Selvaria

Members
  • Content count

    11
  • Joined

  • Last visited

About Selvaria

  • Rank
    New Member
  1. Hello, it finished and the startup is the same, but I believe running games got a bit faster. I have yet to find any other issues.
  2. Hello, just letting you know that the defragmenter is currently listing the remaining time as >1 day. So I'm not abandoning the threat, it'll just take really long XD
  3. Hi, I finished the scan along with your other steps. Here is the URL (I hope): http://www.pcpitstop.com/betapit/sec.asp?conid=25000428&report=Summary
  4. The PCPitstop site is currently down for maintanance, but I'll run it as soon as it's up.
  5. Hey again, PC -seems- fine, though a little slower on startup (I did install ~3 new games over the weekend). Other than that, no issues that I can tell. Just following up on your double check suggestion! Here is the ESET: ESETSmartInstaller@High as CAB hook log: OnlineScanner64.ocx - registred OK OnlineScanner.ocx - registred OK # version=7 # iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330) # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=09867f484d36a14bb05e7a9ac0fa4f51 # end=finished # remove_checked=true # archives_checked=false # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2012-07-23 08:31:19 # local_time=2012-07-23 04:31:19 (-0500, Eastern Daylight Time) # country="United States" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=1024 16777215 100 0 0 0 0 0 # compatibility_mode=5893 16776573 100 94 0 94609991 0 0 # compatibility_mode=8192 67108863 100 0 0 0 0 0 # scanned=650872 # found=0 # cleaned=0 # scan_time=8938 Here is your program: Results of screen317's Security Check version 0.99.43 Windows 7 Service Pack 1 x64 (UAC is disabled!) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! avast! Antivirus Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.62.0.1300 Java 6 Update 31 Visual Studio Extensions for Windows Library for JavaScript Java version out of Date! Adobe Reader X (10.1.3) Mozilla Firefox (14.0.1) ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe AVAST Software Avast AvastSvc.exe AVAST Software Avast AvastUI.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 4% ````````````````````End of Log``````````````````````
  6. That didn't take long at all Here are the combofix, DDS, and DDS attach in order: ComboFix 12-07-20.02 - Tony 07/20/2012 15:45:59.1.6 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8190.5603 [GMT -4:00] Running from: c:\users\Tony\Desktop\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\Install.exe c:\users\Tony\AppData\Local\assembly\tmp c:\windows\SysWow64\d2d1debug1.dll . . ((((((((((((((((((((((((( Files Created from 2012-06-20 to 2012-07-20 ))))))))))))))))))))))))))))))) . . 2012-07-20 13:29 . 2012-07-20 13:29 -------- d-----w- c:\program files\CCleaner 2012-07-20 10:12 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6964CD5C-4F56-4F7E-AAA1-7AA7147B0BCD}\mpengine.dll 2012-07-20 01:26 . 2012-07-20 01:26 -------- d-----w- c:\programdata\IBUpdaterService 2012-07-20 01:26 . 2012-07-20 01:27 -------- d-----w- c:\users\Tony\AppData\Roaming\PerformerSoft 2012-07-20 01:26 . 2012-03-14 19:47 19000 ----a-w- c:\windows\system32\roboot64.exe 2012-07-20 01:26 . 2012-07-20 01:35 -------- d-----w- c:\users\Tony\AppData\Local\Conduit 2012-07-20 01:25 . 2009-03-18 21:35 33856 ---ha-w- c:\windows\system32\hamachi.sys 2012-07-19 23:40 . 2012-07-20 00:11 -------- d-----w- c:\users\Tony\AppData\Roaming\DarkBlood ServiceNa 2012-07-19 23:13 . 2012-07-19 23:14 -------- d-----w- c:\users\Tony\AppData\Roaming\The Longest Journey 2012-07-13 05:35 . 2012-07-13 05:35 -------- d-----w- c:\users\Tony\AppData\Local\The Witcher 2 2012-07-11 07:03 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys 2012-07-11 07:01 . 2012-06-02 11:57 96768 ----a-w- c:\windows\system32\mshtmled.dll 2012-07-11 07:01 . 2012-06-02 11:57 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-07-11 07:01 . 2012-06-02 08:16 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb 2012-07-11 07:01 . 2012-06-02 12:52 174200 ----a-w- c:\program files\Internet Explorer\sqmapi.dll 2012-07-11 07:01 . 2012-06-02 12:05 1346048 ----a-w- c:\windows\system32\urlmon.dll 2012-07-11 07:01 . 2012-06-02 12:04 237056 ----a-w- c:\windows\system32\url.dll 2012-07-11 07:01 . 2012-06-02 12:03 548864 ----a-w- c:\program files\Internet Explorer\ieproxy.dll 2012-07-11 07:01 . 2012-06-02 09:08 140920 ----a-w- c:\program files (x86)\Internet Explorer\sqmapi.dll 2012-07-11 07:01 . 2012-06-02 08:22 194560 ----a-w- c:\program files (x86)\Internet Explorer\ieproxy.dll 2012-07-11 05:02 . 2012-06-06 06:06 2004480 ----a-w- c:\windows\system32\msxml6.dll 2012-06-28 08:20 . 2012-06-28 08:20 -------- d-----w- C:\Riot Games 2012-06-26 01:45 . 2012-06-26 01:58 -------- d-----w- c:\program files (x86)\Overwolf 2012-06-26 01:44 . 2012-06-26 01:47 -------- d-----w- c:\users\Tony\AppData\Local\Overwolf 2012-06-26 00:57 . 2012-06-26 00:57 -------- d-----w- C:\Crash 2012-06-21 22:22 . 2012-06-21 22:23 -------- d-----w- c:\users\Tony\AppData\Roaming\ImgBurn 2012-06-21 22:09 . 2012-06-21 22:09 -------- d-----w- c:\program files (x86)\ImgBurn 2012-06-21 20:16 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-21 20:16 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-21 20:16 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll 2012-06-21 20:16 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-06-21 20:16 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll 2012-06-21 20:16 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-06-21 20:16 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-06-21 20:16 . 2012-06-02 19:19 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-21 20:16 . 2012-06-02 19:15 36864 ----a-w- c:\windows\system32\wuapp.exe . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-07-18 17:16 . 2012-04-03 23:07 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-07-18 17:16 . 2011-12-02 22:41 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-07-11 07:01 . 2011-12-02 21:27 59701280 ----a-w- c:\windows\system32\MRT.exe 2012-07-03 17:46 . 2011-12-02 23:00 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-07-03 16:21 . 2012-03-02 13:54 355856 ----a-w- c:\windows\system32\drivers\aswSP.sys 2012-07-03 16:21 . 2012-03-02 13:54 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2012-07-03 16:21 . 2012-03-02 13:54 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys 2012-07-03 16:21 . 2012-03-02 13:54 958400 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-07-03 16:21 . 2012-03-02 13:54 71064 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2012-07-03 16:21 . 2012-03-02 13:54 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2012-07-03 16:21 . 2012-03-02 13:53 41224 ----a-w- c:\windows\avastSS.scr 2012-07-03 16:21 . 2012-03-02 13:53 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe 2012-07-03 16:21 . 2011-12-02 22:09 285328 ----a-w- c:\windows\system32\aswBoot.exe 2012-06-20 15:28 . 2012-01-29 01:35 4145600 ----a-w- c:\windows\SysWow64\GameMon.des 2012-05-31 16:25 . 2011-12-02 21:08 279656 ------w- c:\windows\system32\MpSigStub.exe 2012-05-15 10:48 . 2012-06-18 18:49 949056 ----a-w- c:\windows\system32\nvumdshimx.dll 2012-05-15 10:48 . 2012-06-18 18:49 818496 ----a-w- c:\windows\SysWow64\nvumdshim.dll 2012-05-15 10:48 . 2012-06-18 18:49 8139072 ----a-w- c:\windows\system32\nvcuda.dll 2012-05-15 10:48 . 2012-06-18 18:49 5982528 ----a-w- c:\windows\SysWow64\nvcuda.dll 2012-05-15 10:48 . 2012-06-18 18:49 364352 ----a-w- c:\windows\system32\nvdecodemft.dll 2012-05-15 10:48 . 2012-06-18 18:49 301376 ----a-w- c:\windows\SysWow64\nvdecodemft.dll 2012-05-15 10:48 . 2012-06-18 18:49 2881856 ----a-w- c:\windows\system32\nvcuvenc.dll 2012-05-15 10:48 . 2012-06-18 18:49 2741568 ----a-w- c:\windows\system32\nvapi64.dll 2012-05-15 10:48 . 2012-06-18 18:49 2681664 ----a-w- c:\windows\system32\nvcuvid.dll 2012-05-15 10:48 . 2012-06-18 18:49 25743168 ----a-w- c:\windows\system32\nvoglv64.dll 2012-05-15 10:48 . 2012-06-18 18:49 2524992 ----a-w- c:\windows\SysWow64\nvcuvid.dll 2012-05-15 10:48 . 2012-06-18 18:49 25248064 ----a-w- c:\windows\system32\nvcompiler.dll 2012-05-15 10:48 . 2012-06-18 18:49 246592 ----a-w- c:\windows\system32\nvinitx.dll 2012-05-15 10:48 . 2012-06-18 18:49 2445120 ----a-w- c:\windows\SysWow64\nvcuvenc.dll 2012-05-15 10:48 . 2012-06-18 18:49 2368832 ----a-w- c:\windows\SysWow64\nvapi.dll 2012-05-15 10:48 . 2012-06-18 18:49 202048 ----a-w- c:\windows\SysWow64\nvinit.dll 2012-05-15 10:48 . 2012-06-18 18:49 19607872 ----a-w- c:\windows\SysWow64\nvoglv32.dll 2012-05-15 10:48 . 2012-06-18 18:49 18044224 ----a-w- c:\windows\system32\nvd3dumx.dll 2012-05-15 10:48 . 2012-06-18 18:49 17551680 ----a-w- c:\windows\SysWow64\nvcompiler.dll 2012-05-15 10:48 . 2012-06-18 18:49 14298944 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys 2012-05-15 10:48 . 2012-03-14 14:24 68928 ----a-w- c:\windows\system32\OpenCL.dll 2012-05-15 10:48 . 2012-03-14 14:24 61248 ----a-w- c:\windows\SysWow64\OpenCL.dll 2012-05-15 10:48 . 2011-12-03 17:09 1738048 ----a-w- c:\windows\system32\nvdispco64.dll 2012-05-15 10:48 . 2011-12-03 17:09 1468224 ----a-w- c:\windows\system32\nvgenco64.dll 2012-05-15 10:48 . 2011-12-03 00:29 15322432 ----a-w- c:\windows\SysWow64\nvd3dum.dll 2012-05-15 10:48 . 2011-10-22 15:01 10194752 ----a-w- c:\windows\system32\nvwgf2umx.dll 2012-05-15 10:48 . 2011-10-22 15:01 8105280 ----a-w- c:\windows\SysWow64\nvwgf2um.dll 2012-05-15 09:29 . 2011-03-20 22:34 889664 ----a-w- c:\windows\system32\nvvsvc.exe 2012-05-15 09:29 . 2011-10-22 15:02 63296 ----a-w- c:\windows\system32\nvshext.dll 2012-05-15 09:29 . 2011-03-20 22:34 118080 ----a-w- c:\windows\system32\nvmctray.dll 2012-05-15 09:29 . 2012-03-02 11:53 2621723 ----a-w- c:\windows\system32\nvcoproc.bin 2012-05-15 09:29 . 2011-03-20 22:33 3149632 ----a-w- c:\windows\system32\nvsvc64.dll 2012-05-15 09:28 . 2011-03-20 22:33 6151488 ----a-w- c:\windows\system32\nvcpl.dll 2012-05-15 06:21 . 2012-05-15 06:21 423744 ----a-w- c:\windows\SysWow64\nvStreaming.exe 2012-05-04 11:06 . 2012-06-13 20:56 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-04 10:03 . 2012-06-13 20:56 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-05-04 10:03 . 2012-06-13 20:56 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2012-05-01 05:40 . 2012-06-13 20:56 209920 ----a-w- c:\windows\system32\profsvc.dll 2012-04-30 18:54 . 2012-02-16 04:39 670816 ----a-w- c:\windows\SysWow64\xsherlock.xem 2012-04-28 03:55 . 2012-06-13 20:56 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-04-26 05:41 . 2012-06-13 20:56 77312 ----a-w- c:\windows\system32\rdpwsx.dll 2012-04-26 05:41 . 2012-06-13 20:56 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll 2012-04-26 05:34 . 2012-06-13 20:56 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe 2012-04-24 05:37 . 2012-06-13 20:55 184320 ----a-w- c:\windows\system32\cryptsvc.dll 2012-04-24 05:37 . 2012-06-13 20:55 140288 ----a-w- c:\windows\system32\cryptnet.dll 2012-04-24 05:37 . 2012-06-13 20:55 1462272 ----a-w- c:\windows\system32\crypt32.dll 2012-04-24 04:36 . 2012-06-13 20:55 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll 2012-04-24 04:36 . 2012-06-13 20:55 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll 2012-04-24 04:36 . 2012-06-13 20:55 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Akamai NetSession Interface"="c:\users\Tony\AppData\Local\Akamai\netsession_win.exe" [2012-05-26 4327744] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "V0230Mon.exe"="c:\windows\V0230Mon.exe" [2006-09-07 32768] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-04-04 843712] "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-01-30 123960] R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-04-01 183560] R3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\dragon age\bin_ship\DAUpdaterSvc.Service.exe [2009-12-15 25832] R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x] R3 fussvc;Windows App Certification Kit Fast User Switching Utility Service;c:\program files\Windows Kits\8.0\App Certification Kit\fussvc.exe [2012-02-10 137728] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-18 113120] R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184] R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392] R3 t_mouse.sys;iBall Advanced Mouse;c:\windows\system32\DRIVERS\t_mouse.sys [2009-04-16 25088] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 V0230Vfx;V0230Vfx;c:\windows\system32\DRIVERS\V0230Vfx.sys [2006-05-05 10752] R3 V0230VID;Live! Cam Video IM Pro;c:\windows\system32\DRIVERS\V0230VID.sys [2007-08-07 595488] R3 VSPerfDrv110;Performance Tools Driver 11.0;c:\program files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [2011-12-12 67920] R3 vtany;vtany;c:\windows\vtany.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-12-03 1255736] R3 X6va005;X6va005;c:\users\Tony\AppData\Local\Temp\0053ABE.tmp [x] R3 X6va009;X6va009;c:\windows\SysWOW64\Drivers\X6va009 [x] R3 xsherlock;xsherlock;c:\windows\system32\xsherlock.xem [x] S1 aswKbd;aswKbd; [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-07-03 71064] S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944] S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400] S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-05-15 382272] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2012-04-18 188736] S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264] S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648] S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960] S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376] S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - WS2IFSL . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-07-03 16:21 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-08-27 12681320] "MouseDriver"="TiltWheelMouse.exe" [2010-11-01 241152] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = <local> Trusted Zone: clonewarsadventures.com Trusted Zone: freerealms.com Trusted Zone: soe.com Trusted Zone: sony.com TCP: DhcpNameServer = 71.252.0.12 68.237.161.12 FF - ProfilePath - c:\users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\kkhjfy9r.default\ . - - - - ORPHANS REMOVED - - - - . URLSearchHooks-{cdf97ee2-ded0-4369-835e-99dd08225fa5} - (no file) Wow6432Node-HKCU-Run-PlayNC Launcher - (no file) Wow6432Node-HKCU-Run-Overwolf - c:\program files (x86)\Overwolf\Overwolf.exe AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_blr.exe AddRemove-SOE-DC Universe Online Live - c:\dcuo\Uninstaller.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va005] "ImagePath"="\??\c:\users\Tony\AppData\Local\Temp\0053ABE.tmp" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va009] "ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va009" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\xsherlock] "ImagePath"="c:\windows\system32\xsherlock.xem" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions] @Denied: (2) (LocalSystem) "{8DCB7100-DF86-4384-8842-8FA844297B3F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,72,d8, 89,b4,91,ea,06,f7,54,cc,e8,41,77,3f,2b "{8E5E2654-AD2D-48BF-AC2D-D17F00898D06}"=hex:51,66,7a,6c,4c,1d,38,12,3a,25,4d, 8a,1f,e3,d1,0d,d3,3b,92,3f,05,d7,c9,12 "{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc, 1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7 "{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07, 72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57 "{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23, 94,30,02,d1,0f,f1,da,12,24,73,56,27,d2 "{D2CE3E00-F94A-4740-988E-03DC2F38C34F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,3d,dd, d6,78,b7,2e,02,e7,98,40,9c,2a,66,87,5b "{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db, df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration] @Denied: (2) (LocalSystem) "Timestamp"=hex:30,5e,96,33,3f,53,cd,01 . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,78,34,2b,86,ef,b2,6e,47,88,77,fc,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,78,34,2b,86,ef,b2,6e,47,88,77,fc,\ . [HKEY_USERS\S-1-5-21-3333078809-3029524699-3599334297-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.Email.1" . [HKEY_USERS\S-1-5-21-3333078809-3029524699-3599334297-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" . [HKEY_USERS\S-1-5-21-3333078809-3029524699-3599334297-1001\Software\SecuROM\License information*] "datasecu"=hex:71,39,dd,9a,1f,32,2f,1b,34,56,cc,e9,4a,30,35,56,83,23,0d,f9,2d, 87,56,9f,75,bf,76,69,cd,87,1c,96,02,b1,60,bf,e3,09,b5,a0,46,dc,8e,dc,7a,37,\ "rkeysecu"=hex:6a,00,dc,63,ac,a7,e6,8c,a0,bd,05,45,70,9a,c6,3a . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files\AVAST Software\Avast\AvastSvc.exe c:\windows\SysWOW64\PnkBstrA.exe c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE . ************************************************************************** . Completion time: 2012-07-20 16:02:10 - machine was rebooted ComboFix-quarantined-files.txt 2012-07-20 20:02 . Pre-Run: 585,121,144,832 bytes free Post-Run: 589,685,989,376 bytes free . - - End Of File - - 656B06E6962262B8E92A13D44423547B . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31 Run by Tony at 16:03:23 on 2012-07-20 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8190.6511 [GMT -4:00] . AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\SysWOW64\PnkBstrA.exe C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Users\Tony\AppData\Local\Akamai\netsession_win.exe C:\Windows\V0230Mon.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Users\Tony\AppData\Local\Akamai\netsession_win.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Windows\system32\sppsvc.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\notepad.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uInternet Settings,ProxyOverride = <local> BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll uRun: [Akamai NetSession Interface] "C:\Users\Tony\AppData\Local\Akamai\netsession_win.exe" mRun: [V0230Mon.exe] C:\Windows\V0230Mon.exe mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll Trusted Zone: clonewarsadventures.com Trusted Zone: freerealms.com Trusted Zone: soe.com Trusted Zone: sony.com DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/GAME_UNO1.cab DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab TCP: DhcpNameServer = 71.252.0.12 68.237.161.12 TCP: Interfaces\{CE54720C-79E0-428A-A20A-6E94744A2A2B} : DhcpNameServer = 71.252.0.12 68.237.161.12 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll mRun-x64: [V0230Mon.exe] C:\Windows\V0230Mon.exe mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\kkhjfy9r.default\ FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Program Files\Microsoft\Web Platform Installer\NPWPIDetector.dll FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll FF - plugin: C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\kkhjfy9r.default\extensions\{cdf97ee2-ded0-4369-835e-99dd08225fa5}\plugins\np-mswmp.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll . ============= SERVICES / DRIVERS =============== . R1 aswKbd;aswKbd;C:\Windows\system32\drivers\aswKbd.sys --> C:\Windows\system32\drivers\aswKbd.sys [?] R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?] R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-4-4 63928] R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?] R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?] R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-7-7 44808] R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-2 655944] R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-3-2 1262400] R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-5-15 382272] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?] R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?] R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?] R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?] R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?] R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-1-30 103992] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-1-30 123960] S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-4-1 183560] S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;C:\Dragon Age\bin_ship\daupdatersvc.service.exe [2011-12-14 25832] S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840] S3 fussvc;Windows App Certification Kit Fast User Switching Utility Service;C:\Program Files\Windows Kits\8.0\App Certification Kit\fussvc.exe [2012-2-9 137728] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-25 113120] S3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des -service --> C:\Windows\system32\GameMon.des -service [?] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] S3 t_mouse.sys;iBall Advanced Mouse;C:\Windows\system32\DRIVERS\t_mouse.sys --> C:\Windows\system32\DRIVERS\t_mouse.sys [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 V0230Vfx;V0230Vfx;C:\Windows\system32\DRIVERS\V0230Vfx.sys --> C:\Windows\system32\DRIVERS\V0230Vfx.sys [?] S3 V0230VID;Live! Cam Video IM Pro;C:\Windows\system32\DRIVERS\V0230VID.sys --> C:\Windows\system32\DRIVERS\V0230VID.sys [?] S3 VSPerfDrv110;Performance Tools Driver 11.0;C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [2011-12-12 67920] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S3 xsherlock;xsherlock;C:\Windows\System32\xsherlock.xem [2012-2-16 670816] . =============== Created Last 30 ================ . 2012-07-20 19:57:20 -------- d-----w- C:\$RECYCLE.BIN 2012-07-20 19:44:13 98816 ----a-w- C:\Windows\sed.exe 2012-07-20 19:44:13 518144 ----a-w- C:\Windows\SWREG.exe 2012-07-20 19:44:13 256000 ----a-w- C:\Windows\PEV.exe 2012-07-20 19:44:13 208896 ----a-w- C:\Windows\MBR.exe 2012-07-20 19:44:10 -------- d-----w- C:\ComboFix 2012-07-20 13:29:15 -------- d-----w- C:\Program Files\CCleaner 2012-07-20 13:14:44 -------- d-----w- C:\Users\Tony\AppData\Local\{116E7E9E-037F-4DC6-8FD6-731952AAC6A3} 2012-07-20 13:14:19 -------- d-----w- C:\Users\Tony\AppData\Local\{3B3EC911-BC98-4C87-8DF3-0E787E3B67E8} 2012-07-20 10:12:38 9133488 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6964CD5C-4F56-4F7E-AAA1-7AA7147B0BCD}\mpengine.dll 2012-07-20 01:26:38 -------- d-----w- C:\ProgramData\IBUpdaterService 2012-07-20 01:26:36 -------- d-----w- C:\Users\Tony\AppData\Roaming\PerformerSoft 2012-07-20 01:26:35 19000 ----a-w- C:\Windows\System32\roboot64.exe 2012-07-20 01:26:28 -------- d-----w- C:\Users\Tony\AppData\Local\Conduit 2012-07-20 01:25:25 33856 ---ha-w- C:\Windows\System32\hamachi.sys 2012-07-20 00:21:54 -------- d-----w- C:\Users\Tony\AppData\Local\{9D9F8AD3-D537-4745-8B87-6CF09CF0306D} 2012-07-20 00:21:32 -------- d-----w- C:\Users\Tony\AppData\Local\{34F7AF3C-3653-42FC-A6C8-E76C25E009AA} 2012-07-19 23:40:23 -------- d-----w- C:\Users\Tony\AppData\Roaming\DarkBlood ServiceNa 2012-07-19 23:13:44 -------- d-----w- C:\Users\Tony\AppData\Roaming\The Longest Journey 2012-07-19 12:21:04 -------- d-----w- C:\Users\Tony\AppData\Local\{89498EA6-27AC-47CE-85C2-03AFD58939DF} 2012-07-19 12:20:50 -------- d-----w- C:\Users\Tony\AppData\Local\{C7B70C2A-508C-45F9-922A-1CF12CD9ADEF} 2012-07-18 23:45:55 -------- d-----w- C:\Users\Tony\AppData\Local\{980BB19C-0834-4455-B9A0-4812CD1928FC} 2012-07-18 23:45:33 -------- d-----w- C:\Users\Tony\AppData\Local\{64A0AB89-3148-4CBC-95EC-46846AC138FE} 2012-07-18 11:45:04 -------- d-----w- C:\Users\Tony\AppData\Local\{1503B39A-21F3-4E48-BAFA-4FE75FE1DDD2} 2012-07-18 11:44:50 -------- d-----w- C:\Users\Tony\AppData\Local\{BF9D981D-10AA-45A1-9000-95E401A1C3BF} 2012-07-17 23:34:58 -------- d-----w- C:\Users\Tony\AppData\Local\{CE2A3ABC-0F19-4899-B82F-D39304FDFC93} 2012-07-17 23:34:37 -------- d-----w- C:\Users\Tony\AppData\Local\{218E794A-9DEF-4D65-9444-749BA48CA2FC} 2012-07-17 11:34:10 -------- d-----w- C:\Users\Tony\AppData\Local\{405DA706-EAD5-46F1-AE5B-E0BD940DCA96} 2012-07-17 11:33:49 -------- d-----w- C:\Users\Tony\AppData\Local\{F737BB5B-66CF-4D41-BB36-1732158D6C5F} 2012-07-16 23:33:20 -------- d-----w- C:\Users\Tony\AppData\Local\{7EB75211-5E7C-4844-B87B-1A1ECC481CD1} 2012-07-16 23:33:06 -------- d-----w- C:\Users\Tony\AppData\Local\{3C8E0274-D489-4488-B052-D22637B1D9DA} 2012-07-16 11:06:07 -------- d-----w- C:\Users\Tony\AppData\Local\{6814C45F-BB7F-4129-95AD-85911DA34402} 2012-07-16 11:05:45 -------- d-----w- C:\Users\Tony\AppData\Local\{B318BA21-70A8-4A78-8671-FC717CDF243E} 2012-07-15 23:05:19 -------- d-----w- C:\Users\Tony\AppData\Local\{B48A91A0-B5BC-49BD-A506-DCCB9937C136} 2012-07-15 23:04:57 -------- d-----w- C:\Users\Tony\AppData\Local\{8DF2A8F3-4510-452E-8F87-D189888ECE12} 2012-07-15 11:04:30 -------- d-----w- C:\Users\Tony\AppData\Local\{3FD57636-688C-4BE1-B071-95E129A04A8A} 2012-07-15 11:04:09 -------- d-----w- C:\Users\Tony\AppData\Local\{6A9B86F4-8642-4A14-8420-2D899FCFF388} 2012-07-14 23:03:44 -------- d-----w- C:\Users\Tony\AppData\Local\{A2453E45-4E57-4288-980A-5CE7BD6AEA16} 2012-07-14 23:03:30 -------- d-----w- C:\Users\Tony\AppData\Local\{D44ED022-9115-41AF-8ED7-47FA0D092B81} 2012-07-14 10:28:41 -------- d-----w- C:\Users\Tony\AppData\Local\{DCAA5869-E4C0-4622-A50E-0A75B293DC64} 2012-07-14 10:28:27 -------- d-----w- C:\Users\Tony\AppData\Local\{FD76842D-4787-4F5A-8F65-A6910873ECDA} 2012-07-13 18:16:01 -------- d-----w- C:\Users\Tony\AppData\Local\{12BED4AC-DC1C-47CC-B6DC-7EC43498485A} 2012-07-13 18:15:40 -------- d-----w- C:\Users\Tony\AppData\Local\{24EBE26B-C9FF-470C-ADBB-D0C9897800B1} 2012-07-13 06:15:12 -------- d-----w- C:\Users\Tony\AppData\Local\{50E6BF8C-4193-453C-9C34-270F97D04CEE} 2012-07-13 06:15:01 -------- d-----w- C:\Users\Tony\AppData\Local\{DF55CCBE-8A89-4B36-B1B0-DA28BA9BE515} 2012-07-13 05:35:32 -------- d-----w- C:\Users\Tony\AppData\Local\The Witcher 2 2012-07-12 18:14:47 -------- d-----w- C:\Users\Tony\AppData\Local\{7EA7B2C8-D9E2-4DC6-8933-BEB929A6AE92} 2012-07-12 18:14:35 -------- d-----w- C:\Users\Tony\AppData\Local\{BD05DAA8-BD04-4568-8839-112D4813A603} 2012-07-12 05:07:03 -------- d-----w- C:\Users\Tony\AppData\Local\{EE32AD8F-8326-4884-BBA6-4028274D1524} 2012-07-12 05:06:50 -------- d-----w- C:\Users\Tony\AppData\Local\{9BC0FB43-7A8E-4834-9A97-579EE30ED92E} 2012-07-11 09:00:19 -------- d-----w- C:\Users\Tony\AppData\Local\{228D6466-BD90-4768-A444-296EB51C9B10} 2012-07-11 08:59:57 -------- d-----w- C:\Users\Tony\AppData\Local\{9F6DF3F8-9428-46BE-824E-E1400B84BFDE} 2012-07-11 07:03:48 3148800 ----a-w- C:\Windows\System32\win32k.sys 2012-07-11 07:01:01 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-07-11 07:01:01 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-07-11 07:01:00 548864 ----a-w- C:\Program Files\Internet Explorer\ieproxy.dll 2012-07-11 07:01:00 194560 ----a-w- C:\Program Files (x86)\Internet Explorer\ieproxy.dll 2012-07-11 07:01:00 174200 ----a-w- C:\Program Files\Internet Explorer\sqmapi.dll 2012-07-11 07:01:00 140920 ----a-w- C:\Program Files (x86)\Internet Explorer\sqmapi.dll 2012-07-11 05:02:48 2004480 ----a-w- C:\Windows\System32\msxml6.dll 2012-07-10 20:59:29 -------- d-----w- C:\Users\Tony\AppData\Local\{DF84BA96-3FF1-4A9D-A9CF-AEA3D4C18D11} 2012-07-10 20:59:14 -------- d-----w- C:\Users\Tony\AppData\Local\{05F0DCFA-74AE-437C-A88D-65552354EC66} 2012-07-10 06:20:08 -------- d-----w- C:\Users\Tony\AppData\Local\{E4ED4F13-6D06-453A-8F7A-5D5AD21BAB3F} 2012-07-10 06:19:54 -------- d-----w- C:\Users\Tony\AppData\Local\{36E92CC4-DE22-4BEB-8435-BFAAD7E9B29E} 2012-07-09 03:16:08 -------- d-----w- C:\Users\Tony\AppData\Local\{897E9C4D-BEEC-449A-836D-DE50B95C40A1} 2012-07-09 03:15:54 -------- d-----w- C:\Users\Tony\AppData\Local\{D1FB75ED-EDF7-412E-9A35-7BC41CBE5AFD} 2012-07-08 02:47:45 -------- d-----w- C:\Users\Tony\AppData\Local\{13C2E156-E5A7-44F8-AA91-3E771D707C29} 2012-07-08 02:47:30 -------- d-----w- C:\Users\Tony\AppData\Local\{44A302C9-22E9-4626-8D31-AB1B2F49F3B7} 2012-07-07 06:27:17 -------- d-----w- C:\Users\Tony\AppData\Local\{3649EE66-CC41-4499-8FA4-29086DEC95B3} 2012-07-07 06:27:04 -------- d-----w- C:\Users\Tony\AppData\Local\{4047E082-FDF7-44DB-9981-B76458BE46CA} 2012-07-06 14:17:39 -------- d-----w- C:\Users\Tony\AppData\Local\{A8ED024C-57A9-40F3-A2B3-C2A09E5AF7CD} 2012-07-06 14:17:25 -------- d-----w- C:\Users\Tony\AppData\Local\{C06DE5BC-92C2-487E-871A-8B5EB3610523} 2012-07-06 00:13:16 -------- d-----w- C:\Users\Tony\AppData\Local\{8B566AAF-B066-4D34-95DD-AF223C7AED3B} 2012-07-06 00:12:54 -------- d-----w- C:\Users\Tony\AppData\Local\{EE9111EC-182C-4B1F-9FCF-F4AC63022E2F} 2012-07-05 12:12:27 -------- d-----w- C:\Users\Tony\AppData\Local\{E47C12B4-DC8D-4EBA-AE9D-EBD48BB8B763} 2012-07-05 12:12:15 -------- d-----w- C:\Users\Tony\AppData\Local\{334CFD69-DE6D-4F18-A36B-CB1167FD1134} 2012-07-05 00:03:08 -------- d-----w- C:\Users\Tony\AppData\Local\{44558F05-7575-494E-AEE1-3E00E85DFB45} 2012-07-05 00:02:56 -------- d-----w- C:\Users\Tony\AppData\Local\{0CE083C2-4C79-46B6-8BCE-892F09E911A1} 2012-07-04 11:26:38 -------- d-----w- C:\Users\Tony\AppData\Local\{12940342-24EC-49A1-8E6E-2252A2BDED81} 2012-07-04 11:26:27 -------- d-----w- C:\Users\Tony\AppData\Local\{1829BF3F-DF49-4C8C-8D3B-1B3E6E3FF229} 2012-07-03 23:26:13 -------- d-----w- C:\Users\Tony\AppData\Local\{391607C5-7B15-4BAE-9E0F-B7E49619FC36} 2012-07-03 23:26:02 -------- d-----w- C:\Users\Tony\AppData\Local\{41A71E11-8AD4-469F-8FE7-E05860E569BE} 2012-07-03 00:12:28 -------- d-----w- C:\Users\Tony\AppData\Local\{1089A5E7-506A-4C4B-A489-AAC122F3B8FC} 2012-07-03 00:12:06 -------- d-----w- C:\Users\Tony\AppData\Local\{580E2F9A-DB41-4D89-B7FF-280F6FD81713} 2012-07-02 12:11:39 -------- d-----w- C:\Users\Tony\AppData\Local\{0CFBAB93-CA6B-42E5-A16C-A09EB12780EE} 2012-07-02 12:11:28 -------- d-----w- C:\Users\Tony\AppData\Local\{EB9BBA69-50C3-47F6-AB68-813214A0C657} 2012-07-01 23:35:20 -------- d-----w- C:\Users\Tony\AppData\Local\{2C62C2B4-F487-4BF4-A060-10873FBE3D86} 2012-07-01 23:35:09 -------- d-----w- C:\Users\Tony\AppData\Local\{B5C992D2-61C9-4C04-B427-AB6D61A4FEB1} 2012-07-01 10:23:22 -------- d-----w- C:\Users\Tony\AppData\Local\{4241E990-1E52-4D38-A8B4-653DCA34AAFE} 2012-07-01 10:23:11 -------- d-----w- C:\Users\Tony\AppData\Local\{7E6712E8-E79C-4EA4-AAD1-B2B38E543673} 2012-06-30 22:22:57 -------- d-----w- C:\Users\Tony\AppData\Local\{692675A0-4AC7-482E-A3CC-FBD76AB7ADC1} 2012-06-30 22:22:35 -------- d-----w- C:\Users\Tony\AppData\Local\{7B480F52-4F9D-45FB-80D1-21E3F3CD89E8} 2012-06-30 10:22:08 -------- d-----w- C:\Users\Tony\AppData\Local\{6FD12361-2475-4161-A377-52FCBDAEAA40} 2012-06-30 10:21:47 -------- d-----w- C:\Users\Tony\AppData\Local\{AB2DF52B-0532-497E-8321-A3CCB426FADB} 2012-06-29 22:21:08 -------- d-----w- C:\Users\Tony\AppData\Local\{CC516D86-18BD-440E-B8E9-BAF64365AF08} 2012-06-29 22:20:57 -------- d-----w- C:\Users\Tony\AppData\Local\{AF9E203A-7661-4D11-9C5F-4939C00D84FF} 2012-06-29 10:10:38 -------- d-----w- C:\Users\Tony\AppData\Local\{4EFF5F8A-691A-4E3F-BF46-F6BAAED850EE} 2012-06-29 10:10:16 -------- d-----w- C:\Users\Tony\AppData\Local\{0A45F6E2-A985-43C6-B76C-25FCF89ADFFE} 2012-06-28 22:09:49 -------- d-----w- C:\Users\Tony\AppData\Local\{2CD42968-21E1-486D-AF46-77C5A7A63DA4} 2012-06-28 22:09:28 -------- d-----w- C:\Users\Tony\AppData\Local\{27D2CD79-8F68-49AA-873D-E4F18D8155FB} 2012-06-28 10:08:57 -------- d-----w- C:\Users\Tony\AppData\Local\{389ACBAC-F534-472B-BDE2-B6C6F7BCBA9B} 2012-06-28 10:08:45 -------- d-----w- C:\Users\Tony\AppData\Local\{5D9A934A-E6B5-4524-84B8-21DD1D54AF7B} 2012-06-28 08:20:13 -------- d-----w- C:\Riot Games 2012-06-27 22:08:31 -------- d-----w- C:\Users\Tony\AppData\Local\{B9EE826B-1889-463F-BE16-22B8BED75569} 2012-06-27 22:08:20 -------- d-----w- C:\Users\Tony\AppData\Local\{38D22F36-3B25-48E3-8827-65AE1E4B4D4F} 2012-06-27 09:32:42 -------- d-----w- C:\Users\Tony\AppData\Local\{01ABFF10-98FE-4714-ADE4-284F1EA7D393} 2012-06-27 09:32:31 -------- d-----w- C:\Users\Tony\AppData\Local\{9483900A-5FBA-49B7-A87C-2DC5D0BD9C45} 2012-06-26 21:32:06 -------- d-----w- C:\Users\Tony\AppData\Local\{E21F0852-B0BA-4FAE-A9FD-B1A78FB5C7A6} 2012-06-26 21:31:55 -------- d-----w- C:\Users\Tony\AppData\Local\{C9186796-BEE9-4FF8-8FBE-BC83FC382ED7} 2012-06-26 01:45:21 -------- d-----w- C:\Program Files (x86)\Overwolf 2012-06-26 01:44:07 -------- d-----w- C:\Users\Tony\AppData\Local\Overwolf 2012-06-26 00:57:40 -------- d-----w- C:\Crash 2012-06-25 23:38:35 -------- d-----w- C:\Users\Tony\AppData\Local\{3BEDC289-1D71-4712-AEF6-BA732F42A078} 2012-06-25 23:38:24 -------- d-----w- C:\Users\Tony\AppData\Local\{DA0A1890-BE56-4D9D-83AE-F72322F85339} 2012-06-25 10:04:40 -------- d-----w- C:\Users\Tony\AppData\Local\{E0D7777D-672C-47C0-B172-825E9859ED85} 2012-06-25 10:04:29 -------- d-----w- C:\Users\Tony\AppData\Local\{95258123-82BE-4B29-8A23-D53787D68605} 2012-06-24 22:04:14 -------- d-----w- C:\Users\Tony\AppData\Local\{9FEF8B95-941A-4E3B-A9EA-D1EED14AEB24} 2012-06-24 22:03:52 -------- d-----w- C:\Users\Tony\AppData\Local\{E418C0AE-9F42-49C0-8769-AE3159019060} 2012-06-24 10:03:26 -------- d-----w- C:\Users\Tony\AppData\Local\{A15CDE81-EC01-432D-B17C-2C7A0415494A} 2012-06-24 10:03:04 -------- d-----w- C:\Users\Tony\AppData\Local\{50D32FEF-FB35-4BBA-B1C5-0A0EDDC12BB6} 2012-06-23 22:02:37 -------- d-----w- C:\Users\Tony\AppData\Local\{9D40A00F-726F-4EFB-AC4F-3EC123FC6DC5} 2012-06-23 22:02:26 -------- d-----w- C:\Users\Tony\AppData\Local\{654138BB-A460-4F2F-84DF-27342B85E1EA} 2012-06-23 08:41:37 -------- d-----w- C:\Users\Tony\AppData\Local\{BB73F0FF-1C5B-4468-89C0-66D7821A31F4} 2012-06-23 08:41:21 -------- d-----w- C:\Users\Tony\AppData\Local\{F3F7CA6C-9272-4F83-AB1C-BEF8BDD18B28} 2012-06-22 19:42:49 -------- d-----w- C:\Users\Tony\AppData\Local\{4668AF11-7CFE-4CEF-8BF2-50325A0030CD} 2012-06-22 19:42:38 -------- d-----w- C:\Users\Tony\AppData\Local\{B9010A6E-C94F-45F0-AA9C-3DFCF38D4CB1} 2012-06-22 07:08:12 -------- d-----w- C:\Users\Tony\AppData\Local\{51998428-77DF-4D21-96CB-BBA9DC3315A9} 2012-06-22 07:07:50 -------- d-----w- C:\Users\Tony\AppData\Local\{99C99B1F-B3A9-41B6-986F-5ECFFB4CE4EB} 2012-06-21 20:16:42 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-06-21 20:16:20 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-06-21 20:16:07 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-06-21 20:16:07 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2012-06-21 19:07:23 -------- d-----w- C:\Users\Tony\AppData\Local\{1CAEC517-8DE6-4980-A0DE-FA5A1577B114} 2012-06-21 19:07:01 -------- d-----w- C:\Users\Tony\AppData\Local\{17F774D2-DB41-4CE2-A8CC-FE8DDED54D37} 2012-06-21 07:06:34 -------- d-----w- C:\Users\Tony\AppData\Local\{16B36269-10D0-4226-B6BC-E9B722BA3FEF} 2012-06-21 07:06:13 -------- d-----w- C:\Users\Tony\AppData\Local\{90010EB7-51AE-42FA-97A2-5A3504944AAF} . ==================== Find3M ==================== . 2012-07-18 17:16:57 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-07-18 17:16:57 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-07-03 17:46:44 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-07-03 16:21:52 958400 ----a-w- C:\Windows\System32\drivers\aswSnx.sys 2012-07-03 16:21:52 71064 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys 2012-07-03 16:21:52 54072 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys 2012-07-03 16:21:32 41224 ----a-w- C:\Windows\avastSS.scr 2012-06-20 15:28:03 4145600 ----a-w- C:\Windows\SysWow64\GameMon.des 2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll 2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll 2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll 2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll 2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll 2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll 2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys 2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll 2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll 2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll 2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll 2012-05-31 16:25:12 279656 ------w- C:\Windows\System32\MpSigStub.exe 2012-05-15 09:29:47 889664 ----a-w- C:\Windows\System32\nvvsvc.exe 2012-05-15 09:29:46 63296 ----a-w- C:\Windows\System32\nvshext.dll 2012-05-15 09:29:46 118080 ----a-w- C:\Windows\System32\nvmctray.dll 2012-05-15 09:29:45 2621723 ----a-w- C:\Windows\System32\nvcoproc.bin 2012-05-15 09:29:25 3149632 ----a-w- C:\Windows\System32\nvsvc64.dll 2012-05-15 09:28:42 6151488 ----a-w- C:\Windows\System32\nvcpl.dll 2012-05-15 06:21:50 423744 ----a-w- C:\Windows\SysWow64\nvStreaming.exe 2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll 2012-04-30 18:54:27 670816 ----a-w- C:\Windows\SysWow64\xsherlock.xem 2012-04-28 03:55:21 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2012-04-26 05:41:56 77312 ----a-w- C:\Windows\System32\rdpwsx.dll 2012-04-26 05:41:55 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll 2012-04-26 05:34:27 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe 2012-04-24 05:37:37 184320 ----a-w- C:\Windows\System32\cryptsvc.dll 2012-04-24 05:37:37 140288 ----a-w- C:\Windows\System32\cryptnet.dll 2012-04-24 05:37:36 1462272 ----a-w- C:\Windows\System32\crypt32.dll 2012-04-24 04:36:42 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2012-04-24 04:36:42 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll 2012-04-24 04:36:42 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll . ============= FINISH: 16:03:40.24 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 12/2/2011 4:04:38 PM System Uptime: 7/20/2012 3:56:36 PM (1 hours ago) . Motherboard: Gigabyte Technology Co., Ltd. | | M68MT-S2 Processor: AMD Phenom™ II X6 1100T Processor | Socket M2 | 3300/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 931 GiB total, 549.274 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP182: 7/17/2012 5:41:15 AM - Windows Update RP183: 7/19/2012 7:34:09 PM - Installed DarkBloodOnline RP184: 7/19/2012 9:24:21 PM - Installed LogMeIn Hamachi RP185: 7/19/2012 9:33:13 PM - Removed LogMeIn Hamachi RP186: 7/19/2012 9:35:45 PM - Removed DarkBloodOnline RP187: 7/20/2012 6:12:11 AM - Windows Update . ==== Installed Programs ====================== . Adobe AIR Adobe Flash Player 11 Plugin Adobe Reader X (10.1.3) Aion Akamai NetSession Interface Alien Swarm Amnesia - The Dark Descent Amnesia: The Dark Descent Apple Application Support avast! Free Antivirus Baldur's Gate Baldur's Gate Tutu Baldur's Gate™ II - Throne of Bhaal ™ Bandisoft MPEG-1 Decoder Bastion Batman: Arkham Asylum GOTY Edition Bing Bar BioShock BioShock 2 Borderlands Braid Braid (Version 1.015) Breath of Death VII Cthulhu Saves the World D3DX10 Deus Ex: Human Revolution Dotfuscator and Analytics Community Edition Dragon Age Redesigned© Dragon Age: Origins Dungeon Defenders E.Y.E: Divine Cybermancy EA Installer EA Shared Game Component: Activation Fable - The Lost Chapters Fallout Fallout 2 Fallout 3 - Game of the Year Edition Fallout 3 - The Garden of Eden Creation Kit Fallout 3 - Unofficial Fallout 3 Patch Fallout Mod Manager 0.13.21 FINAL FANTASY XI FINAL FANTASY XI: Chains of Promathia FINAL FANTASY XI: Rise of the Zilart FINAL FANTASY XI: Treasures of Aht Urhgan FINAL FANTASY XI: Wings of the Goddess FINAL FANTASY XIV Fraps Half-Life 2 Half-Life 2: Episode One Half-Life 2: Episode Two Half-Life 2: Lost Coast IIS 7.5 Express ImgBurn Java Auto Updater Java™ 6 Update 31 Junk Mail filter update League of Legends Left 4 Dead 2 LIMBO LocalESPC LocalESPCui for en-us Lone Survivor Magic ISO Maker v5.5 (build 0281) Malwarebytes Anti-Malware version 1.62.0.1300 Microsoft .NET Framework 4 Multi-Targeting Pack Microsoft .NET Framework 4.5 Beta Multi-Targeting Pack Microsoft .NET Framework 4.5 Beta SDK Microsoft ASP.NET MVC 3 Microsoft ASP.NET MVC 3 - Visual Studio 11 Tools Update Microsoft ASP.NET MVC 4 Microsoft ASP.NET MVC 4 - Visual Studio 11 Tools Microsoft ASP.NET Web Pages Microsoft ASP.NET Web Pages - Visual Studio 11 Tools Microsoft ASP.NET Web Pages 2 Microsoft ASP.NET Web Pages 2 - Visual Studio 11 Tools Microsoft Blend for Visual Studio Microsoft Blend for Visual Studio ENU resources Microsoft Expression Encoder 4 Screen Capture Codec Microsoft Games for Windows - LIVE Microsoft Games for Windows - LIVE Redistributable Microsoft Help Viewer 2.0 Beta Microsoft Office 2010 Microsoft Office Click-to-Run 2010 Microsoft Office Starter 2010 - English Microsoft Portable Library Multi-Targeting Pack Microsoft Portable Library Multi-Targeting Pack Language Pack - enu Microsoft Report Viewer Add-On for Visual Studio 11 - Beta Microsoft Silverlight 4 SDK Microsoft Silverlight 5 SDK Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server 2012 Data-Tier App Framework Microsoft SQL Server 2012 Management Objects RC0 Microsoft SQL Server 2012 T-SQL Language Service RC0 Microsoft SQL Server Data Tools Build Utilities Mar 2012 Microsoft SQL Server Database Publishing Wizard 1.4 Microsoft System CLR Types for SQL Server 2012 RC0 Microsoft Visual C++ 11 x86 Additional Runtime - 11.0.50214 Microsoft Visual C++ 11 x86 Debug Runtime - 11.0.50214 Microsoft Visual C++ 11 x86 Minimum Runtime - 11.0.50214 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ Compilers 11 Microsoft Visual C++ Compilers 11 - ENU Resources Microsoft Visual C++ Core Libraries 11 Microsoft Visual C++ Extended Libraries 11 Microsoft Visual C++ Microsoft Foundation Class Libraries 11 Microsoft Visual Studio 11 Beta Tools for .Net 3.5 Microsoft Visual Studio 11 Developer Preview Language Pack - ENU Microsoft Visual Studio 11 Developer Preview Pre-Clean Tool Microsoft Visual Studio 11 LightSwitch Beta Core Microsoft Visual Studio 11 LightSwitch Beta CoreRes - ENU Microsoft Visual Studio 11 Professional Beta Microsoft Visual Studio 11 Professional Beta - ENU Microsoft Visual Studio 11 SharePoint Developer Tools Beta Microsoft Visual Studio 11 SharePoint Developer Tools Beta enu Language Pack Microsoft Visual Studio 11 Tools for SQL Server Compact 4.0 SP1 Beta ENU Microsoft Visual Studio 11 Ultimate Beta XAML UI Designer Core Microsoft Visual Studio 11 Ultimate Beta XAML UI Designer enu Resources Microsoft Visual Studio Team Foundation Server 11 Beta Team Explorer Microsoft Visual Studio Team Foundation Server 11 Beta Team Explorer Language Pack - ENU Microsoft Web Deploy dbSqlPackage Provider Nov 2011 Microsoft Web Tooling Extensions - Visual Studio 11 Microsoft XNA Framework Redistributable 3.1 Microsoft XNA Framework Redistributable 4.0 Microsoft® SQL Server Data Tools, RC0 - enu Mozilla Firefox 14.0.1 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 NCsoft Launcher Nexon Game Manager NVIDIA 3D Vision Controller Driver NVIDIA PhysX NVIDIA Stereoscopic 3D Driver Pando Media Booster PCSX2 - Playstation 2 Emulator PHANTASY STAR ONLINE 2 Planescape Torment PlayOnline Viewer & Tetra Master Portal Portal 2 PreEmptive Analytics Visual Studio Components Prerequisites for SSDT RC0 professional_finalizer Psychonauts PunkBuster Services QuickTime Realtek High Definition Audio Driver Sanctum Security Update for Microsoft .NET Framework 4.5 Beta (KB2686838) Skype™ 4.2 SpeedFan (remove only) SQL Server Data Framework Tools Star Wars: Knights of the Old Republic Steam Super Meat Boy Super Meat Boy Editor Super Meat Boy v1.5 Superbrothers: Sword & Sworcery EP System Requirements Lab Team Fortress 2 Team Fortress 2 Beta The Elder Scrolls IV: Oblivion The Longest Journey The Witcher 2: Assassins of Kings Enhanced Edition The Witcher: Enhanced Edition Visual Studio 2008 x64 Redistributables Visual Studio Extensions for Windows Library for JavaScript vs_devenv vs_devenvLP vs_minshellcore vs_minshellinterop vs_minshellres vslp_finalizer WCF RIA Services V1.0 SP2 Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Runtime Intellisense Content - English Windows Software Development Kit Windows Software Development Kit DirectX x86 Remote Windows Software Development Kit for Metro style Apps Windows Software Development Kit for Metro style Apps DirectX x86 Remote Windows Software Development Kit Redistributables WinRAR 4.01 (32-bit) Ys Origin Ys: The Oath in Felghana . ==== Event Viewer Messages From Past Week ======== . 7/20/2012 3:56:55 PM, Error: Service Control Manager [7023] - The Windows Defender service terminated with the following error: The specified module could not be found. 7/20/2012 3:55:53 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 7/20/2012 3:55:22 PM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. 7/19/2012 9:25:26 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the LogMeIn Hamachi Tunneling Engine service to connect. 7/19/2012 9:25:26 PM, Error: Service Control Manager [7000] - The LogMeIn Hamachi Tunneling Engine service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 7/19/2012 9:25:25 PM, Error: Service Control Manager [7030] - The LogMeIn Hamachi Tunneling Engine service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 7/19/2012 8:30:55 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect. 7/19/2012 8:30:55 PM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. . ==== End Of File ===========================
  7. If you don't mind, I would love to triple-check. I'll post again when I have everything, it may take some time since my PC has about 600k files. Regular scans usually take 2 and a half hours. Thank you for all of your help thus far.
  8. Thank you! Please, take all of the time you need.
  9. Sorry, I don't see an edit button and wanted to add something I had forgotten. When I first downloaded the bundle, it auto-installed a few things. One was one of those fake virus scan pop-ups (used task manager to close it) and I believe a toolbar. I uninstalled the toolbar but didn't see what made the fake antivirus run. The 3 infected files were in my program files under an uninstaller folder. MBAM removed the 3 and they haven't returned after ~6 reboots. My PC is running fine and there hasn't been anything out of the ordinary so far, though all I have been doing on it is running scans over and over.
  10. First of all, thank you very much. I just have one question, though I already feel much better about it. Was there nothing wrong with my DSS that you could tell? Basically, I've been up all night and are looking for a confirmation that I am indeed safe. (On a side note: is there any place to donate to mods? The service from all of the threads I've read has been fantastic and I'd like to support them!)
  11. Hello, please pardon my spelling or mistakes because I'm freaking out over this. My friend sent me a download link to a program called Hamachi that we were going to use to play a game. In his wisdom, he sent me the program from a 3rd party download site. Lo and behold, it had PUP.BundleInstaller.IB in it. I ran malwarebytes and avast all throughout the mornings, twice each, and deleted the 3 files that came up. Now it shows nothing infected on the scan. However, I decided now would be a good time to start my malwarebytes trial, and one of the first messages I see is: IP-BLOCK 109.163.226.198 (Type: outgoing, Port: 49902, Process: avastsvc.exe) 109.163.226.198 (Type: outgoing, Port: 49904, Process: avastsvc.exe) This computer means the world to me, so any help would be greatly appreciated. Here are my DDS logs: . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31 Run by Tony at 9:40:00 on 2012-07-20 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8190.6219 [GMT -4:00] . AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\SysWOW64\PnkBstrA.exe C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Windows\System32\TiltWheelMouse.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Users\Tony\AppData\Local\Akamai\netsession_win.exe C:\Users\Tony\AppData\Local\Akamai\netsession_win.exe C:\Windows\V0230Mon.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uInternet Settings,ProxyOverride = <local> uURLSearchHooks: H - No File mWinlogon: Userinit=userinit.exe, BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background uRun: [Akamai NetSession Interface] "C:\Users\Tony\AppData\Local\Akamai\netsession_win.exe" uRun: [PlayNC Launcher] uRun: [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe -silent mRun: [V0230Mon.exe] C:\Windows\V0230Mon.exe mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll Trusted Zone: clonewarsadventures.com Trusted Zone: freerealms.com Trusted Zone: soe.com Trusted Zone: sony.com DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/GAME_UNO1.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab TCP: DhcpNameServer = 71.252.0.12 68.237.161.12 TCP: Interfaces\{CE54720C-79E0-428A-A20A-6E94744A2A2B} : DhcpNameServer = 71.252.0.12 68.237.161.12 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll mRun-x64: [V0230Mon.exe] C:\Windows\V0230Mon.exe mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\kkhjfy9r.default\ FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Program Files\Microsoft\Web Platform Installer\NPWPIDetector.dll FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll FF - plugin: C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\kkhjfy9r.default\extensions\{cdf97ee2-ded0-4369-835e-99dd08225fa5}\plugins\np-mswmp.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll . ============= SERVICES / DRIVERS =============== . R1 aswKbd;aswKbd;C:\Windows\system32\drivers\aswKbd.sys --> C:\Windows\system32\drivers\aswKbd.sys [?] R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?] R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-4-4 63928] R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?] R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?] R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-7-7 44808] R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-2 655944] R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-3-2 1262400] R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-5-15 382272] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?] R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?] R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?] R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?] R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?] R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-1-30 103992] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-1-30 123960] S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-4-1 183560] S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;C:\Dragon Age\bin_ship\daupdatersvc.service.exe [2011-12-14 25832] S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840] S3 fussvc;Windows App Certification Kit Fast User Switching Utility Service;C:\Program Files\Windows Kits\8.0\App Certification Kit\fussvc.exe [2012-2-9 137728] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-25 113120] S3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des -service --> C:\Windows\system32\GameMon.des -service [?] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] S3 t_mouse.sys;iBall Advanced Mouse;C:\Windows\system32\DRIVERS\t_mouse.sys --> C:\Windows\system32\DRIVERS\t_mouse.sys [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 V0230Vfx;V0230Vfx;C:\Windows\system32\DRIVERS\V0230Vfx.sys --> C:\Windows\system32\DRIVERS\V0230Vfx.sys [?] S3 V0230VID;Live! Cam Video IM Pro;C:\Windows\system32\DRIVERS\V0230VID.sys --> C:\Windows\system32\DRIVERS\V0230VID.sys [?] S3 VSPerfDrv110;Performance Tools Driver 11.0;C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [2011-12-12 67920] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S3 xsherlock;xsherlock;C:\Windows\System32\xsherlock.xem [2012-2-16 670816] . =============== Created Last 30 ================ . 2012-07-20 13:29:15 -------- d-----w- C:\Program Files\CCleaner 2012-07-20 13:14:44 -------- d-----w- C:\Users\Tony\AppData\Local\{116E7E9E-037F-4DC6-8FD6-731952AAC6A3} 2012-07-20 13:14:19 -------- d-----w- C:\Users\Tony\AppData\Local\{3B3EC911-BC98-4C87-8DF3-0E787E3B67E8} 2012-07-20 10:12:38 9133488 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6964CD5C-4F56-4F7E-AAA1-7AA7147B0BCD}\mpengine.dll 2012-07-20 01:26:38 -------- d-----w- C:\ProgramData\IBUpdaterService 2012-07-20 01:26:36 -------- d-----w- C:\Users\Tony\AppData\Roaming\PerformerSoft 2012-07-20 01:26:35 19000 ----a-w- C:\Windows\System32\roboot64.exe 2012-07-20 01:26:28 -------- d-----w- C:\Users\Tony\AppData\Local\Conduit 2012-07-20 01:25:25 33856 ---ha-w- C:\Windows\System32\hamachi.sys 2012-07-20 00:21:54 -------- d-----w- C:\Users\Tony\AppData\Local\{9D9F8AD3-D537-4745-8B87-6CF09CF0306D} 2012-07-20 00:21:32 -------- d-----w- C:\Users\Tony\AppData\Local\{34F7AF3C-3653-42FC-A6C8-E76C25E009AA} 2012-07-19 23:40:23 -------- d-----w- C:\Users\Tony\AppData\Roaming\DarkBlood ServiceNa 2012-07-19 23:13:44 -------- d-----w- C:\Users\Tony\AppData\Roaming\The Longest Journey 2012-07-19 12:21:04 -------- d-----w- C:\Users\Tony\AppData\Local\{89498EA6-27AC-47CE-85C2-03AFD58939DF} 2012-07-19 12:20:50 -------- d-----w- C:\Users\Tony\AppData\Local\{C7B70C2A-508C-45F9-922A-1CF12CD9ADEF} 2012-07-18 23:45:55 -------- d-----w- C:\Users\Tony\AppData\Local\{980BB19C-0834-4455-B9A0-4812CD1928FC} 2012-07-18 23:45:33 -------- d-----w- C:\Users\Tony\AppData\Local\{64A0AB89-3148-4CBC-95EC-46846AC138FE} 2012-07-18 11:45:04 -------- d-----w- C:\Users\Tony\AppData\Local\{1503B39A-21F3-4E48-BAFA-4FE75FE1DDD2} 2012-07-18 11:44:50 -------- d-----w- C:\Users\Tony\AppData\Local\{BF9D981D-10AA-45A1-9000-95E401A1C3BF} 2012-07-17 23:34:58 -------- d-----w- C:\Users\Tony\AppData\Local\{CE2A3ABC-0F19-4899-B82F-D39304FDFC93} 2012-07-17 23:34:37 -------- d-----w- C:\Users\Tony\AppData\Local\{218E794A-9DEF-4D65-9444-749BA48CA2FC} 2012-07-17 11:34:10 -------- d-----w- C:\Users\Tony\AppData\Local\{405DA706-EAD5-46F1-AE5B-E0BD940DCA96} 2012-07-17 11:33:49 -------- d-----w- C:\Users\Tony\AppData\Local\{F737BB5B-66CF-4D41-BB36-1732158D6C5F} 2012-07-16 23:33:20 -------- d-----w- C:\Users\Tony\AppData\Local\{7EB75211-5E7C-4844-B87B-1A1ECC481CD1} 2012-07-16 23:33:06 -------- d-----w- C:\Users\Tony\AppData\Local\{3C8E0274-D489-4488-B052-D22637B1D9DA} 2012-07-16 11:06:07 -------- d-----w- C:\Users\Tony\AppData\Local\{6814C45F-BB7F-4129-95AD-85911DA34402} 2012-07-16 11:05:45 -------- d-----w- C:\Users\Tony\AppData\Local\{B318BA21-70A8-4A78-8671-FC717CDF243E} 2012-07-15 23:05:19 -------- d-----w- C:\Users\Tony\AppData\Local\{B48A91A0-B5BC-49BD-A506-DCCB9937C136} 2012-07-15 23:04:57 -------- d-----w- C:\Users\Tony\AppData\Local\{8DF2A8F3-4510-452E-8F87-D189888ECE12} 2012-07-15 11:04:30 -------- d-----w- C:\Users\Tony\AppData\Local\{3FD57636-688C-4BE1-B071-95E129A04A8A} 2012-07-15 11:04:09 -------- d-----w- C:\Users\Tony\AppData\Local\{6A9B86F4-8642-4A14-8420-2D899FCFF388} 2012-07-14 23:03:44 -------- d-----w- C:\Users\Tony\AppData\Local\{A2453E45-4E57-4288-980A-5CE7BD6AEA16} 2012-07-14 23:03:30 -------- d-----w- C:\Users\Tony\AppData\Local\{D44ED022-9115-41AF-8ED7-47FA0D092B81} 2012-07-14 10:28:41 -------- d-----w- C:\Users\Tony\AppData\Local\{DCAA5869-E4C0-4622-A50E-0A75B293DC64} 2012-07-14 10:28:27 -------- d-----w- C:\Users\Tony\AppData\Local\{FD76842D-4787-4F5A-8F65-A6910873ECDA} 2012-07-13 18:16:01 -------- d-----w- C:\Users\Tony\AppData\Local\{12BED4AC-DC1C-47CC-B6DC-7EC43498485A} 2012-07-13 18:15:40 -------- d-----w- C:\Users\Tony\AppData\Local\{24EBE26B-C9FF-470C-ADBB-D0C9897800B1} 2012-07-13 06:15:12 -------- d-----w- C:\Users\Tony\AppData\Local\{50E6BF8C-4193-453C-9C34-270F97D04CEE} 2012-07-13 06:15:01 -------- d-----w- C:\Users\Tony\AppData\Local\{DF55CCBE-8A89-4B36-B1B0-DA28BA9BE515} 2012-07-13 05:35:32 -------- d-----w- C:\Users\Tony\AppData\Local\The Witcher 2 2012-07-12 18:14:47 -------- d-----w- C:\Users\Tony\AppData\Local\{7EA7B2C8-D9E2-4DC6-8933-BEB929A6AE92} 2012-07-12 18:14:35 -------- d-----w- C:\Users\Tony\AppData\Local\{BD05DAA8-BD04-4568-8839-112D4813A603} 2012-07-12 05:07:03 -------- d-----w- C:\Users\Tony\AppData\Local\{EE32AD8F-8326-4884-BBA6-4028274D1524} 2012-07-12 05:06:50 -------- d-----w- C:\Users\Tony\AppData\Local\{9BC0FB43-7A8E-4834-9A97-579EE30ED92E} 2012-07-11 09:00:19 -------- d-----w- C:\Users\Tony\AppData\Local\{228D6466-BD90-4768-A444-296EB51C9B10} 2012-07-11 08:59:57 -------- d-----w- C:\Users\Tony\AppData\Local\{9F6DF3F8-9428-46BE-824E-E1400B84BFDE} 2012-07-11 07:03:48 3148800 ----a-w- C:\Windows\System32\win32k.sys 2012-07-11 07:01:01 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-07-11 07:01:01 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-07-11 07:01:00 548864 ----a-w- C:\Program Files\Internet Explorer\ieproxy.dll 2012-07-11 07:01:00 194560 ----a-w- C:\Program Files (x86)\Internet Explorer\ieproxy.dll 2012-07-11 07:01:00 174200 ----a-w- C:\Program Files\Internet Explorer\sqmapi.dll 2012-07-11 07:01:00 140920 ----a-w- C:\Program Files (x86)\Internet Explorer\sqmapi.dll 2012-07-11 05:02:48 2004480 ----a-w- C:\Windows\System32\msxml6.dll 2012-07-10 20:59:29 -------- d-----w- C:\Users\Tony\AppData\Local\{DF84BA96-3FF1-4A9D-A9CF-AEA3D4C18D11} 2012-07-10 20:59:14 -------- d-----w- C:\Users\Tony\AppData\Local\{05F0DCFA-74AE-437C-A88D-65552354EC66} 2012-07-10 06:20:08 -------- d-----w- C:\Users\Tony\AppData\Local\{E4ED4F13-6D06-453A-8F7A-5D5AD21BAB3F} 2012-07-10 06:19:54 -------- d-----w- C:\Users\Tony\AppData\Local\{36E92CC4-DE22-4BEB-8435-BFAAD7E9B29E} 2012-07-09 03:16:08 -------- d-----w- C:\Users\Tony\AppData\Local\{897E9C4D-BEEC-449A-836D-DE50B95C40A1} 2012-07-09 03:15:54 -------- d-----w- C:\Users\Tony\AppData\Local\{D1FB75ED-EDF7-412E-9A35-7BC41CBE5AFD} 2012-07-08 02:47:45 -------- d-----w- C:\Users\Tony\AppData\Local\{13C2E156-E5A7-44F8-AA91-3E771D707C29} 2012-07-08 02:47:30 -------- d-----w- C:\Users\Tony\AppData\Local\{44A302C9-22E9-4626-8D31-AB1B2F49F3B7} 2012-07-07 06:27:17 -------- d-----w- C:\Users\Tony\AppData\Local\{3649EE66-CC41-4499-8FA4-29086DEC95B3} 2012-07-07 06:27:04 -------- d-----w- C:\Users\Tony\AppData\Local\{4047E082-FDF7-44DB-9981-B76458BE46CA} 2012-07-06 14:17:39 -------- d-----w- C:\Users\Tony\AppData\Local\{A8ED024C-57A9-40F3-A2B3-C2A09E5AF7CD} 2012-07-06 14:17:25 -------- d-----w- C:\Users\Tony\AppData\Local\{C06DE5BC-92C2-487E-871A-8B5EB3610523} 2012-07-06 00:13:16 -------- d-----w- C:\Users\Tony\AppData\Local\{8B566AAF-B066-4D34-95DD-AF223C7AED3B} 2012-07-06 00:12:54 -------- d-----w- C:\Users\Tony\AppData\Local\{EE9111EC-182C-4B1F-9FCF-F4AC63022E2F} 2012-07-05 12:12:27 -------- d-----w- C:\Users\Tony\AppData\Local\{E47C12B4-DC8D-4EBA-AE9D-EBD48BB8B763} 2012-07-05 12:12:15 -------- d-----w- C:\Users\Tony\AppData\Local\{334CFD69-DE6D-4F18-A36B-CB1167FD1134} 2012-07-05 00:03:08 -------- d-----w- C:\Users\Tony\AppData\Local\{44558F05-7575-494E-AEE1-3E00E85DFB45} 2012-07-05 00:02:56 -------- d-----w- C:\Users\Tony\AppData\Local\{0CE083C2-4C79-46B6-8BCE-892F09E911A1} 2012-07-04 11:26:38 -------- d-----w- C:\Users\Tony\AppData\Local\{12940342-24EC-49A1-8E6E-2252A2BDED81} 2012-07-04 11:26:27 -------- d-----w- C:\Users\Tony\AppData\Local\{1829BF3F-DF49-4C8C-8D3B-1B3E6E3FF229} 2012-07-03 23:26:13 -------- d-----w- C:\Users\Tony\AppData\Local\{391607C5-7B15-4BAE-9E0F-B7E49619FC36} 2012-07-03 23:26:02 -------- d-----w- C:\Users\Tony\AppData\Local\{41A71E11-8AD4-469F-8FE7-E05860E569BE} 2012-07-03 00:12:28 -------- d-----w- C:\Users\Tony\AppData\Local\{1089A5E7-506A-4C4B-A489-AAC122F3B8FC} 2012-07-03 00:12:06 -------- d-----w- C:\Users\Tony\AppData\Local\{580E2F9A-DB41-4D89-B7FF-280F6FD81713} 2012-07-02 12:11:39 -------- d-----w- C:\Users\Tony\AppData\Local\{0CFBAB93-CA6B-42E5-A16C-A09EB12780EE} 2012-07-02 12:11:28 -------- d-----w- C:\Users\Tony\AppData\Local\{EB9BBA69-50C3-47F6-AB68-813214A0C657} 2012-07-01 23:35:20 -------- d-----w- C:\Users\Tony\AppData\Local\{2C62C2B4-F487-4BF4-A060-10873FBE3D86} 2012-07-01 23:35:09 -------- d-----w- C:\Users\Tony\AppData\Local\{B5C992D2-61C9-4C04-B427-AB6D61A4FEB1} 2012-07-01 10:23:22 -------- d-----w- C:\Users\Tony\AppData\Local\{4241E990-1E52-4D38-A8B4-653DCA34AAFE} 2012-07-01 10:23:11 -------- d-----w- C:\Users\Tony\AppData\Local\{7E6712E8-E79C-4EA4-AAD1-B2B38E543673} 2012-06-30 22:22:57 -------- d-----w- C:\Users\Tony\AppData\Local\{692675A0-4AC7-482E-A3CC-FBD76AB7ADC1} 2012-06-30 22:22:35 -------- d-----w- C:\Users\Tony\AppData\Local\{7B480F52-4F9D-45FB-80D1-21E3F3CD89E8} 2012-06-30 10:22:08 -------- d-----w- C:\Users\Tony\AppData\Local\{6FD12361-2475-4161-A377-52FCBDAEAA40} 2012-06-30 10:21:47 -------- d-----w- C:\Users\Tony\AppData\Local\{AB2DF52B-0532-497E-8321-A3CCB426FADB} 2012-06-29 22:21:08 -------- d-----w- C:\Users\Tony\AppData\Local\{CC516D86-18BD-440E-B8E9-BAF64365AF08} 2012-06-29 22:20:57 -------- d-----w- C:\Users\Tony\AppData\Local\{AF9E203A-7661-4D11-9C5F-4939C00D84FF} 2012-06-29 10:10:38 -------- d-----w- C:\Users\Tony\AppData\Local\{4EFF5F8A-691A-4E3F-BF46-F6BAAED850EE} 2012-06-29 10:10:16 -------- d-----w- C:\Users\Tony\AppData\Local\{0A45F6E2-A985-43C6-B76C-25FCF89ADFFE} 2012-06-28 22:09:49 -------- d-----w- C:\Users\Tony\AppData\Local\{2CD42968-21E1-486D-AF46-77C5A7A63DA4} 2012-06-28 22:09:28 -------- d-----w- C:\Users\Tony\AppData\Local\{27D2CD79-8F68-49AA-873D-E4F18D8155FB} 2012-06-28 10:08:57 -------- d-----w- C:\Users\Tony\AppData\Local\{389ACBAC-F534-472B-BDE2-B6C6F7BCBA9B} 2012-06-28 10:08:45 -------- d-----w- C:\Users\Tony\AppData\Local\{5D9A934A-E6B5-4524-84B8-21DD1D54AF7B} 2012-06-28 08:20:13 -------- d-----w- C:\Riot Games 2012-06-27 22:08:31 -------- d-----w- C:\Users\Tony\AppData\Local\{B9EE826B-1889-463F-BE16-22B8BED75569} 2012-06-27 22:08:20 -------- d-----w- C:\Users\Tony\AppData\Local\{38D22F36-3B25-48E3-8827-65AE1E4B4D4F} 2012-06-27 09:32:42 -------- d-----w- C:\Users\Tony\AppData\Local\{01ABFF10-98FE-4714-ADE4-284F1EA7D393} 2012-06-27 09:32:31 -------- d-----w- C:\Users\Tony\AppData\Local\{9483900A-5FBA-49B7-A87C-2DC5D0BD9C45} 2012-06-26 21:32:06 -------- d-----w- C:\Users\Tony\AppData\Local\{E21F0852-B0BA-4FAE-A9FD-B1A78FB5C7A6} 2012-06-26 21:31:55 -------- d-----w- C:\Users\Tony\AppData\Local\{C9186796-BEE9-4FF8-8FBE-BC83FC382ED7} 2012-06-26 01:45:21 -------- d-----w- C:\Program Files (x86)\Overwolf 2012-06-26 01:44:07 -------- d-----w- C:\Users\Tony\AppData\Local\Overwolf 2012-06-26 00:57:40 -------- d-----w- C:\Crash 2012-06-25 23:38:35 -------- d-----w- C:\Users\Tony\AppData\Local\{3BEDC289-1D71-4712-AEF6-BA732F42A078} 2012-06-25 23:38:24 -------- d-----w- C:\Users\Tony\AppData\Local\{DA0A1890-BE56-4D9D-83AE-F72322F85339} 2012-06-25 10:04:40 -------- d-----w- C:\Users\Tony\AppData\Local\{E0D7777D-672C-47C0-B172-825E9859ED85} 2012-06-25 10:04:29 -------- d-----w- C:\Users\Tony\AppData\Local\{95258123-82BE-4B29-8A23-D53787D68605} 2012-06-24 22:04:14 -------- d-----w- C:\Users\Tony\AppData\Local\{9FEF8B95-941A-4E3B-A9EA-D1EED14AEB24} 2012-06-24 22:03:52 -------- d-----w- C:\Users\Tony\AppData\Local\{E418C0AE-9F42-49C0-8769-AE3159019060} 2012-06-24 10:03:26 -------- d-----w- C:\Users\Tony\AppData\Local\{A15CDE81-EC01-432D-B17C-2C7A0415494A} 2012-06-24 10:03:04 -------- d-----w- C:\Users\Tony\AppData\Local\{50D32FEF-FB35-4BBA-B1C5-0A0EDDC12BB6} 2012-06-23 22:02:37 -------- d-----w- C:\Users\Tony\AppData\Local\{9D40A00F-726F-4EFB-AC4F-3EC123FC6DC5} 2012-06-23 22:02:26 -------- d-----w- C:\Users\Tony\AppData\Local\{654138BB-A460-4F2F-84DF-27342B85E1EA} 2012-06-23 08:41:37 -------- d-----w- C:\Users\Tony\AppData\Local\{BB73F0FF-1C5B-4468-89C0-66D7821A31F4} 2012-06-23 08:41:21 -------- d-----w- C:\Users\Tony\AppData\Local\{F3F7CA6C-9272-4F83-AB1C-BEF8BDD18B28} 2012-06-22 19:42:49 -------- d-----w- C:\Users\Tony\AppData\Local\{4668AF11-7CFE-4CEF-8BF2-50325A0030CD} 2012-06-22 19:42:38 -------- d-----w- C:\Users\Tony\AppData\Local\{B9010A6E-C94F-45F0-AA9C-3DFCF38D4CB1} 2012-06-22 07:08:12 -------- d-----w- C:\Users\Tony\AppData\Local\{51998428-77DF-4D21-96CB-BBA9DC3315A9} 2012-06-22 07:07:50 -------- d-----w- C:\Users\Tony\AppData\Local\{99C99B1F-B3A9-41B6-986F-5ECFFB4CE4EB} 2012-06-21 20:16:42 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-06-21 20:16:20 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-06-21 20:16:07 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-06-21 20:16:07 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2012-06-21 19:07:23 -------- d-----w- C:\Users\Tony\AppData\Local\{1CAEC517-8DE6-4980-A0DE-FA5A1577B114} 2012-06-21 19:07:01 -------- d-----w- C:\Users\Tony\AppData\Local\{17F774D2-DB41-4CE2-A8CC-FE8DDED54D37} 2012-06-21 07:06:34 -------- d-----w- C:\Users\Tony\AppData\Local\{16B36269-10D0-4226-B6BC-E9B722BA3FEF} 2012-06-21 07:06:13 -------- d-----w- C:\Users\Tony\AppData\Local\{90010EB7-51AE-42FA-97A2-5A3504944AAF} 2012-06-20 19:05:42 -------- d-----w- C:\Users\Tony\AppData\Local\{CD3105A5-1DCE-4E9E-9229-22B1F9EB76F9} 2012-06-20 19:05:30 -------- d-----w- C:\Users\Tony\AppData\Local\{7FBD17BD-6229-46E4-8462-7F9C64C01652} . ==================== Find3M ==================== . 2012-07-18 17:16:57 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-07-18 17:16:57 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-07-03 17:46:44 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-07-03 16:21:52 958400 ----a-w- C:\Windows\System32\drivers\aswSnx.sys 2012-07-03 16:21:52 71064 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys 2012-07-03 16:21:52 54072 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys 2012-07-03 16:21:32 41224 ----a-w- C:\Windows\avastSS.scr 2012-06-20 15:28:03 4145600 ----a-w- C:\Windows\SysWow64\GameMon.des 2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll 2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll 2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll 2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll 2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll 2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll 2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys 2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll 2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll 2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll 2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll 2012-05-31 16:25:12 279656 ------w- C:\Windows\System32\MpSigStub.exe 2012-05-15 09:29:47 889664 ----a-w- C:\Windows\System32\nvvsvc.exe 2012-05-15 09:29:46 63296 ----a-w- C:\Windows\System32\nvshext.dll 2012-05-15 09:29:46 118080 ----a-w- C:\Windows\System32\nvmctray.dll 2012-05-15 09:29:45 2621723 ----a-w- C:\Windows\System32\nvcoproc.bin 2012-05-15 09:29:25 3149632 ----a-w- C:\Windows\System32\nvsvc64.dll 2012-05-15 09:28:42 6151488 ----a-w- C:\Windows\System32\nvcpl.dll 2012-05-15 06:21:50 423744 ----a-w- C:\Windows\SysWow64\nvStreaming.exe 2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll 2012-04-30 18:54:27 670816 ----a-w- C:\Windows\SysWow64\xsherlock.xem 2012-04-28 03:55:21 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2012-04-26 05:41:56 77312 ----a-w- C:\Windows\System32\rdpwsx.dll 2012-04-26 05:41:55 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll 2012-04-26 05:34:27 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe 2012-04-24 05:37:37 184320 ----a-w- C:\Windows\System32\cryptsvc.dll 2012-04-24 05:37:37 140288 ----a-w- C:\Windows\System32\cryptnet.dll 2012-04-24 05:37:36 1462272 ----a-w- C:\Windows\System32\crypt32.dll 2012-04-24 04:36:42 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2012-04-24 04:36:42 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll 2012-04-24 04:36:42 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll . ============= FINISH: 9:41:50.78 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 12/2/2011 4:04:38 PM System Uptime: 7/20/2012 9:12:39 AM (0 hours ago) . Motherboard: Gigabyte Technology Co., Ltd. | | M68MT-S2 Processor: AMD Phenom II X6 1100T Processor | Socket M2 | 3300/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 931 GiB total, 546.828 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP182: 7/17/2012 5:41:15 AM - Windows Update RP183: 7/19/2012 7:34:09 PM - Installed DarkBloodOnline RP184: 7/19/2012 9:24:21 PM - Installed LogMeIn Hamachi RP185: 7/19/2012 9:33:13 PM - Removed LogMeIn Hamachi RP186: 7/19/2012 9:35:45 PM - Removed DarkBloodOnline RP187: 7/20/2012 6:12:11 AM - Windows Update . ==== Installed Programs ====================== . Adobe AIR Adobe Flash Player 11 Plugin Adobe Reader X (10.1.3) Aion Akamai NetSession Interface Alien Swarm Amnesia - The Dark Descent Amnesia: The Dark Descent Apple Application Support avast! Free Antivirus Baldur's Gate Baldur's Gate Tutu Baldur's Gate II - Throne of Bhaal Bandisoft MPEG-1 Decoder Bastion Batman: Arkham Asylum GOTY Edition Bing Bar BioShock BioShock 2 Borderlands Braid Braid (Version 1.015) Breath of Death VII Cthulhu Saves the World D3DX10 DC Universe Online Live Deus Ex: Human Revolution Dotfuscator and Analytics Community Edition Dragon Age Redesigned© Dragon Age: Origins Dungeon Defenders E.Y.E: Divine Cybermancy EA Installer EA Shared Game Component: Activation Fable - The Lost Chapters Fallout Fallout 2 Fallout 3 - Game of the Year Edition Fallout 3 - The Garden of Eden Creation Kit Fallout 3 - Unofficial Fallout 3 Patch Fallout Mod Manager 0.13.21 FINAL FANTASY XI FINAL FANTASY XI: Chains of Promathia FINAL FANTASY XI: Rise of the Zilart FINAL FANTASY XI: Treasures of Aht Urhgan FINAL FANTASY XI: Wings of the Goddess FINAL FANTASY XIV Fraps Half-Life 2 Half-Life 2: Episode One Half-Life 2: Episode Two Half-Life 2: Lost Coast IIS 7.5 Express ImgBurn Java Auto Updater Java 6 Update 31 Junk Mail filter update League of Legends Left 4 Dead 2 LIMBO LocalESPC LocalESPCui for en-us Lone Survivor Magic ISO Maker v5.5 (build 0281) Malwarebytes Anti-Malware version 1.62.0.1300 Microsoft .NET Framework 4 Multi-Targeting Pack Microsoft .NET Framework 4.5 Beta Multi-Targeting Pack Microsoft .NET Framework 4.5 Beta SDK Microsoft ASP.NET MVC 3 Microsoft ASP.NET MVC 3 - Visual Studio 11 Tools Update Microsoft ASP.NET MVC 4 Microsoft ASP.NET MVC 4 - Visual Studio 11 Tools Microsoft ASP.NET Web Pages Microsoft ASP.NET Web Pages - Visual Studio 11 Tools Microsoft ASP.NET Web Pages 2 Microsoft ASP.NET Web Pages 2 - Visual Studio 11 Tools Microsoft Blend for Visual Studio Microsoft Blend for Visual Studio ENU resources Microsoft Expression Encoder 4 Screen Capture Codec Microsoft Games for Windows - LIVE Microsoft Games for Windows - LIVE Redistributable Microsoft Help Viewer 2.0 Beta Microsoft Office 2010 Microsoft Office Click-to-Run 2010 Microsoft Office Starter 2010 - English Microsoft Portable Library Multi-Targeting Pack Microsoft Portable Library Multi-Targeting Pack Language Pack - enu Microsoft Report Viewer Add-On for Visual Studio 11 - Beta Microsoft Silverlight 4 SDK Microsoft Silverlight 5 SDK Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server 2012 Data-Tier App Framework Microsoft SQL Server 2012 Management Objects RC0 Microsoft SQL Server 2012 T-SQL Language Service RC0 Microsoft SQL Server Data Tools Build Utilities Mar 2012 Microsoft SQL Server Database Publishing Wizard 1.4 Microsoft System CLR Types for SQL Server 2012 RC0 Microsoft Visual C++ 11 x86 Additional Runtime - 11.0.50214 Microsoft Visual C++ 11 x86 Debug Runtime - 11.0.50214 Microsoft Visual C++ 11 x86 Minimum Runtime - 11.0.50214 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ Compilers 11 Microsoft Visual C++ Compilers 11 - ENU Resources Microsoft Visual C++ Core Libraries 11 Microsoft Visual C++ Extended Libraries 11 Microsoft Visual C++ Microsoft Foundation Class Libraries 11 Microsoft Visual Studio 11 Beta Tools for .Net 3.5 Microsoft Visual Studio 11 Developer Preview Language Pack - ENU Microsoft Visual Studio 11 Developer Preview Pre-Clean Tool Microsoft Visual Studio 11 LightSwitch Beta Core Microsoft Visual Studio 11 LightSwitch Beta CoreRes - ENU Microsoft Visual Studio 11 Professional Beta Microsoft Visual Studio 11 Professional Beta - ENU Microsoft Visual Studio 11 SharePoint Developer Tools Beta Microsoft Visual Studio 11 SharePoint Developer Tools Beta enu Language Pack Microsoft Visual Studio 11 Tools for SQL Server Compact 4.0 SP1 Beta ENU Microsoft Visual Studio 11 Ultimate Beta XAML UI Designer Core Microsoft Visual Studio 11 Ultimate Beta XAML UI Designer enu Resources Microsoft Visual Studio Team Foundation Server 11 Beta Team Explorer Microsoft Visual Studio Team Foundation Server 11 Beta Team Explorer Language Pack - ENU Microsoft Web Deploy dbSqlPackage Provider Nov 2011 Microsoft Web Tooling Extensions - Visual Studio 11 Microsoft XNA Framework Redistributable 3.1 Microsoft XNA Framework Redistributable 4.0 Microsoft® SQL Server Data Tools, RC0 - enu Mozilla Firefox 14.0.1 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 NCsoft Launcher Nexon Game Manager NVIDIA 3D Vision Controller Driver NVIDIA PhysX NVIDIA Stereoscopic 3D Driver Pando Media Booster PCSX2 - Playstation 2 Emulator PHANTASY STAR ONLINE 2 Planescape Torment PlayOnline Viewer & Tetra Master Portal Portal 2 PreEmptive Analytics Visual Studio Components Prerequisites for SSDT RC0 professional_finalizer Psychonauts PunkBuster Services QuickTime Realtek High Definition Audio Driver Sanctum Security Update for Microsoft .NET Framework 4.5 Beta (KB2686838) Skype™ 4.2 SpeedFan (remove only) SQL Server Data Framework Tools Star Wars: Knights of the Old Republic Steam Super Meat Boy Super Meat Boy Editor Super Meat Boy v1.5 Superbrothers: Sword & Sworcery EP System Requirements Lab Team Fortress 2 Team Fortress 2 Beta The Elder Scrolls IV: Oblivion The Longest Journey The Witcher 2: Assassins of Kings Enhanced Edition The Witcher: Enhanced Edition Visual Studio 2008 x64 Redistributables Visual Studio Extensions for Windows Library for JavaScript vs_devenv vs_devenvLP vs_minshellcore vs_minshellinterop vs_minshellres vslp_finalizer WCF RIA Services V1.0 SP2 Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Runtime Intellisense Content - English Windows Software Development Kit Windows Software Development Kit DirectX x86 Remote Windows Software Development Kit for Metro style Apps Windows Software Development Kit for Metro style Apps DirectX x86 Remote Windows Software Development Kit Redistributables WinRAR 4.01 (32-bit) Ys Origin Ys: The Oath in Felghana . ==== Event Viewer Messages From Past Week ======== . 7/19/2012 9:25:26 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the LogMeIn Hamachi Tunneling Engine service to connect. 7/19/2012 9:25:26 PM, Error: Service Control Manager [7000] - The LogMeIn Hamachi Tunneling Engine service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 7/19/2012 9:25:25 PM, Error: Service Control Manager [7030] - The LogMeIn Hamachi Tunneling Engine service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 7/19/2012 8:30:55 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect. 7/19/2012 8:30:55 PM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. . ==== End Of File ===========================