface.dllMOD - [ 17:44:49 | 001,017,184 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\orangebox\bin\MaterialSystem.dllMOD - [ 17:44:49 | 000,243,040 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\orangebox\bin\stdshader_dx6.dllMOD - [ 17:44:49 | 000,234,832 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\orangebox\bin\tier0.dllMOD - [ 17:44:49 | 000,181,600 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\orangebox\bin\stdshader_dx7.dllMOD - [ 17:44:49 | 000,116,064 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\orangebox\bin\inputsystem.dllMOD - [ 17:44:48 | 001,500,512 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\orangebox\bin\shaderapidx9.dllMOD - [ 17:44:48 | 000,931,160 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\orangebox\bin\vphysics.dllMOD - [ 17:44:48 | 000,550,240 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\orangebox\bin\stdshader_dx9.dllMOD - [ 17:44:48 | 000,460,128 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\orangebox\bin\StudioRender.dllMOD - [ 17:44:48 | 000,431,472 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\orangebox\bin\FileSystemOpenDialog.dllMOD - [ 17:44:48 | 000,365,920 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\orangebox\bin\stdshader_dx8.dllMOD - [ 17:44:48 | 000,243,032 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\orangebox\bin\datacache.dllMOD - [ 17:44:48 | 000,177,496 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\orangebox\bin\vstdlib.dllMOD - [ 17:44:48 | 000,169,312 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\orangebox\bin\stdshader_dbg.dllMOD - [ 04:28:48 | 000,076,288 | ---- | M] () -- C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\oko3wcv3.default\extensions\{15ea6b7b--bfb0-b2}\components\RadioWMPCoreGecko5.dllMOD - [ 09:36:57 | 001,850,328 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dllMOD - [ 18:39:20 | 011,213,288 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\orangebox\bin\libcef.dllMOD - [ 17:03:55 | 006,271,136 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dllMOD - [ 03:21:36 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dllMOD - [ 15:32:58 | 000,108,848 | ---- | M] () -- C:\Program Files (x86)\KidLogger\kidlog.dllMOD - [ 14:42:14 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt32.dllMOD - [ 21:02:57 | 000,349,520 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\vgui2.dllMOD - [ 21:02:57 | 000,288,104 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\FileSystem_Steam.dllMOD - [ 21:02:56 | 000,755,040 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\SDKLauncher.exeMOD - [ 21:02:56 | 000,234,832 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\tier0.dllMOD - [ 21:02:56 | 000,177,496 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\vstdlib.dllMOD - [ 21:02:56 | 000,144,720 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\orangebox\bin\hammer.exeMOD - [ 21:02:56 | 000,116,064 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\inputsystem.dllMOD - [ 12:16:56 | 000,067,872 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dllMOD - [ 10:44:30 | 000,120,320 | ---- | M] () -- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)\wxbase28u_net_vc_custom.dllMOD - [ 10:44:26 | 000,472,064 | ---- | M] () -- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)\wxmsw28u_html_vc_custom.dllMOD - [ 10:44:10 | 000,678,400 | ---- | M] () -- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)\wxmsw28u_adv_vc_custom.dllMOD - [ 10:43:52 | 002,779,136 | ---- | M] () -- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)\wxmsw28u_core_vc_custom.dllMOD - [ 10:42:40 | 001,146,368 | ---- | M] () -- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)\wxbase28u_vc_custom.dllMOD - [ 09:52:26 | 033,735,976 | ---- | M] () -- C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\Res.dllMOD - [ 08:38:48 | 000,106,496 | ---- | M] () -- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)\Plug-Ins\sc4_1882.dllMOD - [ 08:38:48 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)\Plug-Ins\gverb_1216.dllMOD - [ 08:38:48 | 000,098,304 | ---- | M] () -- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)\Plug-Ins\hard_limiter_1413.dllMOD - [ 09:30:00 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dllMOD - [ 09:29:58 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dllMOD - [ 09:29:58 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dllMOD - [ 13:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dllMOD - [ 13:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dllMOD - [ 04:04:38 | 000,756,040 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSPTLS.DLLMOD - [ 22:54:32 | 000,657,920 | ---- | M] () -- C:\Program Files (x86)\File Shredder\fsshell.dllMOD - [ 11:09:42 | 000,815,104 | ---- | M] () -- C:\Program Files (x86)\Macromedia\Fireworks MX\Plug-Ins\FlashPlayerW.dllMOD - [ 12:14:10 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\Macromedia\Fireworks MX\Plug-Ins\TwainAgent.x32MOD - [ 12:14:06 | 004,558,910 | ---- | M] () -- C:\Program Files (x86)\Macromedia\Fireworks MX\Plug-Ins\gsdll32.dllMOD - [ 12:13:48 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\Macromedia\Fireworks MX\Plug-Ins\BMP Import Export.x32
========== Win32 Services (SafeList) ========== SRV:64bit: - [ 22:15:44 | 001,844,736 | ---- | M] (Proxy Labs) [Auto | Running] -- C:\Program Files\Proxy Labs\ProxyCap\pcapsvc.exe -- (pcapsvc)SRV:64bit: - [ 15:51:57 | 002,528,096 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)SRV:64bit: - [ 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)SRV:64bit: - [ 11:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)SRV:64bit: - [ 11:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)SRV - [ 08:22:00 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)SRV - [ 17:35:38 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)SRV - [ 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)SRV - [ 17:29:52 | 002,275,720 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)SRV - [ 10:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe -- (NIS)SRV - [ 19:43:20 | 002,280,312 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)SRV - [ 12:12:10 | 000,147,336 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe -- (LMIMaint)SRV - [ 12:12:04 | 000,373,640 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc)SRV - [ 11:04:20 | 000,407,424 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn)SRV - [ 10:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)SRV - [ 03:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)SRV - [ 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.3;mscorsvw.exe -- (clr_optimization_v4.0.30319_32)SRV - [ 18:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel& Management Engine Components\UNS\UNS.exe -- (UNS) Intel&SRV - [ 18:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel& Management Engine Components\LMS\LMS.exe -- (LMS) Intel&SRV - [ 07:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.5;mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ========== DRV:64bit: - [ 18:49:19 | 000,096,376 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SMR210.SYS -- (SMR210)DRV:64bit: - [ 17:45:12 | 000,386,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\D\symnets.sys -- (SymNetS)DRV:64bit: - [ 16:16:16 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)DRV:64bit: - [ 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)DRV:64bit: - [ 13:04:12 | 000,043,640 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SymIMV.sys -- (SymIM)DRV:64bit: - [ 13:00:09 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\NISx64\D\srtsp64.sys -- (SRTSP)DRV:64bit: - [ 13:00:09 | 000,040,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\D\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)DRV:64bit: - [ 12:31:23 | 000,912,504 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\D\symefa64.sys -- (SymEFA)DRV:64bit: - [ 16:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)DRV:64bit: - [ 16:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)DRV:64bit: - [ 16:47:10 | 000,450,680 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\D\symds64.sys -- (SymDS)DRV:64bit: - [ 15:07:06 | 000,171,128 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\D\ironx64.sys -- (SymIRON)DRV:64bit: - [ 12:12:30 | 000,087,456 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)DRV:64bit: - [ 23:34:02 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)DRV:64bit: - [ 23:34:02 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)DRV:64bit: - [ 23:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)DRV:64bit: - [ 21:35:32 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)DRV:64bit: - [ 21:35:24 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcuxd.sys -- (vpcuxd)DRV:64bit: - [ 21:35:20 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)DRV:64bit: - [ 21:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)DRV:64bit: - [ 14:40:06 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)DRV:64bit: - [ 14:39:58 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lmimirr.sys -- (lmimirr)DRV:64bit: - [ 06:08:55 | 000,155,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)DRV:64bit: - [ 03:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)DRV:64bit: - [ 18:40:06 | 000,032,872 | ---- | M] (TamoSoft) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tsvp.sys -- (TsVp)DRV:64bit: - [ 14:14:04 | 000,022,120 | ---- | M] (TamoSoft) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsvlb.sys -- (TsVlb)DRV:64bit: - [ 13:33:07 | 000,021,608 | ---- | M] (TamoSoft) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cv2k1.sys -- (CV2K1)DRV:64bit: - [ 13:48:28 | 000,024,560 | ---- | M] (Cyberlink Co.,Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CLBStor.sys -- (CLBStor)DRV:64bit: - [ 13:48:26 | 000,376,304 | ---- | M] (CyberLink Corporation.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\CLBUDF.sys -- (CLBUDF)DRV:64bit: - [ 11:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel&DRV:64bit: - [ 10:05:06 | 000,239,616 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)DRV:64bit: - [ 20:59:48 | 000,987,648 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)DRV:64bit: - [ 13:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)DRV:64bit: - [ 11:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)DRV:64bit: - [ 11:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)DRV:64bit: - [ 11:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)DRV:64bit: - [ 06:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)DRV:64bit: - [ 06:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)DRV:64bit: - [ 06:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)DRV:64bit: - [ 06:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)DRV:64bit: - [ 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)DRV:64bit: - [ 15:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)DRV:64bit: - [ 20:00:00 | 000,055,024 | ---- | M] (Sonic Solutions) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)DRV - [ 16:10:23 | 002,048,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF}\NIS_18.1.0.37\Definitions\VirusDefs\\EX64.SYS -- (NAVEX15)DRV - [ 16:10:23 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF}\NIS_18.1.0.37\Definitions\VirusDefs\\ENG64.SYS -- (NAVENG)DRV - [ 01:07:58 | 000,488,056 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF}\NIS_18.1.0.37\Definitions\IPSDefs\\IDSviA64.sys -- (IDSVia64)DRV - [ 16:11:02 | 000,481,912 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)DRV - [ 16:11:02 | 000,136,824 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)DRV - [ 10:27:21 | 001,151,096 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF}\NIS_18.1.0.37\Definitions\BASHDefs\\BHDrvx64.sys -- (BHDrvx64)DRV - [ 14:40:06 | 000,015,928 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys -- (LMIInfo)DRV - [ 15:10:38 | 000,146,928 | ---- | M] (CyberLink Corp.) [ 11:31:44] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD9\000.fcl -- ({B0F-42cc-FBDF4BD})DRV - [ 11:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-usIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C0 10 AA 90 8C F6 CB 01 [binary data]IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: &ProxyEnable& = 0IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: &ProxyOverride& = *.local ========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()FF - HKLM\Software\MozillaPlugins\@/iTunes,version=: File not foundFF - HKLM\Software\MozillaPlugins\@/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()FF - HKLM\Software\MozillaPlugins\@/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)FF - HKLM\Software\MozillaPlugins\@/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.2;npctrl.dll ( Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@/WLPG,version=15.4.: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@/WLPG,version=15.4.: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@/WLPG,version=15.4.: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)FF - HKLM\Software\MozillaPlugins\@/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0a-AA10-DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF}\NIS_18.1.0.37\IPSFFPlgn\ [ 22:01:16 | 000,000,000 | ---D | M]FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF}\NIS_18.1.0.37\coFFPlgn__8 [ 16:17:01 | 000,000,000 | ---D | M]FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [ 09:36:57 | 000,000,000 | ---D | M]FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [ 15:58:41 | 000,000,000 | ---D | M] [ 10:58:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ASUS\AppData\Roaming\Mozilla\Extensions[ 16:34:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\oko3wcv3.default\extensions[ 09:51:21 | 000,000,000 | ---D | M] (&Winamp Toolbar&) -- C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\oko3wcv3.default\extensions\{0b3-484d-a11f-5e04a9b0661f}[ 13:02:39 | 000,000,000 | ---D | M] (primarytarget Community Toolbar) -- C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\oko3wcv3.default\extensions\{15ea6b7b--bfb0-b2}[ 16:09:59 | 000,000,000 | ---D | M] (Web Developer) -- C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\oko3wcv3.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}[ 20:33:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions[ 16:33:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-24-ABCDEFFEDCBA}[ 20:33:26 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-26-ABCDEFFEDCBA}[ 09:36:57 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll[ 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll[ 04:38:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll[ 17:57:14 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml[ 01:17:40 | 000,005,529 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\SearchquWebSearch.xml O1 HOSTS File: ([ 07:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hostsO2:64bit: - BHO: (UrlHelper Class) - {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - C:\Program Files (x86)\Windows Savevid Toolbar\Datamngr\x64\IEBHO.dll (Discordia, LTD)O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL Inc.)O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF--95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coieplg.dll (Symantec Corporation)O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-FC} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ips\ipsbho.dll (Symantec Corporation)O2 - BHO: (Searchqu Toolbar) - {f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\searchqudtx.dll ()O2 - BHO: (UrlHelper Class) - {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - C:\Program Files (x86)\Windows Savevid Toolbar\Datamngr\IEBHO.dll (Discordia, LTD)O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19--FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coieplg.dll (Symantec Corporation)O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\searchqudtx.dll ()O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL Inc.)O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19--FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coieplg.dll (Symantec Corporation)O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-A-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL Inc.)O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)O4:64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)O4:64bit: - HKLM..\Run: [ProxyCap] C:\Program Files\Proxy Labs\ProxyCap\pcapui.exe (Proxy Labs)O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)O4 - HKLM..\Run: [DATAMNGR] C:\Program Files (x86)\Windows Savevid Toolbar\Datamngr\datamngrUI.exe (Discordia, LTD)O4 - HKLM..\Run: [InstantBurn] C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe (CyberLink Corporation.)O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)O4 - HKLM..\Run: [RemoteControl9] C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)O4 - HKLM..\Run: [UpdatePPShortCut] C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)O4 - HKCU..\Run: [AutoTyperMurGee] C:\Program Files (x86)\Auto Typer by MurGee\AutoTyper.exe ()O4 - HKCU..\Run: [fsm] File not foundO4 - HKCU..\Run: [MS Shell Services] C:\Program Files (x86)\KidLogger\Kidlogger.exe (Tesline-service)O4 - HKCU..\Run: [Software Informer] C:\Program Files (x86)\Software Informer\softinfo.exe (Informer Technologies, Inc.)O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)O4 - HKCU..\RunOnce: [*NMRUI] C:\Users\ASUS\Downloads\NPE.exe (Symantec Corporation)O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10t_Plugin.exe (Adobe Systems, Inc.)O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3O10:64bit: - NameSpace_Catalog5\Catalog_Entries\ [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)O10:64bit: - NameSpace_Catalog5\Catalog_Entries\ [] - C:\Windows\SysNative\pcapwsp.dll (Proxy Labs)O10:64bit: - Protocol_Catalog9\Catalog_Entries\ - File not foundO10:64bit: - Protocol_Catalog9\Catalog_Entries\ - File not foundO10:64bit: - Protocol_Catalog9\Catalog_Entries\ - File not foundO10:64bit: - Protocol_Catalog9\Catalog_Entries\ - File not foundO10:64bit: - Protocol_Catalog9\Catalog_Entries\ - File not foundO10 - NameSpace_Catalog5\Catalog_Entries\ [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)O10 - NameSpace_Catalog5\Catalog_Entries\ [] - C:\Windows\SysWow64\pcapwsp.dll (Proxy Labs)O10 - Protocol_Catalog9\Catalog_Entries\ - File not foundO10 - Protocol_Catalog9\Catalog_Entries\ - File not foundO10 - Protocol_Catalog9\Catalog_Entries\ - File not foundO10 - Protocol_Catalog9\Catalog_Entries\ - File not foundO10 - Protocol_Catalog9\Catalog_Entries\ - File not foundO13 - gopher Prefix: missingO13 - gopher Prefix: missingO16 - DPF: {8AD9C840-044E-11D1-B3E9-}
(Java Plug-in 1.6.0_26)O16 - DPF: {CAFEEFAC-26-ABCDEFFEDCBA}
(Java Plug-in 1.6.0_26)O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
(Java Plug-in 1.6.0_26)O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-}
(Shockwave Flash Object)O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1O18:64bit: - Protocol\Handler\livecall {-22C1-EF} - Reg Error: Key error. File not foundO18:64bit: - Protocol\Handler\ms-help {-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not foundO18:64bit: - Protocol\Handler\msnim {-22C1-EF} - Reg Error: Key error. File not foundO18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB--10D7BE1653C0} - Reg Error: Key error. File not foundO18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not foundO20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI5C88~1\Datamngr\x64\datamngr.dll) - C:\Program Files (x86)\Windows Savevid Toolbar\Datamngr\x64\datamngr.dll (Discordia, LTD)O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI5C88~1\Datamngr\x64\IEBHO.dll) - C:\Program Files (x86)\Windows Savevid Toolbar\Datamngr\x64\IEBHO.dll (Discordia, LTD)O20:64bit: - AppInit_DLLs: (C:\Windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO)O20 - AppInit_DLLs: (C:\PROGRA~2\WI5C88~1\Datamngr\datamngr.dll) - C:\Program Files (x86)\Windows Savevid Toolbar\Datamngr\datamngr.dll (Discordia, LTD)O20 - AppInit_DLLs: (C:\PROGRA~2\WI5C88~1\Datamngr\IEBHO.dll) - C:\Program Files (x86)\Windows Savevid Toolbar\Datamngr\IEBHO.dll (Discordia, LTD)O20 - AppInit_DLLs: (C:\Windows\SysWOW64\guard32.dll) - C:\Windows\SysWOW64\guard32.dll (COMODO)O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not foundO20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not foundO21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.O32 - HKLM CDRom: AutoRun - 1O34 - HKLM BootExecute: (autocheck autochk *) - File not foundO35:64bit: - HKLM\..comfile [open] -- &%1& %*O35:64bit: - HKLM\..exefile [open] -- &%1& %*O35 - HKLM\..comfile [open] -- &%1& %*O35 - HKLM\..exefile [open] -- &%1& %*O37:64bit: - HKLM\...com [@ = comfile] -- &%1& %*O37:64bit: - HKLM\...exe [@ = exefile] -- &%1& %*O37 - HKLM\...com [@ = comfile] -- &%1& %*O37 - HKLM\...exe [@ = exefile] -- &%1& %* ========== Files/Folders - Created Within 30 Days ========== [ 15:07:46 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Documents\Voice Files[ 15:06:44 | 000,586,992 | ---- | C] (Gracenote) -- C:\Windows\SysWow64\CddbLinkSony.dll[ 15:06:43 | 001,340,656 | ---- | C] (Gracenote, Inc.) -- C:\Windows\SysWow64\CDDBControlSony.dll[ 15:06:43 | 001,029,360 | ---- | C] (Gracenote) -- C:\Windows\SysWow64\CDDBUISony.dll[ 15:06:43 | 000,573,440 | ---- | C] () -- C:\Windows\SysWow64\id3lib.dll[ 15:06:43 | 000,028,672 | ---- | C] ( Sony/AC開発部) -- C:\Windows\SysWow64\spc.dll[ 15:06:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony Digital Voice Editor 3[ 19:19:55 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{2DC-48DA-8FB1-41E}[ 19:19:43 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{96F88E7C-CDF5-44E2-9B54-B6E42D410927}[ 10:58:10 | 000,000,000 | ---D | C] -- C:\cellcity[ 09:24:25 | 000,000,000 | ---D | C] -- C:\cs_forest_dense[ 08:31:23 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{ABC0E34D-DC45--CC8}[ 18:49:19 | 000,096,376 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SMR210.SYS[ 16:26:37 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{6D325F9D--BA23-E9C70C3C3D2B}[ 16:26:25 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{5A567BCE-E82E-40B3-8EF5-E12}[ 22:41:41 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{8B5020BD-3EBB-49BD-810C-DD2A433591DD}[ 22:41:28 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{2D9E0E1C-E7FE-4190-88AD-D5B7}[ 18:39:14 | 000,000,000 | ---D | C] -- C:\ZombieMod[ 21:51:56 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{5C0E5A23-0FED-E71A2F218A7}[ 21:51:44 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{964FE5C3-8D33-4455-AA5B-3D38C0060DCA}[ 21:50:55 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{A13FE584--B33E-F47DAA7658B3}[ 11:00:03 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Desktop\BuildRPmap[ 10:18:51 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\GameMaker[ 10:18:51 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Game Maker 8.1[ 17:38:05 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Desktop\blahblahblah[ 10:30:18 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{83FBA4DF-6F4F--57E6E6F43296}[ 10:30:05 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{AF74C817--9A21-}[ 21:59:07 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Desktop\New folder (9)[ 19:52:40 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{D18D-46B0-994E-96D}[ 19:52:28 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{5EBE-44C0-8E75-CE14307DE28B}[ 19:34:59 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{B2-42DC-A0D2-CBE}[ 19:34:47 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{-01AA-4CDA-AF96-31C27C4ABAE8}[ 16:31:01 | 000,000,000 | ---D | C] -- C:\Windows\en[ 16:19:13 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{17B171B2-B009-484E-9DA4-76B95C7CB75A}[ 16:18:44 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{BDA491D2-A211--F5DE3E3A0E5B}[ 15:50:09 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{C3E12A13-43CF-4FF5-AB6B-B}[ 15:49:57 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{C9B60AF4-5B7D-4DB2-91DC-E1C86D659922}[ 15:24:08 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\GayMaker 8.1[ 11:15:38 | 000,000,000 | ---D | C] -- C:\Users\ASUS\My Games[ 20:59:56 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\AutoTyperMurGee[ 20:59:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Auto Typer by MurGee[ 20:59:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auto Typer[ 16:41:27 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Documents\[bleep]ing rapist[ 20:25:57 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{4D8CECCE-592C-4C2F-8AA9-884C716BA456}[ 20:25:44 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{F5-46FD-B781-42FDD079BA65}[ 20:18:14 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{CEE022E2--B101-9D59BD91EC27}[ 17:42:46 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{-0759-46AC-A7E8-4D}[ 17:42:12 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{A-45ED-A551-D9}[ 17:35:48 | 000,000,000 | ---D | C] -- C:\Program Files\Proxy Labs[ 08:20:18 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{E56BF31B-DDF9-4B84-D0BC9DB}[ 18:12:28 | 000,000,000 | ---D | C] -- C:\Users\ASUS\.thumbnails[ 18:11:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blender Foundation[ 18:11:41 | 000,000,000 | ---D | C] -- C:\Program Files\Blender Foundation[ 17:57:48 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{FA9C7C3C-A2AD-4F73-B1B6-53DE}[ 17:57:36 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{13EDAC6F-B954-41B0-9A58-A063A6B2CDC3}[ 22:08:27 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{765BD257-691F-4F87-AEE0-DDCFF1212FC8}[ 22:08:16 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{22F14B11-DE94-49A6-A9F6-AF8F376522CA}[ 20:42:43 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{04B7C995-D8E5-4E4E-B06C-2B418DB43702}[ 20:42:31 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{12CAC87A-2DE9-44EB-A7D6-1A22CD6AC28A}[ 20:30:37 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{4BD-5CB23B808A}[ 20:30:12 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{B8F8BA56-9887-4AAD-A261-0FB8B20703B2}[ 20:29:49 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{A8DD7AD7-12ED-4A68-99F4-9CD96B40E79B}[ 19:40:46 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{C349C6DE-ED2C-42AE-8B53-FE3C5EA778FB}[ 19:39:41 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{D4F-444E-A81001E}[ 18:54:38 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{-B184-4A63-9F75-40C943CFD38A}[ 18:03:40 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{92F955AD-4842-4BDC-A13E-B65A}[ 18:03:27 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{32F864BE-DC6B-4B2F-BC86-CE}[ 17:50:21 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{22BFB1CE-0D26-4502-BCDD-2E}[ 16:43:19 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{596BBB5F-F004-4CA4-A529-4AF568A8E7A8}[ 16:43:07 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{0DFC-42E2-A9D8-EBEE}[ 08:22:47 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{6-4368-BFBA-4BCC880DE851}[ 08:22:05 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{95FA46DB-CBC3-47CF-9DBC-C49C}[ 19:16:00 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{EFE-427F-DFC76A65}[ 19:15:32 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{ADE3CA25-FBC4-0DD4AFEDB7}[ 11:37:47 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{BD9186FF-B612-45D6-B6DA-79D0D788EE6D}[ 11:26:52 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{BB5D43BF-95F8-4D7E-BA87-A0E7}[ 11:26:20 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{371C7D32-0ED4-4EB5-AAAE-CC2C2AC8E9DD}[ 17:01:44 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Desktop\update_3.0.8_to_3.0.9[ 17:01:17 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Desktop\styles[ 17:01:17 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Desktop\language[ 17:01:16 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Desktop\includes[ 17:01:16 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Desktop\download[ 17:01:16 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Desktop\adm[ 16:00:29 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Desktop\phpBB-3.0.8_to_3.0.9[ 21:42:36 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Maps[ 20:10:20 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{934DF828-916B-45F9-BA50-FA38E2B217EC}[ 19:53:54 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{200DE421--8138-4DAE789FCC10}[ 16:01:17 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{5D8F06F0-E-AF77-B1CC}[ 22:17:16 | 000,413,696 | ---- | C] (Proxy Labs) -- C:\Windows\SysWow64\pcapwsp.dll[ 22:17:12 | 000,315,392 | ---- | C] ( ) -- C:\Windows\SysWow64\sbcrreag.dll[ 22:15:40 | 000,526,336 | ---- | C] (Proxy Labs) -- C:\Windows\SysNative\pcapwsp.dll[ 22:15:36 | 000,356,352 | ---- | C] ( ) -- C:\Windows\SysNative\sbcrreag.dll[ 14:27:21 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Desktop\New folder (8)[ 14:13:56 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{72-4C48-B905-4D}[ 21:15:26 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Desktop\usb[ 15:26:58 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{35C5BE5B-30E3--DDCF}[ 14:41:00 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{DA-4C4B-B873-4D98DD388D08}[ 16:18:57 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Virtual PC[ 16:08:07 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{24702B6C-A328-4D1F-BFC1-F73AF21D3C07}[ 16:06:28 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{1A35724D-C2BF-490C-92BE-EDD}[ 16:05:51 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\Vitalwerks[ 16:05:22 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC[ 16:05:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\No-IP[ 12:58:19 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VTF Shell Extensions[ 12:58:18 | 000,000,000 | ---D | C] -- C:\Program Files\VTF Shell Extensions[ 16:17:35 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{C5BC185A-173E-46D4-AE90605ED}[ 18:02:00 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{AD0DC9D8-D5F5-4FDA-B2B8-}[ 21:35:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EasyFrom Trial[ 21:35:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EasyFrom Trial[ 21:02:49 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{276C5D26-D1DD-437D-A0FF-611BB5DA7F25}[ 19:49:49 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{22B4FB07-87CA-44F4-B803-2B}[ 07:48:39 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{C4CC1D48-033B-44A2-B045-157E97905EAC}[ 15:41:10 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{F60FA566-7F9C-45DC-802A-8950C6EAC7AD}[2 C:\Windows\*.tmp files -& C:\Windows\*.tmp -& ][2 C:\*.tmp files -& C:\*.tmp -& ] ========== Files - Modified Within 30 Days ========== [ 18:14:40 | 000,000,063 | ---- | M] () -- C:\Users\ASUS\Desktop\T.URL[ 15:57:33 | 001,767,902 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat[ 15:57:33 | 000,504,154 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat[ 15:57:33 | 000,006,608 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI[ 15:06:26 | 000,000,972 | ---- | M] () -- C:\Users\Public\Desktop\Digital Voice Editor 3.lnk[ 08:47:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat[ 21:16:03 | 000,017,529 | ---- | M] () -- C:\Users\ASUS\Documents_843.dmp.png[ 08:58:37 | 000,014,848 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B.C9-439d-D005A0[ 08:58:37 | 000,014,848 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B.C9-439d-D005A0[ 19:01:37 | 000,011,500 | ---- | M] () -- C:\Windows\SysNative\drivers\SMR210.dat[ 18:49:19 | 000,096,376 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SMR210.SYS[ 16:16:44 |
| -HS- | M] () -- C:\hiberfil.sys[ 15:23:29 | 000,007,612 | ---- | M] () -- C:\Users\ASUS\AppData\Local\Resmon.ResmonCfg[ 03:34:19 | 000,321,184 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT[ 03:09:09 | 000,006,590 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI[ 18:11:58 | 000,001,897 | ---- | M] () -- C:\Users\Public\Desktop\Blender.lnk[ 10:51:42 | 000,001,418 | ---- | M] () -- C:\Users\ASUS\Desktop\th_overlay.png[ 10:27:08 | 000,177,915 | ---- | M] () -- C:\Users\ASUS\Desktop\bedandpillow.zip[ 09:51:04 | 000,064,682 | ---- | M] () -- C:\Users\ASUS\Desktop\NV_simplemath_captcha_1_0_1.zip[ 09:40:12 | 000,039,004 | ---- | M] () -- C:\Users\ASUS\Desktop\one_click_ban-1.0.4.zip[ 17:00:51 | 000,594,999 | ---- | M] () -- C:\Users\ASUS\Desktop\update_3.0.8_to_3.0.9.tar.gz[ 16:05:20 | 000,068,469 | ---- | M] () -- C:\Users\ASUS\Desktop\viewtopic.php[ 16:05:20 | 000,000,625 | ---- | M] () -- C:\Users\ASUS\Desktop\web.config[ 16:05:18 | 000,060,187 | ---- | M] () -- C:\Users\ASUS\Desktop\posting.php[ 16:05:18 | 000,044,344 | ---- | M] () -- C:\Users\ASUS\Desktop\search.php[ 16:05:18 | 000,028,774 | ---- | M] () -- C:\Users\ASUS\Desktop\viewforum.php[ 16:05:18 | 000,009,649 | ---- | M] () -- C:\Users\ASUS\Desktop\ucp.php[ 16:05:18 | 000,008,093 | ---- | M] () -- C:\Users\ASUS\Desktop\style.php[ 16:05:16 | 000,062,900 | ---- | M] () -- C:\Users\ASUS\Desktop\memberlist.php[ 16:05:14 | 000,039,606 | ---- | M] () -- C:\Users\ASUS\Desktop\feed.php[ 16:05:14 | 000,004,515 | ---- | M] () -- C:\Users\ASUS\Desktop\cron.php[ 16:05:14 | 000,003,836 | ---- | M] () -- C:\Users\ASUS\Desktop\common.php[ 15:59:49 | 001,564,431 | ---- | M] () -- C:\Users\ASUS\Desktop\phpBB-3.0.8_to_3.0.9.zip[ 22:17:16 | 000,413,696 | ---- | M] (Proxy Labs) -- C:\Windows\SysWow64\pcapwsp.dll[ 22:17:12 | 000,315,392 | ---- | M] ( ) -- C:\Windows\SysWow64\sbcrreag.dll[ 22:15:40 | 000,526,336 | ---- | M] (Proxy Labs) -- C:\Windows\SysNative\pcapwsp.dll[ 22:15:36 | 000,356,352 | ---- | M] ( ) -- C:\Windows\SysNative\sbcrreag.dll[ 21:35:03 | 000,002,465 | ---- | M] () -- C:\Users\Public\Desktop\ESF Database Migration Toolkit - Standard.lnk[2 C:\Windows\*.tmp files -& C:\Windows\*.tmp -& ][2 C:\*.tmp files -& C:\*.tmp -& ] ========== Files Created - No Company Name ========== [ 18:14:40 | 000,000,063 | ---- | C] () -- C:\Users\ASUS\Desktop\T.URL[ 15:06:43 | 000,118,784 | ---- | C] () -- C:\Windows\SysWow64\mp3dec.dll[ 15:06:43 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\dsp_trc.dll[ 15:06:43 | 000,005,120 | ---- | C] () -- C:\Windows\SysWow64\IcdSptSvps.dll[ 15:06:26 | 000,000,972 | ---- | C] () -- C:\Users\Public\Desktop\Digital Voice Editor 3.lnk[ 21:16:03 | 000,017,529 | ---- | C] () -- C:\Users\ASUS\Documents_843.dmp.png[ 18:49:20 | 000,011,500 | ---- | C] () -- C:\Windows\SysNative\drivers\SMR210.dat[ 17:35:48 | 000,002,601 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProxyCap.lnk[ 18:11:56 | 000,001,897 | ---- | C] () -- C:\Users\Public\Desktop\Blender.lnk[ 10:51:41 | 000,001,418 | ---- | C] () -- C:\Users\ASUS\Desktop\th_overlay.png[ 10:27:06 | 000,177,915 | ---- | C] () -- C:\Users\ASUS\Desktop\bedandpillow.zip[ 09:51:01 | 000,064,682 | ---- | C] () -- C:\Users\ASUS\Desktop\NV_simplemath_captcha_1_0_1.zip[ 09:40:10 | 000,039,004 | ---- | C] () -- C:\Users\ASUS\Desktop\one_click_ban-1.0.4.zip[ 17:01:17 | 000,068,469 | ---- | C] () -- C:\Users\ASUS\Desktop\viewtopic.php[ 17:01:17 | 000,062,900 | ---- | C] () -- C:\Users\ASUS\Desktop\memberlist.php[ 17:01:17 | 000,060,187 | ---- | C] () -- C:\Users\ASUS\Desktop\posting.php[ 17:01:17 | 000,044,344 | ---- | C] () -- C:\Users\ASUS\Desktop\search.php[ 17:01:17 | 000,028,774 | ---- | C] () -- C:\Users\ASUS\Desktop\viewforum.php[ 17:01:17 | 000,009,649 | ---- | C] () -- C:\Users\ASUS\Desktop\ucp.php[ 17:01:17 | 000,008,093 | ---- | C] () -- C:\Users\ASUS\Desktop\style.php[ 17:01:17 | 000,000,625 | ---- | C] () -- C:\Users\ASUS\Desktop\web.config[ 17:01:16 | 000,039,606 | ---- | C] () -- C:\Users\ASUS\Desktop\feed.php[ 17:01:16 | 000,004,515 | ---- | C] () -- C:\Users\ASUS\Desktop\cron.php[ 17:01:16 | 000,003,836 | ---- | C] () -- C:\Users\ASUS\Desktop\common.php[ 16:58:12 | 000,594,999 | ---- | C] () -- C:\Users\ASUS\Desktop\update_3.0.8_to_3.0.9.tar.gz[ 15:59:42 | 001,564,431 | ---- | C] () -- C:\Users\ASUS\Desktop\phpBB-3.0.8_to_3.0.9.zip[ 21:35:03 | 000,002,465 | ---- | C] () -- C:\Users\Public\Desktop\ESF Database Migration Toolkit - Standard.lnk[ 18:43:48 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini[ 13:36:11 | 000,000,032 | ---- | C] () -- C:\ProgramData\hash.dat[ 18:51:08 | 000,007,612 | ---- | C] () -- C:\Users\ASUS\AppData\Local\Resmon.ResmonCfg[ 21:28:58 | 000,041,872 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll[ 16:52:34 | 000,006,590 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI[ 16:43:24 | 000,271,200 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe[ 16:43:19 | 000,075,136 | }
if you are not redirected within a few seconds.
Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.
Javascript Disabled Detected
You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.
Web Browser Injection
Started by
blackfire88
This topic is locked
blackfire88
Whenever i am browsing the internet, certain keywords like power are underlined, are green and link to an advertisement.
Something really weird called text-enhance...?
Advertisements
Hi,Download
to your DesktopDouble click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.Check the box that says Scan All Users.Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.Please copy (Edit-&Select All, Edit-&Copy) the contents of these files, one at a time and post them in your topic.
blackfire88
OTL logfile created on: 8/21/:57 PM - Run 1OTL by OldTimer - Version 3.2.26.5 Folder = C:\Users\Public\Music\sexy music64bit- An unknown product Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstationInternet Explorer (Version = 9.0.)Locale:
| Country: United States | Language: ENU | Date Format: M/d/yyyy 7.96 Gb Total Physical Memory | 4.37 Gb Available Physical Memory | 54.96% Memory free15.92 Gb Paging File | 11.62 Gb Available in Paging File | 73.01% Paging File freePaging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)Drive C: | 1862.92 Gb Total Space | 1652.03 Gb Free Space | 88.68% Space Free | Partition Type: NTFS Computer Name: ASUS-PC | User Name: ASUS | Logged in as Administrator.Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit ScansCompany Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [ 18:14:51 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Public\Music\sexy music\OTL.exePRC - [ 08:22:00 | 000,411,432 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exePRC - [ 08:21:12 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exePRC - [ 09:36:57 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exePRC - [ 17:35:38 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exePRC - [ 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exePRC - [ 17:29:54 | 001,951,112 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exePRC - [ 10:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccsvchst.exePRC - [ 19:43:20 | 007,797,112 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exePRC - [ 19:43:20 | 002,280,312 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exePRC - [ 19:14:11 | 000,108,408 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\tv_w32.exePRC - [ 15:32:56 | 000,428,336 | ---- | M] (Tesline-service) -- C:\Program Files (x86)\KidLogger\Kidlogger.exePRC - [ 22:36:33 | 001,115,536 | ---- | M] (Discordia, LTD) -- C:\Program Files (x86)\Windows Savevid Toolbar\Datamngr\datamngrUI.exePRC - [ 04:37:06 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exePRC - [ 21:02:56 | 000,755,040 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\SDKLauncher.exePRC - [ 21:02:56 | 000,144,720 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\orangebox\bin\hammer.exePRC - [ 22:17:56 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exePRC - [ 10:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exePRC - [ 22:49:08 | 006,974,464 | ---- | M] (The Audacity Team) -- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)\audacity.exePRC - [ 13:46:40 | 000,697,640 | ---- | M] (CyberLink Corporation.) -- C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exePRC - [ 16:10:48 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files (x86)\CyberLink\Shared files\brs.exePRC - [ 18:50:10 | 002,011,205 | ---- | M] (Informer Technologies, Inc.) -- C:\Program Files (x86)\Software Informer\softinfo.exePRC - [ 13:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exePRC - [ 18:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel& Management Engine Components\UNS\UNS.exePRC - [ 18:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel& Management Engine Components\LMS\LMS.exePRC - [ 13:22:04 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exePRC - [ 13:32:30 | 012,193,852 | ---- | M] (Macromedia Inc.) -- C:\Program Files (x86)\Macromedia\Fireworks MX\Fireworks.exe
========== Modules (No Company Name) ========== MOD - [ 17:30:52 | 000,155,232 | -H-- | M] () -- C:\Users\ASUS\AppData\Local\Temp\~2C4A.tmpMOD - [ 19:42:42 | 000,154,624 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;garrysmod\garrysmod\bin\game_shader_generic_garrysmod.dllMOD - [ 17:51:23 | 000,349,520 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\orangebox\bin\vgui2.dllMOD - [ 17:51:23 | 000,288,104 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\orangebox\bin\FileSystem_Steam.dllMOD - [ 08:21:59 | 014,401,832 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dllMOD - [ 08:21:59 | 000,214,528 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\mssvoice.asiMOD - [ 08:21:59 | 000,095,744 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\mssmp3.asiMOD - [ 08:21:51 | 000,914,216 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-52.dllMOD - [ 08:21:51 | 000,190,248 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dllMOD - [ 08:21:51 | 000,155,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-52.dllMOD - [ 08:21:51 | 000,091,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-50.dllMOD - [ 17:44:49 | 001,234,272 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\orangebox\bin\vguimatsurface.dllMOD - [ 17:44:49 | 001,017,184 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\orangebox\bin\MaterialSystem.dllMOD - [ 17:44:49 | 000,243,040 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\orangebox\bin\stdshader_dx6.dllMOD - [ 17:44:49 | 000,234,832 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\orangebox\bin\tier0.dllMOD - [ 17:44:49 | 000,181,600 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\orangebox\bin\stdshader_dx7.dllMOD - [ 17:44:49 | 000,116,064 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\orangebox\bin\inputsystem.dllMOD - [ 17:44:48 | 001,500,512 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\orangebox\bin\shaderapidx9.dllMOD - [ 17:44:48 | 000,931,160 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\orangebox\bin\vphysics.dllMOD - [ 17:44:48 | 000,550,240 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\orangebox\bin\stdshader_dx9.dllMOD - [ 17:44:48 | 000,460,128 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\orangebox\bin\StudioRender.dllMOD - [ 17:44:48 | 000,431,472 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\orangebox\bin\FileSystemOpenDialog.dllMOD - [ 17:44:48 | 000,365,920 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\orangebox\bin\stdshader_dx8.dllMOD - [ 17:44:48 | 000,243,032 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\orangebox\bin\datacache.dllMOD - [ 17:44:48 | 000,177,496 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\orangebox\bin\vstdlib.dllMOD - [ 17:44:48 | 000,169,312 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\orangebox\bin\stdshader_dbg.dllMOD - [ 04:28:48 | 000,076,288 | ---- | M] () -- C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\oko3wcv3.default\extensions\{15ea6b7b--bfb0-b2}\components\RadioWMPCoreGecko5.dllMOD - [ 09:36:57 | 001,850,328 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dllMOD - [ 18:39:20 | 011,213,288 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\orangebox\bin\libcef.dllMOD - [ 17:03:55 | 006,271,136 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dllMOD - [ 03:21:36 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dllMOD - [ 15:32:58 | 000,108,848 | ---- | M] () -- C:\Program Files (x86)\KidLogger\kidlog.dllMOD - [ 14:42:14 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt32.dllMOD - [ 21:02:57 | 000,349,520 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\vgui2.dllMOD - [ 21:02:57 | 000,288,104 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\FileSystem_Steam.dllMOD - [ 21:02:56 | 000,755,040 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\SDKLauncher.exeMOD - [ 21:02:56 | 000,234,832 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\tier0.dllMOD - [ 21:02:56 | 000,177,496 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\vstdlib.dllMOD - [ 21:02:56 | 000,144,720 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\orangebox\bin\hammer.exeMOD - [ 21:02:56 | 000,116,064 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\blackfire;sourcesdk\bin\inputsystem.dllMOD - [ 12:16:56 | 000,067,872 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dllMOD - [ 10:44:30 | 000,120,320 | ---- | M] () -- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)\wxbase28u_net_vc_custom.dllMOD - [ 10:44:26 | 000,472,064 | ---- | M] () -- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)\wxmsw28u_html_vc_custom.dllMOD - [ 10:44:10 | 000,678,400 | ---- | M] () -- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)\wxmsw28u_adv_vc_custom.dllMOD - [ 10:43:52 | 002,779,136 | ---- | M] () -- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)\wxmsw28u_core_vc_custom.dllMOD - [ 10:42:40 | 001,146,368 | ---- | M] () -- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)\wxbase28u_vc_custom.dllMOD - [ 09:52:26 | 033,735,976 | ---- | M] () -- C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\Res.dllMOD - [ 08:38:48 | 000,106,496 | ---- | M] () -- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)\Plug-Ins\sc4_1882.dllMOD - [ 08:38:48 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)\Plug-Ins\gverb_1216.dllMOD - [ 08:38:48 | 000,098,304 | ---- | M] () -- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)\Plug-Ins\hard_limiter_1413.dllMOD - [ 09:30:00 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dllMOD - [ 09:29:58 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dllMOD - [ 09:29:58 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dllMOD - [ 13:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dllMOD - [ 13:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dllMOD - [ 04:04:38 | 000,756,040 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSPTLS.DLLMOD - [ 22:54:32 | 000,657,920 | ---- | M] () -- C:\Program Files (x86)\File Shredder\fsshell.dllMOD - [ 11:09:42 | 000,815,104 | ---- | M] () -- C:\Program Files (x86)\Macromedia\Fireworks MX\Plug-Ins\FlashPlayerW.dllMOD - [ 12:14:10 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\Macromedia\Fireworks MX\Plug-Ins\TwainAgent.x32MOD - [ 12:14:06 | 004,558,910 | ---- | M] () -- C:\Program Files (x86)\Macromedia\Fireworks MX\Plug-Ins\gsdll32.dllMOD - [ 12:13:48 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\Macromedia\Fireworks MX\Plug-Ins\BMP Import Export.x32
========== Win32 Services (SafeList) ========== SRV:64bit: - [ 22:15:44 | 001,844,736 | ---- | M] (Proxy Labs) [Auto | Running] -- C:\Program Files\Proxy Labs\ProxyCap\pcapsvc.exe -- (pcapsvc)SRV:64bit: - [ 15:51:57 | 002,528,096 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)SRV:64bit: - [ 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)SRV:64bit: - [ 11:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)SRV:64bit: - [ 11:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)SRV - [ 08:22:00 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)SRV - [ 17:35:38 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)SRV - [ 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)SRV - [ 17:29:52 | 002,275,720 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)SRV - [ 10:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe -- (NIS)SRV - [ 19:43:20 | 002,280,312 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)SRV - [ 12:12:10 | 000,147,336 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe -- (LMIMaint)SRV - [ 12:12:04 | 000,373,640 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc)SRV - [ 11:04:20 | 000,407,424 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn)SRV - [ 10:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)SRV - [ 03:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)SRV - [ 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.3;mscorsvw.exe -- (clr_optimization_v4.0.30319_32)SRV - [ 18:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel& Management Engine Components\UNS\UNS.exe -- (UNS) Intel&SRV - [ 18:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel& Management Engine Components\LMS\LMS.exe -- (LMS) Intel&SRV - [ 07:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.5;mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ========== DRV:64bit: - [ 18:49:19 | 000,096,376 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SMR210.SYS -- (SMR210)DRV:64bit: - [ 17:45:12 | 000,386,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\D\symnets.sys -- (SymNetS)DRV:64bit: - [ 16:16:16 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)DRV:64bit: - [ 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)DRV:64bit: - [ 13:04:12 | 000,043,640 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SymIMV.sys -- (SymIM)DRV:64bit: - [ 13:00:09 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\NISx64\D\srtsp64.sys -- (SRTSP)DRV:64bit: - [ 13:00:09 | 000,040,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\D\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)DRV:64bit: - [ 12:31:23 | 000,912,504 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\D\symefa64.sys -- (SymEFA)DRV:64bit: - [ 16:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)DRV:64bit: - [ 16:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)DRV:64bit: - [ 16:47:10 | 000,450,680 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\D\symds64.sys -- (SymDS)DRV:64bit: - [ 15:07:06 | 000,171,128 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\D\ironx64.sys -- (SymIRON)DRV:64bit: - [ 12:12:30 | 000,087,456 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)DRV:64bit: - [ 23:34:02 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)DRV:64bit: - [ 23:34:02 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)DRV:64bit: - [ 23:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)DRV:64bit: - [ 21:35:32 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)DRV:64bit: - [ 21:35:24 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcuxd.sys -- (vpcuxd)DRV:64bit: - [ 21:35:20 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)DRV:64bit: - [ 21:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)DRV:64bit: - [ 14:40:06 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)DRV:64bit: - [ 14:39:58 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lmimirr.sys -- (lmimirr)DRV:64bit: - [ 06:08:55 | 000,155,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)DRV:64bit: - [ 03:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)DRV:64bit: - [ 18:40:06 | 000,032,872 | ---- | M] (TamoSoft) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tsvp.sys -- (TsVp)DRV:64bit: - [ 14:14:04 | 000,022,120 | ---- | M] (TamoSoft) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsvlb.sys -- (TsVlb)DRV:64bit: - [ 13:33:07 | 000,021,608 | ---- | M] (TamoSoft) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cv2k1.sys -- (CV2K1)DRV:64bit: - [ 13:48:28 | 000,024,560 | ---- | M] (Cyberlink Co.,Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CLBStor.sys -- (CLBStor)DRV:64bit: - [ 13:48:26 | 000,376,304 | ---- | M] (CyberLink Corporation.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\CLBUDF.sys -- (CLBUDF)DRV:64bit: - [ 11:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel&DRV:64bit: - [ 10:05:06 | 000,239,616 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)DRV:64bit: - [ 20:59:48 | 000,987,648 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)DRV:64bit: - [ 13:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)DRV:64bit: - [ 11:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)DRV:64bit: - [ 11:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)DRV:64bit: - [ 11:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)DRV:64bit: - [ 06:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)DRV:64bit: - [ 06:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)DRV:64bit: - [ 06:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)DRV:64bit: - [ 06:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)DRV:64bit: - [ 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)DRV:64bit: - [ 15:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)DRV:64bit: - [ 20:00:00 | 000,055,024 | ---- | M] (Sonic Solutions) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)DRV - [ 16:10:23 | 002,048,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF}\NIS_18.1.0.37\Definitions\VirusDefs\\EX64.SYS -- (NAVEX15)DRV - [ 16:10:23 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF}\NIS_18.1.0.37\Definitions\VirusDefs\\ENG64.SYS -- (NAVENG)DRV - [ 01:07:58 | 000,488,056 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF}\NIS_18.1.0.37\Definitions\IPSDefs\\IDSviA64.sys -- (IDSVia64)DRV - [ 16:11:02 | 000,481,912 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)DRV - [ 16:11:02 | 000,136,824 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)DRV - [ 10:27:21 | 001,151,096 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF}\NIS_18.1.0.37\Definitions\BASHDefs\\BHDrvx64.sys -- (BHDrvx64)DRV - [ 14:40:06 | 000,015,928 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys -- (LMIInfo)DRV - [ 15:10:38 | 000,146,928 | ---- | M] (CyberLink Corp.) [ 11:31:44] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD9\000.fcl -- ({B0F-42cc-FBDF4BD})DRV - [ 11:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-usIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C0 10 AA 90 8C F6 CB 01 [binary data]IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: &ProxyEnable& = 0IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: &ProxyOverride& = *.local ========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()FF - HKLM\Software\MozillaPlugins\@/iTunes,version=: File not foundFF - HKLM\Software\MozillaPlugins\@/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()FF - HKLM\Software\MozillaPlugins\@/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)FF - HKLM\Software\MozillaPlugins\@/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.2;npctrl.dll ( Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@/WLPG,version=15.4.: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@/WLPG,version=15.4.: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@/WLPG,version=15.4.: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)FF - HKLM\Software\MozillaPlugins\@/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0a-AA10-DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF}\NIS_18.1.0.37\IPSFFPlgn\ [ 22:01:16 | 000,000,000 | ---D | M]FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF}\NIS_18.1.0.37\coFFPlgn__8 [ 16:17:01 | 000,000,000 | ---D | M]FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [ 09:36:57 | 000,000,000 | ---D | M]FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [ 15:58:41 | 000,000,000 | ---D | M] [ 10:58:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ASUS\AppData\Roaming\Mozilla\Extensions[ 16:34:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\oko3wcv3.default\extensions[ 09:51:21 | 000,000,000 | ---D | M] (&Winamp Toolbar&) -- C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\oko3wcv3.default\extensions\{0b3-484d-a11f-5e04a9b0661f}[ 13:02:39 | 000,000,000 | ---D | M] (primarytarget Community Toolbar) -- C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\oko3wcv3.default\extensions\{15ea6b7b--bfb0-b2}[ 16:09:59 | 000,000,000 | ---D | M] (Web Developer) -- C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\oko3wcv3.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}[ 20:33:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions[ 16:33:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-24-ABCDEFFEDCBA}[ 20:33:26 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-26-ABCDEFFEDCBA}[ 09:36:57 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll[ 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll[ 04:38:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll[ 17:57:14 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml[ 01:17:40 | 000,005,529 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\SearchquWebSearch.xml O1 HOSTS File: ([ 07:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hostsO2:64bit: - BHO: (UrlHelper Class) - {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - C:\Program Files (x86)\Windows Savevid Toolbar\Datamngr\x64\IEBHO.dll (Discordia, LTD)O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL Inc.)O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF--95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coieplg.dll (Symantec Corporation)O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-FC} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ips\ipsbho.dll (Symantec Corporation)O2 - BHO: (Searchqu Toolbar) - {f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\searchqudtx.dll ()O2 - BHO: (UrlHelper Class) - {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - C:\Program Files (x86)\Windows Savevid Toolbar\Datamngr\IEBHO.dll (Discordia, LTD)O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19--FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coieplg.dll (Symantec Corporation)O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Windows Savevid Toolbar\ToolBar\searchqudtx.dll ()O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL Inc.)O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19--FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coieplg.dll (Symantec Corporation)O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-A-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL Inc.)O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)O4:64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)O4:64bit: - HKLM..\Run: [ProxyCap] C:\Program Files\Proxy Labs\ProxyCap\pcapui.exe (Proxy Labs)O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)O4 - HKLM..\Run: [DATAMNGR] C:\Program Files (x86)\Windows Savevid Toolbar\Datamngr\datamngrUI.exe (Discordia, LTD)O4 - HKLM..\Run: [InstantBurn] C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe (CyberLink Corporation.)O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)O4 - HKLM..\Run: [RemoteControl9] C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)O4 - HKLM..\Run: [UpdatePPShortCut] C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)O4 - HKCU..\Run: [AutoTyperMurGee] C:\Program Files (x86)\Auto Typer by MurGee\AutoTyper.exe ()O4 - HKCU..\Run: [fsm] File not foundO4 - HKCU..\Run: [MS Shell Services] C:\Program Files (x86)\KidLogger\Kidlogger.exe (Tesline-service)O4 - HKCU..\Run: [Software Informer] C:\Program Files (x86)\Software Informer\softinfo.exe (Informer Technologies, Inc.)O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)O4 - HKCU..\RunOnce: [*NMRUI] C:\Users\ASUS\Downloads\NPE.exe (Symantec Corporation)O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10t_Plugin.exe (Adobe Systems, Inc.)O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3O10:64bit: - NameSpace_Catalog5\Catalog_Entries\ [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)O10:64bit: - NameSpace_Catalog5\Catalog_Entries\ [] - C:\Windows\SysNative\pcapwsp.dll (Proxy Labs)O10:64bit: - Protocol_Catalog9\Catalog_Entries\ - File not foundO10:64bit: - Protocol_Catalog9\Catalog_Entries\ - File not foundO10:64bit: - Protocol_Catalog9\Catalog_Entries\ - File not foundO10:64bit: - Protocol_Catalog9\Catalog_Entries\ - File not foundO10:64bit: - Protocol_Catalog9\Catalog_Entries\ - File not foundO10 - NameSpace_Catalog5\Catalog_Entries\ [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)O10 - NameSpace_Catalog5\Catalog_Entries\ [] - C:\Windows\SysWow64\pcapwsp.dll (Proxy Labs)O10 - Protocol_Catalog9\Catalog_Entries\ - File not foundO10 - Protocol_Catalog9\Catalog_Entries\ - File not foundO10 - Protocol_Catalog9\Catalog_Entries\ - File not foundO10 - Protocol_Catalog9\Catalog_Entries\ - File not foundO10 - Protocol_Catalog9\Catalog_Entries\ - File not foundO13 - gopher Prefix: missingO13 - gopher Prefix: missingO16 - DPF: {8AD9C840-044E-11D1-B3E9-}
(Java Plug-in 1.6.0_26)O16 - DPF: {CAFEEFAC-26-ABCDEFFEDCBA}
(Java Plug-in 1.6.0_26)O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
(Java Plug-in 1.6.0_26)O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-}
(Shockwave Flash Object)O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1O18:64bit: - Protocol\Handler\livecall {-22C1-EF} - Reg Error: Key error. File not foundO18:64bit: - Protocol\Handler\ms-help {-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not foundO18:64bit: - Protocol\Handler\msnim {-22C1-EF} - Reg Error: Key error. File not foundO18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB--10D7BE1653C0} - Reg Error: Key error. File not foundO18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not foundO20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI5C88~1\Datamngr\x64\datamngr.dll) - C:\Program Files (x86)\Windows Savevid Toolbar\Datamngr\x64\datamngr.dll (Discordia, LTD)O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI5C88~1\Datamngr\x64\IEBHO.dll) - C:\Program Files (x86)\Windows Savevid Toolbar\Datamngr\x64\IEBHO.dll (Discordia, LTD)O20:64bit: - AppInit_DLLs: (C:\Windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO)O20 - AppInit_DLLs: (C:\PROGRA~2\WI5C88~1\Datamngr\datamngr.dll) - C:\Program Files (x86)\Windows Savevid Toolbar\Datamngr\datamngr.dll (Discordia, LTD)O20 - AppInit_DLLs: (C:\PROGRA~2\WI5C88~1\Datamngr\IEBHO.dll) - C:\Program Files (x86)\Windows Savevid Toolbar\Datamngr\IEBHO.dll (Discordia, LTD)O20 - AppInit_DLLs: (C:\Windows\SysWOW64\guard32.dll) - C:\Windows\SysWOW64\guard32.dll (COMODO)O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not foundO20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not foundO21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.O32 - HKLM CDRom: AutoRun - 1O34 - HKLM BootExecute: (autocheck autochk *) - File not foundO35:64bit: - HKLM\..comfile [open] -- &%1& %*O35:64bit: - HKLM\..exefile [open] -- &%1& %*O35 - HKLM\..comfile [open] -- &%1& %*O35 - HKLM\..exefile [open] -- &%1& %*O37:64bit: - HKLM\...com [@ = comfile] -- &%1& %*O37:64bit: - HKLM\...exe [@ = exefile] -- &%1& %*O37 - HKLM\...com [@ = comfile] -- &%1& %*O37 - HKLM\...exe [@ = exefile] -- &%1& %* ========== Files/Folders - Created Within 30 Days ========== [ 15:07:46 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Documents\Voice Files[ 15:06:44 | 000,586,992 | ---- | C] (Gracenote) -- C:\Windows\SysWow64\CddbLinkSony.dll[ 15:06:43 | 001,340,656 | ---- | C] (Gracenote, Inc.) -- C:\Windows\SysWow64\CDDBControlSony.dll[ 15:06:43 | 001,029,360 | ---- | C] (Gracenote) -- C:\Windows\SysWow64\CDDBUISony.dll[ 15:06:43 | 000,573,440 | ---- | C] () -- C:\Windows\SysWow64\id3lib.dll[ 15:06:43 | 000,028,672 | ---- | C] ( Sony/AC開発部) -- C:\Windows\SysWow64\spc.dll[ 15:06:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony Digital Voice Editor 3[ 19:19:55 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{2DC-48DA-8FB1-41E}[ 19:19:43 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{96F88E7C-CDF5-44E2-9B54-B6E42D410927}[ 10:58:10 | 000,000,000 | ---D | C] -- C:\cellcity[ 09:24:25 | 000,000,000 | ---D | C] -- C:\cs_forest_dense[ 08:31:23 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{ABC0E34D-DC45--CC8}[ 18:49:19 | 000,096,376 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SMR210.SYS[ 16:26:37 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{6D325F9D--BA23-E9C70C3C3D2B}[ 16:26:25 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{5A567BCE-E82E-40B3-8EF5-E12}[ 22:41:41 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{8B5020BD-3EBB-49BD-810C-DD2A433591DD}[ 22:41:28 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{2D9E0E1C-E7FE-4190-88AD-D5B7}[ 18:39:14 | 000,000,000 | ---D | C] -- C:\ZombieMod[ 21:51:56 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{5C0E5A23-0FED-E71A2F218A7}[ 21:51:44 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{964FE5C3-8D33-4455-AA5B-3D38C0060DCA}[ 21:50:55 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{A13FE584--B33E-F47DAA7658B3}[ 11:00:03 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Desktop\BuildRPmap[ 10:18:51 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\GameMaker[ 10:18:51 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Game Maker 8.1[ 17:38:05 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Desktop\blahblahblah[ 10:30:18 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{83FBA4DF-6F4F--57E6E6F43296}[ 10:30:05 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{AF74C817--9A21-}[ 21:59:07 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Desktop\New folder (9)[ 19:52:40 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{D18D-46B0-994E-96D}[ 19:52:28 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{5EBE-44C0-8E75-CE14307DE28B}[ 19:34:59 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{B2-42DC-A0D2-CBE}[ 19:34:47 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{-01AA-4CDA-AF96-31C27C4ABAE8}[ 16:31:01 | 000,000,000 | ---D | C] -- C:\Windows\en[ 16:19:13 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{17B171B2-B009-484E-9DA4-76B95C7CB75A}[ 16:18:44 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{BDA491D2-A211--F5DE3E3A0E5B}[ 15:50:09 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{C3E12A13-43CF-4FF5-AB6B-B}[ 15:49:57 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{C9B60AF4-5B7D-4DB2-91DC-E1C86D659922}[ 15:24:08 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\GayMaker 8.1[ 11:15:38 | 000,000,000 | ---D | C] -- C:\Users\ASUS\My Games[ 20:59:56 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\AutoTyperMurGee[ 20:59:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Auto Typer by MurGee[ 20:59:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auto Typer[ 16:41:27 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Documents\[bleep]ing rapist[ 20:25:57 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{4D8CECCE-592C-4C2F-8AA9-884C716BA456}[ 20:25:44 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{F5-46FD-B781-42FDD079BA65}[ 20:18:14 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{CEE022E2--B101-9D59BD91EC27}[ 17:42:46 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{-0759-46AC-A7E8-4D}[ 17:42:12 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{A-45ED-A551-D9}[ 17:35:48 | 000,000,000 | ---D | C] -- C:\Program Files\Proxy Labs[ 08:20:18 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{E56BF31B-DDF9-4B84-D0BC9DB}[ 18:12:28 | 000,000,000 | ---D | C] -- C:\Users\ASUS\.thumbnails[ 18:11:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blender Foundation[ 18:11:41 | 000,000,000 | ---D | C] -- C:\Program Files\Blender Foundation[ 17:57:48 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{FA9C7C3C-A2AD-4F73-B1B6-53DE}[ 17:57:36 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{13EDAC6F-B954-41B0-9A58-A063A6B2CDC3}[ 22:08:27 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{765BD257-691F-4F87-AEE0-DDCFF1212FC8}[ 22:08:16 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{22F14B11-DE94-49A6-A9F6-AF8F376522CA}[ 20:42:43 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{04B7C995-D8E5-4E4E-B06C-2B418DB43702}[ 20:42:31 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{12CAC87A-2DE9-44EB-A7D6-1A22CD6AC28A}[ 20:30:37 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{4BD-5CB23B808A}[ 20:30:12 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{B8F8BA56-9887-4AAD-A261-0FB8B20703B2}[ 20:29:49 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{A8DD7AD7-12ED-4A68-99F4-9CD96B40E79B}[ 19:40:46 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{C349C6DE-ED2C-42AE-8B53-FE3C5EA778FB}[ 19:39:41 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{D4F-444E-A81001E}[ 18:54:38 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{-B184-4A63-9F75-40C943CFD38A}[ 18:03:40 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{92F955AD-4842-4BDC-A13E-B65A}[ 18:03:27 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{32F864BE-DC6B-4B2F-BC86-CE}[ 17:50:21 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{22BFB1CE-0D26-4502-BCDD-2E}[ 16:43:19 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{596BBB5F-F004-4CA4-A529-4AF568A8E7A8}[ 16:43:07 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{0DFC-42E2-A9D8-EBEE}[ 08:22:47 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{6-4368-BFBA-4BCC880DE851}[ 08:22:05 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{95FA46DB-CBC3-47CF-9DBC-C49C}[ 19:16:00 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{EFE-427F-DFC76A65}[ 19:15:32 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{ADE3CA25-FBC4-0DD4AFEDB7}[ 11:37:47 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{BD9186FF-B612-45D6-B6DA-79D0D788EE6D}[ 11:26:52 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{BB5D43BF-95F8-4D7E-BA87-A0E7}[ 11:26:20 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{371C7D32-0ED4-4EB5-AAAE-CC2C2AC8E9DD}[ 17:01:44 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Desktop\update_3.0.8_to_3.0.9[ 17:01:17 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Desktop\styles[ 17:01:17 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Desktop\language[ 17:01:16 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Desktop\includes[ 17:01:16 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Desktop\download[ 17:01:16 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Desktop\adm[ 16:00:29 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Desktop\phpBB-3.0.8_to_3.0.9[ 21:42:36 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Maps[ 20:10:20 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{934DF828-916B-45F9-BA50-FA38E2B217EC}[ 19:53:54 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{200DE421--8138-4DAE789FCC10}[ 16:01:17 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{5D8F06F0-E-AF77-B1CC}[ 22:17:16 | 000,413,696 | ---- | C] (Proxy Labs) -- C:\Windows\SysWow64\pcapwsp.dll[ 22:17:12 | 000,315,392 | ---- | C] ( ) -- C:\Windows\SysWow64\sbcrreag.dll[ 22:15:40 | 000,526,336 | ---- | C] (Proxy Labs) -- C:\Windows\SysNative\pcapwsp.dll[ 22:15:36 | 000,356,352 | ---- | C] ( ) -- C:\Windows\SysNative\sbcrreag.dll[ 14:27:21 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Desktop\New folder (8)[ 14:13:56 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{72-4C48-B905-4D}[ 21:15:26 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Desktop\usb[ 15:26:58 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{35C5BE5B-30E3--DDCF}[ 14:41:00 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{DA-4C4B-B873-4D98DD388D08}[ 16:18:57 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Virtual PC[ 16:08:07 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{24702B6C-A328-4D1F-BFC1-F73AF21D3C07}[ 16:06:28 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{1A35724D-C2BF-490C-92BE-EDD}[ 16:05:51 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\Vitalwerks[ 16:05:22 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC[ 16:05:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\No-IP[ 12:58:19 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VTF Shell Extensions[ 12:58:18 | 000,000,000 | ---D | C] -- C:\Program Files\VTF Shell Extensions[ 16:17:35 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{C5BC185A-173E-46D4-AE90605ED}[ 18:02:00 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{AD0DC9D8-D5F5-4FDA-B2B8-}[ 21:35:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EasyFrom Trial[ 21:35:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EasyFrom Trial[ 21:02:49 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{276C5D26-D1DD-437D-A0FF-611BB5DA7F25}[ 19:49:49 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{22B4FB07-87CA-44F4-B803-2B}[ 07:48:39 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{C4CC1D48-033B-44A2-B045-157E97905EAC}[ 15:41:10 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{F60FA566-7F9C-45DC-802A-8950C6EAC7AD}[2 C:\Windows\*.tmp files -& C:\Windows\*.tmp -& ][2 C:\*.tmp files -& C:\*.tmp -& ] ========== Files - Modified Within 30 Days ========== [ 18:14:40 | 000,000,063 | ---- | M] () -- C:\Users\ASUS\Desktop\T.URL[ 15:57:33 | 001,767,902 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat[ 15:57:33 | 000,504,154 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat[ 15:57:33 | 000,006,608 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI[ 15:06:26 | 000,000,972 | ---- | M] () -- C:\Users\Public\Desktop\Digital Voice Editor 3.lnk[ 08:47:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat[ 21:16:03 | 000,017,529 | ---- | M] () -- C:\Users\ASUS\Documents_843.dmp.png[ 08:58:37 | 000,014,848 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B.C9-439d-D005A0[ 08:58:37 | 000,014,848 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B.C9-439d-D005A0[ 19:01:37 | 000,011,500 | ---- | M] () -- C:\Windows\SysNative\drivers\SMR210.dat[ 18:49:19 | 000,096,376 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SMR210.SYS[ 16:16:44 |
| -HS- | M] () -- C:\hiberfil.sys[ 15:23:29 | 000,007,612 | ---- | M] () -- C:\Users\ASUS\AppData\Local\Resmon.ResmonCfg[ 03:34:19 | 000,321,184 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT[ 03:09:09 | 000,006,590 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI[ 18:11:58 | 000,001,897 | ---- | M] () -- C:\Users\Public\Desktop\Blender.lnk[ 10:51:42 | 000,001,418 | ---- | M] () -- C:\Users\ASUS\Desktop\th_overlay.png[ 10:27:08 | 000,177,915 | ---- | M] () -- C:\Users\ASUS\Desktop\bedandpillow.zip[ 09:51:04 | 000,064,682 | ---- | M] () -- C:\Users\ASUS\Desktop\NV_simplemath_captcha_1_0_1.zip[ 09:40:12 | 000,039,004 | ---- | M] () -- C:\Users\ASUS\Desktop\one_click_ban-1.0.4.zip[ 17:00:51 | 000,594,999 | ---- | M] () -- C:\Users\ASUS\Desktop\update_3.0.8_to_3.0.9.tar.gz[ 16:05:20 | 000,068,469 | ---- | M] () -- C:\Users\ASUS\Desktop\viewtopic.php[ 16:05:20 | 000,000,625 | ---- | M] () -- C:\Users\ASUS\Desktop\web.config[ 16:05:18 | 000,060,187 | ---- | M] () -- C:\Users\ASUS\Desktop\posting.php[ 16:05:18 | 000,044,344 | ---- | M] () -- C:\Users\ASUS\Desktop\search.php[ 16:05:18 | 000,028,774 | ---- | M] () -- C:\Users\ASUS\Desktop\viewforum.php[ 16:05:18 | 000,009,649 | ---- | M] () -- C:\Users\ASUS\Desktop\ucp.php[ 16:05:18 | 000,008,093 | ---- | M] () -- C:\Users\ASUS\Desktop\style.php[ 16:05:16 | 000,062,900 | ---- | M] () -- C:\Users\ASUS\Desktop\memberlist.php[ 16:05:14 | 000,039,606 | ---- | M] () -- C:\Users\ASUS\Desktop\feed.php[ 16:05:14 | 000,004,515 | ---- | M] () -- C:\Users\ASUS\Desktop\cron.php[ 16:05:14 | 000,003,836 | ---- | M] () -- C:\Users\ASUS\Desktop\common.php[ 15:59:49 | 001,564,431 | ---- | M] () -- C:\Users\ASUS\Desktop\phpBB-3.0.8_to_3.0.9.zip[ 22:17:16 | 000,413,696 | ---- | M] (Proxy Labs) -- C:\Windows\SysWow64\pcapwsp.dll[ 22:17:12 | 000,315,392 | ---- | M] ( ) -- C:\Windows\SysWow64\sbcrreag.dll[ 22:15:40 | 000,526,336 | ---- | M] (Proxy Labs) -- C:\Windows\SysNative\pcapwsp.dll[ 22:15:36 | 000,356,352 | ---- | M] ( ) -- C:\Windows\SysNative\sbcrreag.dll[ 21:35:03 | 000,002,465 | ---- | M] () -- C:\Users\Public\Desktop\ESF Database Migration Toolkit - Standard.lnk[2 C:\Windows\*.tmp files -& C:\Windows\*.tmp -& ][2 C:\*.tmp files -& C:\*.tmp -& ] ========== Files Created - No Company Name ========== [ 18:14:40 | 000,000,063 | ---- | C] () -- C:\Users\ASUS\Desktop\T.URL[ 15:06:43 | 000,118,784 | ---- | C] () -- C:\Windows\SysWow64\mp3dec.dll[ 15:06:43 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\dsp_trc.dll[ 15:06:43 | 000,005,120 | ---- | C] () -- C:\Windows\SysWow64\IcdSptSvps.dll[ 15:06:26 | 000,000,972 | ---- | C] () -- C:\Users\Public\Desktop\Digital Voice Editor 3.lnk[ 21:16:03 | 000,017,529 | ---- | C] () -- C:\Users\ASUS\Documents_843.dmp.png[ 18:49:20 | 000,011,500 | ---- | C] () -- C:\Windows\SysNative\drivers\SMR210.dat[ 17:35:48 | 000,002,601 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProxyCap.lnk[ 18:11:56 | 000,001,897 | ---- | C] () -- C:\Users\Public\Desktop\Blender.lnk[ 10:51:41 | 000,001,418 | ---- | C] () -- C:\Users\ASUS\Desktop\th_overlay.png[ 10:27:06 | 000,177,915 | ---- | C] () -- C:\Users\ASUS\Desktop\bedandpillow.zip[ 09:51:01 | 000,064,682 | ---- | C] () -- C:\Users\ASUS\Desktop\NV_simplemath_captcha_1_0_1.zip[ 09:40:10 | 000,039,004 | ---- | C] () -- C:\Users\ASUS\Desktop\one_click_ban-1.0.4.zip[ 17:01:17 | 000,068,469 | ---- | C] () -- C:\Users\ASUS\Desktop\viewtopic.php[ 17:01:17 | 000,062,900 | ---- | C] () -- C:\Users\ASUS\Desktop\memberlist.php[ 17:01:17 | 000,060,187 | ---- | C] () -- C:\Users\ASUS\Desktop\posting.php[ 17:01:17 | 000,044,344 | ---- | C] () -- C:\Users\ASUS\Desktop\search.php[ 17:01:17 | 000,028,774 | ---- | C] () -- C:\Users\ASUS\Desktop\viewforum.php[ 17:01:17 | 000,009,649 | ---- | C] () -- C:\Users\ASUS\Desktop\ucp.php[ 17:01:17 | 000,008,093 | ---- | C] () -- C:\Users\ASUS\Desktop\style.php[ 17:01:17 | 000,000,625 | ---- | C] () -- C:\Users\ASUS\Desktop\web.config[ 17:01:16 | 000,039,606 | ---- | C] () -- C:\Users\ASUS\Desktop\feed.php[ 17:01:16 | 000,004,515 | ---- | C] () -- C:\Users\ASUS\Desktop\cron.php[ 17:01:16 | 000,003,836 | ---- | C] () -- C:\Users\ASUS\Desktop\common.php[ 16:58:12 | 000,594,999 | ---- | C] () -- C:\Users\ASUS\Desktop\update_3.0.8_to_3.0.9.tar.gz[ 15:59:42 | 001,564,431 | ---- | C] () -- C:\Users\ASUS\Desktop\phpBB-3.0.8_to_3.0.9.zip[ 21:35:03 | 000,002,465 | ---- | C] () -- C:\Users\Public\Desktop\ESF Database Migration Toolkit - Standard.lnk[ 18:43:48 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini[ 13:36:11 | 000,000,032 | ---- | C] () -- C:\ProgramData\hash.dat[ 18:51:08 | 000,007,612 | ---- | C] () -- C:\Users\ASUS\AppData\Local\Resmon.ResmonCfg[ 21:28:58 | 000,041,872 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll[ 16:52:34 | 000,006,590 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI[ 16:43:24 | 000,271,200 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe[ 16:43:19 | 000,075,136 | }
我要回帖
更多关于 typer 的文章
更多推荐
- ·会员制电商爱用商品有必要开通吗城怎么样啊?有人用过吗 听说最近也在搞直播?
- ·醉江山3D(传世元神版官网)在哪个平台最好玩?
- ·醉江山3d哪个软件比较好平台玩家多?
- ·刘谦魔术10个简单的扑克牌魔术揭秘!如何完成的?
- ·来自星尘传说重置版开服了吗知乎5月更新,已经通关的玩家有再玩一次的必要吗?
- ·无生育保险生二胎能享受什么政策
- ·东方通的毛利率和净利率是多少为正常率
- ·如何通过主图优化提高阿里国际站产品点击率
- ·在牟平开个张包包生意会好么
- ·微信支付到底做对了什么,使得近两年的份额大涨
- ·淄博哪有卖工业除湿机的厂家
- ·首山夜市什么时候能摆
- ·求帮助加盟南方养生乳赚钱吗?盈利大吗?
- ·想知道云交易投资交易笔记 百度云现状怎么样?
- ·我被合同一方欧打,现起诉要求解除合同同要赔偿对方吗
- ·有哪家乐园用过芸苔餐厅收银系统哪家好,效果怎样?好用吗?
- ·.集团阿里云域名申请请有什么条件吗?
- ·我手机魅族max6为啥下载flash没用
- ·马上要去日本需要准备什么,准备办个联通的26一天的流量包,有人用过么,怎么样,网速怎么样 可以开热点么
- ·Vegas12 e420不支持win8系统统吗
- ·autoaim by sae typer by murgee软件怎么用
- ·为什么App下载的文件下载后打不开打不开
- ·qq给任务刷单被骗该怎么办
- ·如何实现对hidejs show hide的交替实现
- ·如何借助 wifi窃取信息个人信息
- ·刚订了一台电脑,请大神请帮我看看小马宝莉怎么样?
- ·我也想要百度会员激活码领取员
- ·thinkpad e t 区别t570和thinkpad e t 区别t570有什么区别
- ·新版qq空间红包包提示仙人抚我顶
- ·花间提壶方大厨2在线看百度云
- ·如何利用PowerDesigner中设计高中生物概念模型型
- ·灯线是不是从电箱出来中国第一条彩电生产线线控制所以灯
- ·谁有C++程序的性能分析工具推荐吗,比如像VS
- ·50 求可以用的迅雷会员账号号用半天
- ·C#如何实现获取怎么看电脑硬件配置置信息
